Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37332e302f32342d3234203d3e203137343531.roa
File:                     3131382e39392e37332e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          R8pAmCWeuOp+GUYDS1j0Y29vVE/fu1HklKwHkuWAKCg=
Subject key identifier:   FC:AC:E9:B4:E5:9D:4F:B3:4B:BF:89:6C:C6:E7:33:D3:6A:1A:07:E6
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       14AB1B97EDEFB34AAEC2E1319E607ECE41E7AEA7
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37332e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:35 +0000
ROA not before:           Wed 29 Sep 2021 23:55:35 +0000
ROA not after:            Fri 30 Sep 2022 00:00:35 +0000
asID:                     17451
IP address blocks:        118.99.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:ab:1b:97:ed:ef:b3:4a:ae:c2:e1:31:9e:60:7e:ce:41:e7:ae:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:35 2021 GMT
            Not After : Sep 30 00:00:35 2022 GMT
        Subject: CN=3082010A0282010100C21450B17D9B9F7DB492DA38351CC023634E3E659365BFF538BB90DA456679445B46BBCA4EDB2B585C7E4C52F5E718D9ACF500D663D1C04309797BC1A320C0A77846688C836D83E1CFADAD307D7DC455E16449FA4ED9FF76306B08E57AC0889517F07339D4B5E21C0D76C425EE8E3BB19AF5EDE681A904D4C527B06CA41C0EDF551C494C548F2B555D19426ED7AA7894684EE032059219765BA661A317CC2CA5BC36889EDBAA9A42D0ADD4338A1F9CD15C12A31D70E0F6C6CFA2ED0104B11307CA03955BC0F6E8F37856013F6788D4E651F32941C8B8A5BDCAA445A96C8FB0E58E5B3E328BDE334163CA8E7DB9C8C1E53808E034591E0C62160442EDC2D8BEA30203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:14:50:b1:7d:9b:9f:7d:b4:92:da:38:35:1c:
                    c0:23:63:4e:3e:65:93:65:bf:f5:38:bb:90:da:45:
                    66:79:44:5b:46:bb:ca:4e:db:2b:58:5c:7e:4c:52:
                    f5:e7:18:d9:ac:f5:00:d6:63:d1:c0:43:09:79:7b:
                    c1:a3:20:c0:a7:78:46:68:8c:83:6d:83:e1:cf:ad:
                    ad:30:7d:7d:c4:55:e1:64:49:fa:4e:d9:ff:76:30:
                    6b:08:e5:7a:c0:88:95:17:f0:73:39:d4:b5:e2:1c:
                    0d:76:c4:25:ee:8e:3b:b1:9a:f5:ed:e6:81:a9:04:
                    d4:c5:27:b0:6c:a4:1c:0e:df:55:1c:49:4c:54:8f:
                    2b:55:5d:19:42:6e:d7:aa:78:94:68:4e:e0:32:05:
                    92:19:76:5b:a6:61:a3:17:cc:2c:a5:bc:36:88:9e:
                    db:aa:9a:42:d0:ad:d4:33:8a:1f:9c:d1:5c:12:a3:
                    1d:70:e0:f6:c6:cf:a2:ed:01:04:b1:13:07:ca:03:
                    95:5b:c0:f6:e8:f3:78:56:01:3f:67:88:d4:e6:51:
                    f3:29:41:c8:b8:a5:bd:ca:a4:45:a9:6c:8f:b0:e5:
                    8e:5b:3e:32:8b:de:33:41:63:ca:8e:7d:b9:c8:c1:
                    e5:38:08:e0:34:59:1e:0c:62:16:04:42:ed:c2:d8:
                    be:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:AC:E9:B4:E5:9D:4F:B3:4B:BF:89:6C:C6:E7:33:D3:6A:1A:07:E6
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37332e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.99.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:69:9e:81:eb:39:2b:b4:8a:de:50:b3:08:a0:d1:6f:67:89:
         27:27:ad:fa:ed:44:54:08:b7:69:8c:a0:05:66:0d:45:de:9c:
         5c:49:86:8b:e8:dc:03:72:36:9e:a9:64:e0:7e:11:37:f3:cf:
         46:6f:f7:f5:d3:c9:8a:49:95:74:de:58:dd:62:e5:c9:c0:7d:
         a7:fa:f3:c3:19:ab:f3:91:e8:63:ea:9e:9d:be:7e:c2:3f:57:
         d7:de:9c:9c:a0:55:1b:6e:0b:ab:86:33:75:31:e4:c8:3b:e8:
         eb:48:75:49:7b:37:3f:bc:21:08:8e:24:72:b0:f3:38:ac:14:
         fd:82:4d:73:bc:40:0e:00:11:9b:d7:2c:3a:31:ef:5f:0e:ec:
         40:8f:51:55:c4:01:24:4b:be:d8:5b:c5:c4:75:28:4b:62:cc:
         84:46:af:a7:32:94:de:93:88:8d:35:51:cd:ed:b7:f3:92:28:
         cd:23:0d:4d:80:a8:74:a4:43:95:8f:5f:ef:f3:9c:e1:d2:28:
         d7:63:b7:7c:80:b3:93:7d:bc:39:80:29:ef:a0:a4:01:75:e0:
         4c:00:8e:2c:b4:cd:33:e3:39:14:ca:16:fe:e9:8e:01:2c:5d:
         1c:3f:bd:47:b9:4d:47:63:86:d3:cc:1c:f2:2c:01:52:dc:b8:
         a6:1d:69:f2
-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgIUFKsbl+3vs0quwuExnmB+zkHnrqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzVaFw0yMjA5MzAwMDAwMzVaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzIxNDUwQjE3RDlCOUY3REI0
OTJEQTM4MzUxQ0MwMjM2MzRFM0U2NTkzNjVCRkY1MzhCQjkwREE0NTY2Nzk0NDVC
NDZCQkNBNEVEQjJCNTg1QzdFNEM1MkY1RTcxOEQ5QUNGNTAwRDY2M0QxQzA0MzA5
Nzk3QkMxQTMyMEMwQTc3ODQ2Njg4QzgzNkQ4M0UxQ0ZBREFEMzA3RDdEQzQ1NUUx
NjQ0OUZBNEVEOUZGNzYzMDZCMDhFNTdBQzA4ODk1MTdGMDczMzlENEI1RTIxQzBE
NzZDNDI1RUU4RTNCQjE5QUY1RURFNjgxQTkwNEQ0QzUyN0IwNkNBNDFDMEVERjU1
MUM0OTRDNTQ4RjJCNTU1RDE5NDI2RUQ3QUE3ODk0Njg0RUUwMzIwNTkyMTk3NjVC
QTY2MUEzMTdDQzJDQTVCQzM2ODg5RURCQUE5QTQyRDBBREQ0MzM4QTFGOUNEMTVD
MTJBMzFENzBFMEY2QzZDRkEyRUQwMTA0QjExMzA3Q0EwMzk1NUJDMEY2RThGMzc4
NTYwMTNGNjc4OEQ0RTY1MUYzMjk0MUM4QjhBNUJEQ0FBNDQ1QTk2QzhGQjBFNThF
NUIzRTMyOEJERTMzNDE2M0NBOEU3REI5QzhDMUU1MzgwOEUwMzQ1OTFFMEM2MjE2
MDQ0MkVEQzJEOEJFQTMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwhRQsX2bn320kto4NRzAI2NOPmWTZb/1OLuQ2kVmeURbRrvKTtsr
WFx+TFL15xjZrPUA1mPRwEMJeXvBoyDAp3hGaIyDbYPhz62tMH19xFXhZEn6Ttn/
djBrCOV6wIiVF/BzOdS14hwNdsQl7o47sZr17eaBqQTUxSewbKQcDt9VHElMVI8r
VV0ZQm7XqniUaE7gMgWSGXZbpmGjF8wspbw2iJ7bqppC0K3UM4ofnNFcEqMdcOD2
xs+i7QEEsRMHygOVW8D26PN4VgE/Z4jU5lHzKUHIuKW9yqRFqWyPsOWOWz4yi94z
QWPKjn25yMHlOAjgNFkeDGIWBELtwti+owIDAQABo4ICMDCCAiwwHQYDVR0OBBYE
FPys6bTlnU+zS7+JbMbnM9NqGgfmMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGgBggrBgEFBQcB
CwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzgyZTM5MzkyZTM3MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM3MzQz
NTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAdmNJMA0GCSqGSIb3DQEBCwUAA4IBAQBbaZ6B6zkrtIre
ULMIoNFvZ4knJ6367URUCLdpjKAFZg1F3pxcSYaL6NwDcjaeqWTgfhE3889Gb/f1
08mKSZV03ljdYuXJwH2n+vPDGavzkehj6p6dvn7CP1fX3pycoFUbbgurhjN1MeTI
O+jrSHVJezc/vCEIjiRysPM4rBT9gk1zvEAOABGb1yw6Me9fDuxAj1FVxAEkS77Y
W8XEdShLYsyERq+nMpTek4iNNVHN7bfzkijNIw1NgKh0pEOVj1/v85zh0ijXY7d8
gLOTfbw5gCnvoKQBdeBMAI4stM0z4zkUyhb+6Y4BLF0cP71HuU1HY4bTzBzyLAFS
3LimHWny
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org