Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e39382e302f32332d3233203d3e203137343531.roa
File:                     3131382e39392e39382e302f32332d3233203d3e203137343531.roa (raw, json)
Hash identifier:          dyMDChsxKE5hCHzRnTW76CA0KsOBOV3BAsBZa60ESyY=
Subject key identifier:   AB:E8:38:8D:57:24:F4:9B:EA:FC:AD:9B:47:D9:C8:18:EA:68:5E:F6
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       5383571345674DBF5837E00E3B8FAE6782E8229B
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e39382e302f32332d3233203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:09 +0000
ROA not before:           Wed 29 Sep 2021 23:56:09 +0000
ROA not after:            Fri 30 Sep 2022 00:01:09 +0000
asID:                     17451
IP address blocks:        118.99.98.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:83:57:13:45:67:4d:bf:58:37:e0:0e:3b:8f:ae:67:82:e8:22:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:09 2021 GMT
            Not After : Sep 30 00:01:09 2022 GMT
        Subject: CN=3082010A0282010100D05EC0F02EB2DF48E9F19FB83B864A1E2C01CF97EF75DDF514FF972515274742D4714DBD415683950D8F07D15A0125C6325D5C542EB371912D796D464379A6E38DC96022DCE35F9D24D266A0C64A21824B8E99AD5C3AA2D8EB1A96E92CEA528E1DAC638F441D7C7EE4BE16BFDFFD7FE9BDF55D59A642EEBF10E1C9AB0CA71D6DCE49382A2A411198B70DBC8552CD23BB08372EF20484EC0F9FD7B8ED4B996B70A57BAE1F91142E24AC92C3254C2E1A3029FCB1D5F53BC1AF8EBFC93BB7E582E0A2BB84D0F6F08A007661A544C019F52EDF5D673CB0CBF08B31AD410E1577861523A669591DEDB47C3CB2862F5FF66B3CDFFF2ED46E5D23F9D6B82C441CA31CD10203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:5e:c0:f0:2e:b2:df:48:e9:f1:9f:b8:3b:86:
                    4a:1e:2c:01:cf:97:ef:75:dd:f5:14:ff:97:25:15:
                    27:47:42:d4:71:4d:bd:41:56:83:95:0d:8f:07:d1:
                    5a:01:25:c6:32:5d:5c:54:2e:b3:71:91:2d:79:6d:
                    46:43:79:a6:e3:8d:c9:60:22:dc:e3:5f:9d:24:d2:
                    66:a0:c6:4a:21:82:4b:8e:99:ad:5c:3a:a2:d8:eb:
                    1a:96:e9:2c:ea:52:8e:1d:ac:63:8f:44:1d:7c:7e:
                    e4:be:16:bf:df:fd:7f:e9:bd:f5:5d:59:a6:42:ee:
                    bf:10:e1:c9:ab:0c:a7:1d:6d:ce:49:38:2a:2a:41:
                    11:98:b7:0d:bc:85:52:cd:23:bb:08:37:2e:f2:04:
                    84:ec:0f:9f:d7:b8:ed:4b:99:6b:70:a5:7b:ae:1f:
                    91:14:2e:24:ac:92:c3:25:4c:2e:1a:30:29:fc:b1:
                    d5:f5:3b:c1:af:8e:bf:c9:3b:b7:e5:82:e0:a2:bb:
                    84:d0:f6:f0:8a:00:76:61:a5:44:c0:19:f5:2e:df:
                    5d:67:3c:b0:cb:f0:8b:31:ad:41:0e:15:77:86:15:
                    23:a6:69:59:1d:ed:b4:7c:3c:b2:86:2f:5f:f6:6b:
                    3c:df:ff:2e:d4:6e:5d:23:f9:d6:b8:2c:44:1c:a3:
                    1c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:E8:38:8D:57:24:F4:9B:EA:FC:AD:9B:47:D9:C8:18:EA:68:5E:F6
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e39382e302f32332d3233203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.99.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         29:db:fa:9a:f3:d8:08:57:e4:4a:cb:3f:bf:2c:af:e7:be:b2:
         5f:80:89:ad:e0:33:5d:60:d7:8f:71:b9:be:d3:eb:aa:15:47:
         bc:33:12:db:9b:0c:a0:bd:4a:73:07:f2:98:af:ba:c7:c8:ac:
         34:fc:ec:9d:f4:3a:05:48:ad:10:51:50:07:2d:7d:59:7d:df:
         05:80:d1:66:25:aa:9b:31:35:58:e2:b4:b3:25:7b:dc:97:3e:
         72:11:35:d4:e0:c3:33:4e:59:cf:8d:1b:75:fa:08:0e:a3:48:
         34:47:27:8a:e9:d2:1c:e1:f9:38:34:29:8c:51:9f:6c:17:6a:
         63:db:1c:d1:f7:fb:74:c1:be:c5:71:f3:79:b9:ef:0f:5c:3b:
         64:69:ed:77:48:5c:ad:59:c1:a2:7d:39:d7:df:b6:27:09:7f:
         9a:6b:e8:5d:e6:c6:34:5c:6b:26:42:b8:74:0f:54:48:1c:b4:
         3b:cc:2f:06:ae:75:43:ce:63:09:6f:bd:17:c9:a7:ed:6a:b6:
         c2:84:2c:04:8b:d4:dd:15:dc:23:71:60:34:d7:46:97:b8:06:
         c1:b6:fa:36:fd:14:29:1c:fe:5e:68:c6:a1:f6:df:8c:ed:54:
         5a:b6:c7:f9:71:03:80:23:ac:79:82:83:7e:31:ab:59:e2:88:
         7f:9c:cc:72
-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgIUU4NXE0VnTb9YN+AOO4+uZ4LoIpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MDlaFw0yMjA5MzAwMDAxMDlaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDA1RUMwRjAyRUIyREY0OEU5
RjE5RkI4M0I4NjRBMUUyQzAxQ0Y5N0VGNzVEREY1MTRGRjk3MjUxNTI3NDc0MkQ0
NzE0REJENDE1NjgzOTUwRDhGMDdEMTVBMDEyNUM2MzI1RDVDNTQyRUIzNzE5MTJE
Nzk2RDQ2NDM3OUE2RTM4REM5NjAyMkRDRTM1RjlEMjREMjY2QTBDNjRBMjE4MjRC
OEU5OUFENUMzQUEyRDhFQjFBOTZFOTJDRUE1MjhFMURBQzYzOEY0NDFEN0M3RUU0
QkUxNkJGREZGRDdGRTlCREY1NUQ1OUE2NDJFRUJGMTBFMUM5QUIwQ0E3MUQ2RENF
NDkzODJBMkE0MTExOThCNzBEQkM4NTUyQ0QyM0JCMDgzNzJFRjIwNDg0RUMwRjlG
RDdCOEVENEI5OTZCNzBBNTdCQUUxRjkxMTQyRTI0QUM5MkMzMjU0QzJFMUEzMDI5
RkNCMUQ1RjUzQkMxQUY4RUJGQzkzQkI3RTU4MkUwQTJCQjg0RDBGNkYwOEEwMDc2
NjFBNTQ0QzAxOUY1MkVERjVENjczQ0IwQ0JGMDhCMzFBRDQxMEUxNTc3ODYxNTIz
QTY2OTU5MURFREI0N0MzQ0IyODYyRjVGRjY2QjNDREZGRjJFRDQ2RTVEMjNGOUQ2
QjgyQzQ0MUNBMzFDRDEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0F7A8C6y30jp8Z+4O4ZKHiwBz5fvdd31FP+XJRUnR0LUcU29QVaD
lQ2PB9FaASXGMl1cVC6zcZEteW1GQ3mm443JYCLc41+dJNJmoMZKIYJLjpmtXDqi
2Osaluks6lKOHaxjj0QdfH7kvha/3/1/6b31XVmmQu6/EOHJqwynHW3OSTgqKkER
mLcNvIVSzSO7CDcu8gSE7A+f17jtS5lrcKV7rh+RFC4krJLDJUwuGjAp/LHV9TvB
r46/yTu35YLgoruE0PbwigB2YaVEwBn1Lt9dZzywy/CLMa1BDhV3hhUjpmlZHe20
fDyyhi9f9ms83/8u1G5dI/nWuCxEHKMc0QIDAQABo4ICMDCCAiwwHQYDVR0OBBYE
FKvoOI1XJPSb6vytm0fZyBjqaF72MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGgBggrBgEFBQcB
CwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzgyZTM5MzkyZTM5MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMTM3MzQz
NTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBdmNiMA0GCSqGSIb3DQEBCwUAA4IBAQAp2/qa89gIV+RK
yz+/LK/nvrJfgImt4DNdYNePcbm+0+uqFUe8MxLbmwygvUpzB/KYr7rHyKw0/Oyd
9DoFSK0QUVAHLX1Zfd8FgNFmJaqbMTVY4rSzJXvclz5yETXU4MMzTlnPjRt1+ggO
o0g0RyeK6dIc4fk4NCmMUZ9sF2pj2xzR9/t0wb7FcfN5ue8PXDtkae13SFytWcGi
fTnX37YnCX+aa+hd5sY0XGsmQrh0D1RIHLQ7zC8GrnVDzmMJb70XyaftarbChCwE
i9TdFdwjcWA010aXuAbBtvo2/RQpHP5eaMah9t+M7VRatsf5cQOAI6x5goN+MatZ
4oh/nMxy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org