Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3130382e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3130382e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          +y6RNxizSMqUdc2QoWkkwfR8OpqGKDFX3jGFerYA7Pc=
Subject key identifier:   9B:98:01:BC:16:B3:F3:C3:79:29:34:7A:F6:CA:00:FE:E4:8D:B9:4B
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       366C9A07231C7803F817500F77C87057DA95BC80
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3130382e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:26 +0000
ROA not before:           Wed 29 Sep 2021 23:55:26 +0000
ROA not after:            Fri 30 Sep 2022 00:00:26 +0000
asID:                     17451
IP address blocks:        182.253.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:6c:9a:07:23:1c:78:03:f8:17:50:0f:77:c8:70:57:da:95:bc:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:26 2021 GMT
            Not After : Sep 30 00:00:26 2022 GMT
        Subject: CN=3082010A0282010100D8D79818E6C388C6DFD5E713A31742F49F1E3B5B4B99DC1C579F2EFE22A65C8723A188AF7ED479428C072EE81C3CD6ECCF0643C99B9DFDAA9C70493C053A8DDEFEC632D84DAE11DDC509F6BE95298F8E2DC2A19FF2AE1A3F82C3B3C3B92F5D5FC32C2F2FC5AC900345C1DC0BC16CC4AA22122BA51E8DDB7C377748F14B1B9A9DD5F81E4A9D06E31D924C4C53E71863E96659C430E91929187FB4DF0F67798EAB2EF65741872758A02A4BFA971D454B87AEE11A2BFE38169B7A64EB5DF75B10817194C0941E395E1EEE8553C3E293846BB14B84648897CC2781AFC6066FE20508DD665EF62468647EBC406198427161D2F3B0B88C7F4F64D50C19D30CCB6866AD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:d7:98:18:e6:c3:88:c6:df:d5:e7:13:a3:17:
                    42:f4:9f:1e:3b:5b:4b:99:dc:1c:57:9f:2e:fe:22:
                    a6:5c:87:23:a1:88:af:7e:d4:79:42:8c:07:2e:e8:
                    1c:3c:d6:ec:cf:06:43:c9:9b:9d:fd:aa:9c:70:49:
                    3c:05:3a:8d:de:fe:c6:32:d8:4d:ae:11:dd:c5:09:
                    f6:be:95:29:8f:8e:2d:c2:a1:9f:f2:ae:1a:3f:82:
                    c3:b3:c3:b9:2f:5d:5f:c3:2c:2f:2f:c5:ac:90:03:
                    45:c1:dc:0b:c1:6c:c4:aa:22:12:2b:a5:1e:8d:db:
                    7c:37:77:48:f1:4b:1b:9a:9d:d5:f8:1e:4a:9d:06:
                    e3:1d:92:4c:4c:53:e7:18:63:e9:66:59:c4:30:e9:
                    19:29:18:7f:b4:df:0f:67:79:8e:ab:2e:f6:57:41:
                    87:27:58:a0:2a:4b:fa:97:1d:45:4b:87:ae:e1:1a:
                    2b:fe:38:16:9b:7a:64:eb:5d:f7:5b:10:81:71:94:
                    c0:94:1e:39:5e:1e:ee:85:53:c3:e2:93:84:6b:b1:
                    4b:84:64:88:97:cc:27:81:af:c6:06:6f:e2:05:08:
                    dd:66:5e:f6:24:68:64:7e:bc:40:61:98:42:71:61:
                    d2:f3:b0:b8:8c:7f:4f:64:d5:0c:19:d3:0c:cb:68:
                    66:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:98:01:BC:16:B3:F3:C3:79:29:34:7A:F6:CA:00:FE:E4:8D:B9:4B
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3130382e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:c3:1e:1b:d8:ae:e1:4e:e2:97:fe:cf:78:c3:94:0e:73:34:
         73:27:81:2c:4d:71:17:0c:d4:23:5b:9f:31:af:8b:56:5c:70:
         62:b2:ac:2b:0c:7d:04:c4:2d:86:9b:5d:f1:fc:3b:a4:a6:a6:
         9a:d4:9b:23:21:f7:7f:32:9e:df:62:72:8a:57:72:a6:e2:60:
         fe:52:c7:46:fb:76:a7:e4:15:df:e2:b9:05:e2:69:11:1d:d2:
         12:e0:51:3f:39:dd:96:ea:e4:bb:be:43:49:46:6a:9c:13:fb:
         46:41:a2:8a:79:f2:97:a8:d9:9f:b9:ed:1f:c8:b0:51:70:e0:
         41:80:b6:9a:8f:f0:22:a4:49:d6:4c:de:d7:1a:4d:9a:39:5c:
         c8:d1:8d:71:35:fd:18:f1:c3:4a:4b:b9:91:7e:9c:d6:25:bf:
         cf:ae:bb:82:10:cd:cf:4a:40:ba:34:89:56:18:51:97:b5:a2:
         09:3b:f2:31:b5:94:1b:6d:40:75:99:de:64:7b:ef:a3:75:7c:
         bc:df:23:a4:9f:c3:84:61:d8:06:8e:a4:c4:4d:d5:d9:e0:2e:
         5d:bd:fc:a9:48:9f:16:fa:f2:b0:32:3d:da:53:8b:35:56:fd:
         83:12:16:b0:e0:cd:92:62:d9:46:ac:e8:8d:37:ac:7c:fc:8e:
         80:b8:e3:2a
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUNmyaByMceAP4F1APd8hwV9qVvIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjZaFw0yMjA5MzAwMDAwMjZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDhENzk4MThFNkMzODhDNkRG
RDVFNzEzQTMxNzQyRjQ5RjFFM0I1QjRCOTlEQzFDNTc5RjJFRkUyMkE2NUM4NzIz
QTE4OEFGN0VENDc5NDI4QzA3MkVFODFDM0NENkVDQ0YwNjQzQzk5QjlERkRBQTlD
NzA0OTNDMDUzQThEREVGRUM2MzJEODREQUUxMUREQzUwOUY2QkU5NTI5OEY4RTJE
QzJBMTlGRjJBRTFBM0Y4MkMzQjNDM0I5MkY1RDVGQzMyQzJGMkZDNUFDOTAwMzQ1
QzFEQzBCQzE2Q0M0QUEyMjEyMkJBNTFFOEREQjdDMzc3NzQ4RjE0QjFCOUE5REQ1
RjgxRTRBOUQwNkUzMUQ5MjRDNEM1M0U3MTg2M0U5NjY1OUM0MzBFOTE5MjkxODdG
QjRERjBGNjc3OThFQUIyRUY2NTc0MTg3Mjc1OEEwMkE0QkZBOTcxRDQ1NEI4N0FF
RTExQTJCRkUzODE2OUI3QTY0RUI1REY3NUIxMDgxNzE5NEMwOTQxRTM5NUUxRUVF
ODU1M0MzRTI5Mzg0NkJCMTRCODQ2NDg4OTdDQzI3ODFBRkM2MDY2RkUyMDUwOERE
NjY1RUY2MjQ2ODY0N0VCQzQwNjE5ODQyNzE2MUQyRjNCMEI4OEM3RjRGNjRENTBD
MTlEMzBDQ0I2ODY2QUQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2NeYGObDiMbf1ecToxdC9J8eO1tLmdwcV58u/iKmXIcjoYivftR5
QowHLugcPNbszwZDyZud/aqccEk8BTqN3v7GMthNrhHdxQn2vpUpj44twqGf8q4a
P4LDs8O5L11fwywvL8WskANFwdwLwWzEqiISK6Uejdt8N3dI8Usbmp3V+B5KnQbj
HZJMTFPnGGPpZlnEMOkZKRh/tN8PZ3mOqy72V0GHJ1igKkv6lx1FS4eu4Ror/jgW
m3pk6133WxCBcZTAlB45Xh7uhVPD4pOEa7FLhGSIl8wnga/GBm/iBQjdZl72JGhk
frxAYZhCcWHS87C4jH9PZNUMGdMMy2hmrQIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FJuYAbwWs/PDeSk0evbKAP7kjblLMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzMDM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9bDANBgkqhkiG9w0BAQsFAAOCAQEAn8MeG9iu
4U7il/7PeMOUDnM0cyeBLE1xFwzUI1ufMa+LVlxwYrKsKwx9BMQthptd8fw7pKam
mtSbIyH3fzKe32JyildypuJg/lLHRvt2p+QV3+K5BeJpER3SEuBRPzndlurku75D
SUZqnBP7RkGiinnyl6jZn7ntH8iwUXDgQYC2mo/wIqRJ1kze1xpNmjlcyNGNcTX9
GPHDSku5kX6c1iW/z667ghDNz0pAujSJVhhRl7WiCTvyMbWUG21AdZneZHvvo3V8
vN8jpJ/DhGHYBo6kxE3V2eAuXb38qUifFvrysDI92lOLNVb9gxIWsODNkmLZRqzo
jTesfPyOgLjjKg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org