Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3131332e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3131332e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          /wqWFil2R5Y0J9v9Lheb1wNyBbP6FP3KRtQlNJtEboM=
Subject key identifier:   B6:C9:C5:79:16:F5:A2:4E:16:E4:F5:0B:E1:B7:EF:69:4E:B4:8F:12
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       57BA44E8D0BDE5A6DE901DCE0A629DBB0C848D61
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3131332e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:12 +0000
ROA not before:           Wed 29 Sep 2021 23:56:12 +0000
ROA not after:            Fri 30 Sep 2022 00:01:12 +0000
asID:                     17451
IP address blocks:        182.253.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:ba:44:e8:d0:bd:e5:a6:de:90:1d:ce:0a:62:9d:bb:0c:84:8d:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:12 2021 GMT
            Not After : Sep 30 00:01:12 2022 GMT
        Subject: CN=3082010A0282010100E00E496A3EC60E1445073CFA6CA4D3AD3C4FBF36D946B4D0CA016F326EF6A33F1291C2B0735E37CD63CB1B8D375B31740437BAE23DD1322D3D7765294D7B6735EFAD283F3BA136F1DFB10F119B211385CAC8EBEC53A8150206C4CF44ADD4A070EE5B29BC689FD3FBD0A2768FB4F0C4C34168B499C59A1F98858E4F4854D61F395CF485FE63F0D9B7D546D98CA3952F79E3D15543EDE56423CADFC02C841518066CEB25B77ADD25515986E4F6AF00EF21DD31E2B34596B0C7ABC665AD6A1DF0090188E8BE0EAF3888F2192AA0DD6D08A4371B535298CA253FFE3CF02BCD99495A445D5F65B07AE14F9D2E5C1166678E1A2C0E9A37B00734FEF749867F1C244A930203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:0e:49:6a:3e:c6:0e:14:45:07:3c:fa:6c:a4:
                    d3:ad:3c:4f:bf:36:d9:46:b4:d0:ca:01:6f:32:6e:
                    f6:a3:3f:12:91:c2:b0:73:5e:37:cd:63:cb:1b:8d:
                    37:5b:31:74:04:37:ba:e2:3d:d1:32:2d:3d:77:65:
                    29:4d:7b:67:35:ef:ad:28:3f:3b:a1:36:f1:df:b1:
                    0f:11:9b:21:13:85:ca:c8:eb:ec:53:a8:15:02:06:
                    c4:cf:44:ad:d4:a0:70:ee:5b:29:bc:68:9f:d3:fb:
                    d0:a2:76:8f:b4:f0:c4:c3:41:68:b4:99:c5:9a:1f:
                    98:85:8e:4f:48:54:d6:1f:39:5c:f4:85:fe:63:f0:
                    d9:b7:d5:46:d9:8c:a3:95:2f:79:e3:d1:55:43:ed:
                    e5:64:23:ca:df:c0:2c:84:15:18:06:6c:eb:25:b7:
                    7a:dd:25:51:59:86:e4:f6:af:00:ef:21:dd:31:e2:
                    b3:45:96:b0:c7:ab:c6:65:ad:6a:1d:f0:09:01:88:
                    e8:be:0e:af:38:88:f2:19:2a:a0:dd:6d:08:a4:37:
                    1b:53:52:98:ca:25:3f:fe:3c:f0:2b:cd:99:49:5a:
                    44:5d:5f:65:b0:7a:e1:4f:9d:2e:5c:11:66:67:8e:
                    1a:2c:0e:9a:37:b0:07:34:fe:f7:49:86:7f:1c:24:
                    4a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:C9:C5:79:16:F5:A2:4E:16:E4:F5:0B:E1:B7:EF:69:4E:B4:8F:12
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3131332e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:a1:a6:2d:a3:40:74:f6:9e:79:5b:a1:cb:ba:5f:8a:38:7f:
         75:2a:14:4f:4f:7a:bc:ec:42:9a:27:a4:31:94:02:84:c3:4a:
         c6:5c:a7:07:29:72:ac:e5:f3:eb:fd:45:b1:b2:83:0e:7d:8a:
         1d:7c:26:02:c7:7c:74:75:b1:94:1b:31:72:06:a1:cf:d7:31:
         83:ca:df:79:44:6d:df:0f:73:57:5b:53:30:46:cc:6f:4c:f2:
         33:ab:a2:7c:20:11:05:49:cd:9e:f1:9c:a5:6a:1c:00:64:46:
         11:92:6c:8f:66:00:22:1f:73:12:dc:b1:88:0b:95:e2:e2:c9:
         9c:c3:fe:ac:15:48:28:9a:cd:13:10:84:fe:02:5b:4b:d4:fe:
         46:0e:23:c8:c8:54:14:44:1f:f8:0b:17:2a:aa:64:f1:1b:1c:
         49:e1:8c:2f:eb:dc:e9:d4:2a:76:26:04:05:17:b2:01:00:b2:
         b3:b6:19:e1:c5:47:c2:da:32:6f:bd:c9:ee:64:af:e8:91:1d:
         bc:aa:a6:c9:12:93:17:60:84:dc:ab:87:c5:ad:da:a5:ea:8e:
         13:bc:55:61:d5:06:55:35:d6:71:26:20:ea:38:df:6d:58:97:
         b3:26:81:97:e3:89:e5:87:81:93:56:60:ab:cf:a5:26:1a:7a:
         ec:16:05:c6
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUV7pE6NC95abekB3OCmKduwyEjWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MTJaFw0yMjA5MzAwMDAxMTJaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRTAwRTQ5NkEzRUM2MEUxNDQ1
MDczQ0ZBNkNBNEQzQUQzQzRGQkYzNkQ5NDZCNEQwQ0EwMTZGMzI2RUY2QTMzRjEy
OTFDMkIwNzM1RTM3Q0Q2M0NCMUI4RDM3NUIzMTc0MDQzN0JBRTIzREQxMzIyRDNE
Nzc2NTI5NEQ3QjY3MzVFRkFEMjgzRjNCQTEzNkYxREZCMTBGMTE5QjIxMTM4NUNB
QzhFQkVDNTNBODE1MDIwNkM0Q0Y0NEFERDRBMDcwRUU1QjI5QkM2ODlGRDNGQkQw
QTI3NjhGQjRGMEM0QzM0MTY4QjQ5OUM1OUExRjk4ODU4RTRGNDg1NEQ2MUYzOTVD
RjQ4NUZFNjNGMEQ5QjdENTQ2RDk4Q0EzOTUyRjc5RTNEMTU1NDNFREU1NjQyM0NB
REZDMDJDODQxNTE4MDY2Q0VCMjVCNzdBREQyNTUxNTk4NkU0RjZBRjAwRUYyMURE
MzFFMkIzNDU5NkIwQzdBQkM2NjVBRDZBMURGMDA5MDE4OEU4QkUwRUFGMzg4OEYy
MTkyQUEwREQ2RDA4QTQzNzFCNTM1Mjk4Q0EyNTNGRkUzQ0YwMkJDRDk5NDk1QTQ0
NUQ1RjY1QjA3QUUxNEY5RDJFNUMxMTY2Njc4RTFBMkMwRTlBMzdCMDA3MzRGRUY3
NDk4NjdGMUMyNDRBOTMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA4A5Jaj7GDhRFBzz6bKTTrTxPvzbZRrTQygFvMm72oz8SkcKwc143
zWPLG403WzF0BDe64j3RMi09d2UpTXtnNe+tKD87oTbx37EPEZshE4XKyOvsU6gV
AgbEz0St1KBw7lspvGif0/vQonaPtPDEw0FotJnFmh+YhY5PSFTWHzlc9IX+Y/DZ
t9VG2YyjlS9549FVQ+3lZCPK38AshBUYBmzrJbd63SVRWYbk9q8A7yHdMeKzRZaw
x6vGZa1qHfAJAYjovg6vOIjyGSqg3W0IpDcbU1KYyiU//jzwK82ZSVpEXV9lsHrh
T50uXBFmZ44aLA6aN7AHNP73SYZ/HCRKkwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FLbJxXkW9aJOFuT1C+G372lOtI8SMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzMTMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9cTANBgkqhkiG9w0BAQsFAAOCAQEAX6GmLaNA
dPaeeVuhy7pfijh/dSoUT096vOxCmiekMZQChMNKxlynBylyrOXz6/1FsbKDDn2K
HXwmAsd8dHWxlBsxcgahz9cxg8rfeURt3w9zV1tTMEbMb0zyM6uifCARBUnNnvGc
pWocAGRGEZJsj2YAIh9zEtyxiAuV4uLJnMP+rBVIKJrNExCE/gJbS9T+Rg4jyMhU
FEQf+AsXKqpk8RscSeGML+vc6dQqdiYEBReyAQCys7YZ4cVHwtoyb73J7mSv6JEd
vKqmyRKTF2CE3KuHxa3apeqOE7xVYdUGVTXWcSYg6jjfbViXsyaBl+OJ5YeBk1Zg
q8+lJhp67BYFxg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org