Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3132342e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3132342e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          8L/UicElX8PMP69lthi1e7zonoPzOZTu2sI9iobei8A=
Subject key identifier:   37:2C:AA:26:FC:65:72:5B:8C:51:DA:CA:DF:51:FF:B8:61:48:42:DF
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       4029B9302519A79EE7F7012100F1C7E24ED65663
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3132342e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:26 +0000
ROA not before:           Wed 29 Sep 2021 23:55:26 +0000
ROA not after:            Fri 30 Sep 2022 00:00:26 +0000
asID:                     17451
IP address blocks:        182.253.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:29:b9:30:25:19:a7:9e:e7:f7:01:21:00:f1:c7:e2:4e:d6:56:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:26 2021 GMT
            Not After : Sep 30 00:00:26 2022 GMT
        Subject: CN=3082010A0282010100F16D8A019BF6B2F75FAFFFC95D2101D0AADD13F30C64CD9B1EC3707DF1405AD13F1C394E3ACAD52E5D1753BC5CCFA7316B51B1581709D0E96F2F73658AE8493D727037924AEA41B58B6BF47362E375B43EED5F79A93C2F0375C7D9CE55C63B3A1D28D7B3EDCFADA5CDA4B4811731A366487A1AA7FDD4C049DA1E27E87DB0681AE0D3FB75EFDB305D02C26DA9493C16369E4729A4BCDFAD59E153C8947E33A8AAC24BABEA97249AE670DA1C3790FB1B6FDD960F2DF8CC9A623C11A8F942F05D67EB9CC6837A4F71C4E9D3D31F16E691E73032EAFD209B72F96016DCE0CA00175719F881C25F44C802AEC6B177749B667B8677F2352CDB6197E97905F9C8BCD79D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:6d:8a:01:9b:f6:b2:f7:5f:af:ff:c9:5d:21:
                    01:d0:aa:dd:13:f3:0c:64:cd:9b:1e:c3:70:7d:f1:
                    40:5a:d1:3f:1c:39:4e:3a:ca:d5:2e:5d:17:53:bc:
                    5c:cf:a7:31:6b:51:b1:58:17:09:d0:e9:6f:2f:73:
                    65:8a:e8:49:3d:72:70:37:92:4a:ea:41:b5:8b:6b:
                    f4:73:62:e3:75:b4:3e:ed:5f:79:a9:3c:2f:03:75:
                    c7:d9:ce:55:c6:3b:3a:1d:28:d7:b3:ed:cf:ad:a5:
                    cd:a4:b4:81:17:31:a3:66:48:7a:1a:a7:fd:d4:c0:
                    49:da:1e:27:e8:7d:b0:68:1a:e0:d3:fb:75:ef:db:
                    30:5d:02:c2:6d:a9:49:3c:16:36:9e:47:29:a4:bc:
                    df:ad:59:e1:53:c8:94:7e:33:a8:aa:c2:4b:ab:ea:
                    97:24:9a:e6:70:da:1c:37:90:fb:1b:6f:dd:96:0f:
                    2d:f8:cc:9a:62:3c:11:a8:f9:42:f0:5d:67:eb:9c:
                    c6:83:7a:4f:71:c4:e9:d3:d3:1f:16:e6:91:e7:30:
                    32:ea:fd:20:9b:72:f9:60:16:dc:e0:ca:00:17:57:
                    19:f8:81:c2:5f:44:c8:02:ae:c6:b1:77:74:9b:66:
                    7b:86:77:f2:35:2c:db:61:97:e9:79:05:f9:c8:bc:
                    d7:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:2C:AA:26:FC:65:72:5B:8C:51:DA:CA:DF:51:FF:B8:61:48:42:DF
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3132342e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:44:8a:86:57:a3:05:79:b8:75:fa:86:fd:ab:b1:1a:a1:de:
         1f:0c:0a:33:5d:e2:7a:6e:a1:dc:87:d4:91:6f:d0:07:4f:a7:
         d7:25:1e:13:32:da:ff:10:5d:f9:22:13:ab:38:4d:67:d5:05:
         4f:a9:17:f1:2d:b8:e3:67:2e:bf:c9:9c:8d:5a:83:e2:23:95:
         30:a2:97:67:58:71:f6:e4:f2:38:b6:e3:58:46:03:ec:d1:b7:
         9f:93:02:81:6f:5e:2e:cd:9f:b7:af:1d:54:09:d8:d2:d3:dd:
         37:e7:b1:66:d0:ca:ba:05:85:1c:74:58:65:9a:5d:79:78:b5:
         f3:07:11:c8:46:9e:1d:7e:d4:a5:2c:25:72:03:15:52:57:c2:
         7d:6d:54:70:c6:76:ce:72:01:0b:68:6e:4e:4b:74:e9:61:1a:
         da:82:41:b8:58:92:96:28:cd:d0:8a:00:e7:f3:b4:22:50:30:
         7f:32:ca:2e:b3:6c:fa:20:16:7e:dd:7d:b5:82:e7:e0:92:5a:
         2d:6c:52:cd:95:25:b8:d2:9d:7c:65:23:74:e1:68:c6:ec:99:
         16:96:64:a4:f5:62:d2:6d:d7:5d:ed:1d:38:5c:6f:6b:cf:7c:
         48:b7:3f:2b:9a:f9:88:5d:ee:e6:7f:f7:bc:cf:85:9a:3c:43:
         c0:c6:36:c2
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUQCm5MCUZp57n9wEhAPHH4k7WVmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjZaFw0yMjA5MzAwMDAwMjZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRjE2RDhBMDE5QkY2QjJGNzVG
QUZGRkM5NUQyMTAxRDBBQUREMTNGMzBDNjRDRDlCMUVDMzcwN0RGMTQwNUFEMTNG
MUMzOTRFM0FDQUQ1MkU1RDE3NTNCQzVDQ0ZBNzMxNkI1MUIxNTgxNzA5RDBFOTZG
MkY3MzY1OEFFODQ5M0Q3MjcwMzc5MjRBRUE0MUI1OEI2QkY0NzM2MkUzNzVCNDNF
RUQ1Rjc5QTkzQzJGMDM3NUM3RDlDRTU1QzYzQjNBMUQyOEQ3QjNFRENGQURBNUNE
QTRCNDgxMTczMUEzNjY0ODdBMUFBN0ZERDRDMDQ5REExRTI3RTg3REIwNjgxQUUw
RDNGQjc1RUZEQjMwNUQwMkMyNkRBOTQ5M0MxNjM2OUU0NzI5QTRCQ0RGQUQ1OUUx
NTNDODk0N0UzM0E4QUFDMjRCQUJFQTk3MjQ5QUU2NzBEQTFDMzc5MEZCMUI2RkRE
OTYwRjJERjhDQzlBNjIzQzExQThGOTQyRjA1RDY3RUI5Q0M2ODM3QTRGNzFDNEU5
RDNEMzFGMTZFNjkxRTczMDMyRUFGRDIwOUI3MkY5NjAxNkRDRTBDQTAwMTc1NzE5
Rjg4MUMyNUY0NEM4MDJBRUM2QjE3Nzc0OUI2NjdCODY3N0YyMzUyQ0RCNjE5N0U5
NzkwNUY5QzhCQ0Q3OUQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA8W2KAZv2svdfr//JXSEB0KrdE/MMZM2bHsNwffFAWtE/HDlOOsrV
Ll0XU7xcz6cxa1GxWBcJ0OlvL3NliuhJPXJwN5JK6kG1i2v0c2LjdbQ+7V95qTwv
A3XH2c5Vxjs6HSjXs+3PraXNpLSBFzGjZkh6Gqf91MBJ2h4n6H2waBrg0/t179sw
XQLCbalJPBY2nkcppLzfrVnhU8iUfjOoqsJLq+qXJJrmcNocN5D7G2/dlg8t+Mya
YjwRqPlC8F1n65zGg3pPccTp09MfFuaR5zAy6v0gm3L5YBbc4MoAF1cZ+IHCX0TI
Aq7GsXd0m2Z7hnfyNSzbYZfpeQX5yLzXnQIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FDcsqib8ZXJbjFHayt9R/7hhSELfMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzMjM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9fDANBgkqhkiG9w0BAQsFAAOCAQEAEESKhlej
BXm4dfqG/auxGqHeHwwKM13iem6h3IfUkW/QB0+n1yUeEzLa/xBd+SITqzhNZ9UF
T6kX8S2442cuv8mcjVqD4iOVMKKXZ1hx9uTyOLbjWEYD7NG3n5MCgW9eLs2ft68d
VAnY0tPdN+exZtDKugWFHHRYZZpdeXi18wcRyEaeHX7UpSwlcgMVUlfCfW1UcMZ2
znIBC2huTkt06WEa2oJBuFiSlijN0IoA5/O0IlAwfzLKLrNs+iAWft19tYLn4JJa
LWxSzZUluNKdfGUjdOFoxuyZFpZkpPVi0m3XXe0dOFxva898SLc/K5r5iF3u5n/3
vM+FmjxDwMY2wg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org