Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3133302e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3133302e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          oc72sGEsGXvhgAsjspWIZSHgUGeVaqNw17eP4g2J/dc=
Subject key identifier:   21:46:4D:B7:4F:ED:B4:2C:BE:6A:E7:0F:0B:8E:4E:5F:1D:EC:9D:AD
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       6048FEB989C36F6EB00949067B159192859F980F
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3133302e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:15 +0000
ROA not before:           Wed 29 Sep 2021 23:55:15 +0000
ROA not after:            Fri 30 Sep 2022 00:00:15 +0000
asID:                     17451
IP address blocks:        182.253.130.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:48:fe:b9:89:c3:6f:6e:b0:09:49:06:7b:15:91:92:85:9f:98:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:15 2021 GMT
            Not After : Sep 30 00:00:15 2022 GMT
        Subject: CN=3082010A0282010100DBC4DAB6EE57432EFA158DBA8895262830B5DF887AD5078278434B0D61904CFB1DD7F838F2D11CABA57038DB4E7576D465EA68658340965EDBF18B41240C393E37286BEB5322BC165817596001799C5D56996383498486C2AA7DEF392DF928A7DC7D4514D6AC423B35E93B38E87F0338444DA9BA602A88EF5D1EDD4A9E3856D2FA9FDF03B05DD8D8D0A48774C5766D1F579DDE52EB2874DF069B74F11C2B4B69D8FB3C9F532BAFAD400965A102DFB61B8FD9E06B27D7780F5693D9A9FB40D18DA0F6815FBE55E2F00DC302F8E7F125A76D184E92D1B184B1FB923C68E36FC2DE82170A2DCAEB9CC006C8D81C72FDE5D3C4A209817D91BEA7BB9A728ABB93D13F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c4:da:b6:ee:57:43:2e:fa:15:8d:ba:88:95:
                    26:28:30:b5:df:88:7a:d5:07:82:78:43:4b:0d:61:
                    90:4c:fb:1d:d7:f8:38:f2:d1:1c:ab:a5:70:38:db:
                    4e:75:76:d4:65:ea:68:65:83:40:96:5e:db:f1:8b:
                    41:24:0c:39:3e:37:28:6b:eb:53:22:bc:16:58:17:
                    59:60:01:79:9c:5d:56:99:63:83:49:84:86:c2:aa:
                    7d:ef:39:2d:f9:28:a7:dc:7d:45:14:d6:ac:42:3b:
                    35:e9:3b:38:e8:7f:03:38:44:4d:a9:ba:60:2a:88:
                    ef:5d:1e:dd:4a:9e:38:56:d2:fa:9f:df:03:b0:5d:
                    d8:d8:d0:a4:87:74:c5:76:6d:1f:57:9d:de:52:eb:
                    28:74:df:06:9b:74:f1:1c:2b:4b:69:d8:fb:3c:9f:
                    53:2b:af:ad:40:09:65:a1:02:df:b6:1b:8f:d9:e0:
                    6b:27:d7:78:0f:56:93:d9:a9:fb:40:d1:8d:a0:f6:
                    81:5f:be:55:e2:f0:0d:c3:02:f8:e7:f1:25:a7:6d:
                    18:4e:92:d1:b1:84:b1:fb:92:3c:68:e3:6f:c2:de:
                    82:17:0a:2d:ca:eb:9c:c0:06:c8:d8:1c:72:fd:e5:
                    d3:c4:a2:09:81:7d:91:be:a7:bb:9a:72:8a:bb:93:
                    d1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:46:4D:B7:4F:ED:B4:2C:BE:6A:E7:0F:0B:8E:4E:5F:1D:EC:9D:AD
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3133302e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:0e:c6:aa:95:46:e7:3a:5e:bb:9b:d1:dc:8e:9c:62:3b:57:
         3d:94:d8:18:3b:1f:10:51:8a:f1:48:c3:8c:8e:fe:1d:75:74:
         c8:cd:b2:60:d1:cd:38:60:9b:3a:f9:df:4b:9e:fe:88:49:3c:
         cc:d7:22:b9:16:30:0d:3a:67:0b:9d:3a:bd:f1:63:48:b1:b0:
         eb:5a:dc:ba:f3:9d:d5:7f:ac:9c:04:19:28:a5:1a:b5:be:8b:
         0f:49:d6:37:73:8b:30:21:0b:f5:b2:ff:e6:2c:a9:3b:8c:70:
         4c:d1:e3:76:01:aa:83:29:35:4d:0e:81:31:ca:bb:b7:4d:59:
         f0:ab:9c:6d:4b:a4:f5:82:e1:85:d1:87:51:9d:b0:0a:ea:a9:
         ef:7b:80:43:19:4b:10:2c:67:e5:9b:6b:32:62:f6:29:3b:b3:
         6a:8c:8a:a5:54:a2:ae:cf:a1:76:34:b9:cf:09:97:5c:7e:e9:
         8c:53:70:81:9a:24:58:27:ff:00:af:04:cb:53:31:ba:db:95:
         25:4e:e1:67:f3:4a:b3:a6:c3:88:df:e2:39:b9:d8:8e:54:61:
         25:99:6f:f7:55:4b:f7:c0:70:6e:d7:0b:e3:25:d3:48:48:4e:
         73:7b:e8:19:9a:18:75:c0:f2:d6:26:c8:9f:92:56:77:e8:83:
         a4:85:6e:23
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUYEj+uYnDb26wCUkGexWRkoWfmA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MTVaFw0yMjA5MzAwMDAwMTVaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwREJDNERBQjZFRTU3NDMyRUZB
MTU4REJBODg5NTI2MjgzMEI1REY4ODdBRDUwNzgyNzg0MzRCMEQ2MTkwNENGQjFE
RDdGODM4RjJEMTFDQUJBNTcwMzhEQjRFNzU3NkQ0NjVFQTY4NjU4MzQwOTY1RURC
RjE4QjQxMjQwQzM5M0UzNzI4NkJFQjUzMjJCQzE2NTgxNzU5NjAwMTc5OUM1RDU2
OTk2MzgzNDk4NDg2QzJBQTdERUYzOTJERjkyOEE3REM3RDQ1MTRENkFDNDIzQjM1
RTkzQjM4RTg3RjAzMzg0NDREQTlCQTYwMkE4OEVGNUQxRURENEE5RTM4NTZEMkZB
OUZERjAzQjA1REQ4RDhEMEE0ODc3NEM1NzY2RDFGNTc5RERFNTJFQjI4NzRERjA2
OUI3NEYxMUMyQjRCNjlEOEZCM0M5RjUzMkJBRkFENDAwOTY1QTEwMkRGQjYxQjhG
RDlFMDZCMjdENzc4MEY1NjkzRDlBOUZCNDBEMThEQTBGNjgxNUZCRTU1RTJGMDBE
QzMwMkY4RTdGMTI1QTc2RDE4NEU5MkQxQjE4NEIxRkI5MjNDNjhFMzZGQzJERTgy
MTcwQTJEQ0FFQjlDQzAwNkM4RDgxQzcyRkRFNUQzQzRBMjA5ODE3RDkxQkVBN0JC
OUE3MjhBQkI5M0QxM0YwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA28Tatu5XQy76FY26iJUmKDC134h61QeCeENLDWGQTPsd1/g48tEc
q6VwONtOdXbUZepoZYNAll7b8YtBJAw5Pjcoa+tTIrwWWBdZYAF5nF1WmWODSYSG
wqp97zkt+Sin3H1FFNasQjs16Ts46H8DOERNqbpgKojvXR7dSp44VtL6n98DsF3Y
2NCkh3TFdm0fV53eUusodN8Gm3TxHCtLadj7PJ9TK6+tQAlloQLfthuP2eBrJ9d4
D1aT2an7QNGNoPaBX75V4vANwwL45/Elp20YTpLRsYSx+5I8aONvwt6CFwotyuuc
wAbI2Bxy/eXTxKIJgX2Rvqe7mnKKu5PRPwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FCFGTbdP7bQsvmrnDwuOTl8d7J2tMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzMzMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9gjANBgkqhkiG9w0BAQsFAAOCAQEAPw7GqpVG
5zpeu5vR3I6cYjtXPZTYGDsfEFGK8UjDjI7+HXV0yM2yYNHNOGCbOvnfS57+iEk8
zNciuRYwDTpnC506vfFjSLGw61rcuvOd1X+snAQZKKUatb6LD0nWN3OLMCEL9bL/
5iypO4xwTNHjdgGqgyk1TQ6BMcq7t01Z8KucbUuk9YLhhdGHUZ2wCuqp73uAQxlL
ECxn5ZtrMmL2KTuzaoyKpVSirs+hdjS5zwmXXH7pjFNwgZokWCf/AK8Ey1MxutuV
JU7hZ/NKs6bDiN/iObnYjlRhJZlv91VL98BwbtcL4yXTSEhOc3voGZoYdcDy1ibI
n5JWd+iDpIVuIw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org