Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3133372e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3133372e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          ppHoKvy3W6ZnJz8aJRcgK+Xb2nZxjB4eEpPc6ZlC6vk=
Subject key identifier:   26:94:5A:52:6E:DD:E9:C5:71:6E:04:B0:F4:8C:79:09:5A:A2:DE:4C
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       01BDF6DCB30277D4C28AC4837E853A729A955088
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3133372e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:13 +0000
ROA not before:           Wed 29 Sep 2021 23:55:13 +0000
ROA not after:            Fri 30 Sep 2022 00:00:13 +0000
asID:                     17451
IP address blocks:        182.253.137.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:bd:f6:dc:b3:02:77:d4:c2:8a:c4:83:7e:85:3a:72:9a:95:50:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:13 2021 GMT
            Not After : Sep 30 00:00:13 2022 GMT
        Subject: CN=3082010A0282010100EA9D233FC466EE58770B9946F65EF8B5B649654B3858DDEEC6F6025ADE8E898C1BFB3B15CCC9AA241D30FAD736BF7954371EFE42E3640663E122B2BA7AB2174007C5542E6FA00C11C556F6DCF8EF5D1CB4AAD364A88EB19A965DA793C5EB9CCF8044C09C0ACB09939576B880B295819D817C1DDB4350E0836586877AA534C8EDB1FE345DA7D5E9A9CADE6CDF304A440943F1C78AD6560715E26D3818FA7CA774EA8E79AA681494A98F12901D9061E1D379F1EBABE462C91DEF04F26AC0D0B1FDD593726FD2B1782ED4AD54457B1B386C078712BC42F2E4F684F26935FE283932F7AAD146BE8B2E4D2CCD40AEE2017D753A147EA097B452D6D1B3538FA02310610203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:9d:23:3f:c4:66:ee:58:77:0b:99:46:f6:5e:
                    f8:b5:b6:49:65:4b:38:58:dd:ee:c6:f6:02:5a:de:
                    8e:89:8c:1b:fb:3b:15:cc:c9:aa:24:1d:30:fa:d7:
                    36:bf:79:54:37:1e:fe:42:e3:64:06:63:e1:22:b2:
                    ba:7a:b2:17:40:07:c5:54:2e:6f:a0:0c:11:c5:56:
                    f6:dc:f8:ef:5d:1c:b4:aa:d3:64:a8:8e:b1:9a:96:
                    5d:a7:93:c5:eb:9c:cf:80:44:c0:9c:0a:cb:09:93:
                    95:76:b8:80:b2:95:81:9d:81:7c:1d:db:43:50:e0:
                    83:65:86:87:7a:a5:34:c8:ed:b1:fe:34:5d:a7:d5:
                    e9:a9:ca:de:6c:df:30:4a:44:09:43:f1:c7:8a:d6:
                    56:07:15:e2:6d:38:18:fa:7c:a7:74:ea:8e:79:aa:
                    68:14:94:a9:8f:12:90:1d:90:61:e1:d3:79:f1:eb:
                    ab:e4:62:c9:1d:ef:04:f2:6a:c0:d0:b1:fd:d5:93:
                    72:6f:d2:b1:78:2e:d4:ad:54:45:7b:1b:38:6c:07:
                    87:12:bc:42:f2:e4:f6:84:f2:69:35:fe:28:39:32:
                    f7:aa:d1:46:be:8b:2e:4d:2c:cd:40:ae:e2:01:7d:
                    75:3a:14:7e:a0:97:b4:52:d6:d1:b3:53:8f:a0:23:
                    10:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:94:5A:52:6E:DD:E9:C5:71:6E:04:B0:F4:8C:79:09:5A:A2:DE:4C
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3133372e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:6f:c8:34:79:27:26:ae:52:5b:3b:22:18:82:72:2e:c8:af:
         b0:74:c5:b0:08:9e:d2:42:ab:6a:05:eb:67:0e:24:5a:9c:4d:
         55:87:3e:70:a1:ff:1e:17:d6:ce:73:a2:5e:38:d6:e7:b4:60:
         7c:63:2d:68:a5:13:eb:3b:5e:24:9a:35:47:f9:8e:ec:eb:f1:
         94:de:0a:05:a9:a2:7c:42:d0:86:45:da:89:3d:95:a8:ff:a3:
         f0:db:8a:c1:ec:11:d7:5b:28:48:e3:94:af:40:95:7c:6f:ec:
         ff:2d:69:44:a8:75:14:90:1b:50:66:7c:eb:95:ad:0e:29:c9:
         75:bb:4c:14:e5:84:c5:cd:3d:d8:ab:62:37:d8:f0:80:06:10:
         26:a9:f4:a4:81:0b:4a:07:46:c9:20:13:ea:10:e4:8e:54:16:
         01:d7:78:8e:d3:3b:49:e6:d7:22:05:96:6b:48:97:81:57:72:
         b5:6a:83:08:4e:8e:8f:d5:92:4f:d6:64:5d:5c:56:46:83:a4:
         6e:52:ee:78:5d:ec:dd:f9:25:d5:00:d6:9a:cc:fe:e0:fd:40:
         28:c9:16:39:7b:65:e0:86:d9:f4:b6:66:96:cd:a6:5d:a5:7c:
         94:fc:18:c1:e5:df:55:be:38:bf:7c:f2:09:87:b8:dd:bd:63:
         6e:a9:2f:c3
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUAb323LMCd9TCisSDfoU6cpqVUIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MTNaFw0yMjA5MzAwMDAwMTNaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRUE5RDIzM0ZDNDY2RUU1ODc3
MEI5OTQ2RjY1RUY4QjVCNjQ5NjU0QjM4NThEREVFQzZGNjAyNUFERThFODk4QzFC
RkIzQjE1Q0NDOUFBMjQxRDMwRkFENzM2QkY3OTU0MzcxRUZFNDJFMzY0MDY2M0Ux
MjJCMkJBN0FCMjE3NDAwN0M1NTQyRTZGQTAwQzExQzU1NkY2RENGOEVGNUQxQ0I0
QUFEMzY0QTg4RUIxOUE5NjVEQTc5M0M1RUI5Q0NGODA0NEMwOUMwQUNCMDk5Mzk1
NzZCODgwQjI5NTgxOUQ4MTdDMUREQjQzNTBFMDgzNjU4Njg3N0FBNTM0QzhFREIx
RkUzNDVEQTdENUU5QTlDQURFNkNERjMwNEE0NDA5NDNGMUM3OEFENjU2MDcxNUUy
NkQzODE4RkE3Q0E3NzRFQThFNzlBQTY4MTQ5NEE5OEYxMjkwMUQ5MDYxRTFEMzc5
RjFFQkFCRTQ2MkM5MURFRjA0RjI2QUMwRDBCMUZERDU5MzcyNkZEMkIxNzgyRUQ0
QUQ1NDQ1N0IxQjM4NkMwNzg3MTJCQzQyRjJFNEY2ODRGMjY5MzVGRTI4MzkzMkY3
QUFEMTQ2QkU4QjJFNEQyQ0NENDBBRUUyMDE3RDc1M0ExNDdFQTA5N0I0NTJENkQx
QjM1MzhGQTAyMzEwNjEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA6p0jP8Rm7lh3C5lG9l74tbZJZUs4WN3uxvYCWt6OiYwb+zsVzMmq
JB0w+tc2v3lUNx7+QuNkBmPhIrK6erIXQAfFVC5voAwRxVb23PjvXRy0qtNkqI6x
mpZdp5PF65zPgETAnArLCZOVdriAspWBnYF8HdtDUOCDZYaHeqU0yO2x/jRdp9Xp
qcrebN8wSkQJQ/HHitZWBxXibTgY+nyndOqOeapoFJSpjxKQHZBh4dN58eur5GLJ
He8E8mrA0LH91ZNyb9KxeC7UrVRFexs4bAeHErxC8uT2hPJpNf4oOTL3qtFGvosu
TSzNQK7iAX11OhR+oJe0UtbRs1OPoCMQYQIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FCaUWlJu3enFcW4EsPSMeQlaot5MMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzMzM3MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9iTANBgkqhkiG9w0BAQsFAAOCAQEAZm/INHkn
Jq5SWzsiGIJyLsivsHTFsAie0kKragXrZw4kWpxNVYc+cKH/HhfWznOiXjjW57Rg
fGMtaKUT6zteJJo1R/mO7OvxlN4KBamifELQhkXaiT2VqP+j8NuKwewR11soSOOU
r0CVfG/s/y1pRKh1FJAbUGZ865WtDinJdbtMFOWExc092KtiN9jwgAYQJqn0pIEL
SgdGySAT6hDkjlQWAdd4jtM7SebXIgWWa0iXgVdytWqDCE6Oj9WST9ZkXVxWRoOk
blLueF3s3fkl1QDWmsz+4P1AKMkWOXtl4IbZ9LZmls2mXaV8lPwYweXfVb44v3zy
CYe43b1jbqkvww==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org