Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3134312e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3134312e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          DT2UGxkHU3ldWekX9SShQOA5CK4Z93ezHGGu2qNR9lw=
Subject key identifier:   C9:7A:F1:28:D6:87:69:EE:1E:0A:E1:CC:80:AB:0E:E8:D5:E6:5F:CA
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       62D14458C37073F08CFBA39EDFFBC20EAC98715A
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3134312e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:44 +0000
ROA not before:           Wed 29 Sep 2021 23:55:44 +0000
ROA not after:            Fri 30 Sep 2022 00:00:44 +0000
asID:                     17451
IP address blocks:        182.253.141.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:d1:44:58:c3:70:73:f0:8c:fb:a3:9e:df:fb:c2:0e:ac:98:71:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:44 2021 GMT
            Not After : Sep 30 00:00:44 2022 GMT
        Subject: CN=3082010A0282010100B167819576746A5236128DADF680562A2C135E9C5246F464F7880BF9C998A0FD1C683480BB35422E2848A8C04CB090BF837B72614CA739694680EB85AF999DF35407CE5E140A6F7C32AD1F7029C334CFADFA984E0DC77C95C92A005957EE67747CD401F373703419006F21C217CF12DAFAFB2E5F2320BDB5A53534C9553442CBA6B3508CC450F12E7FA6973AB23E2A4BC01A914A7CBB70468818BE0B0BE254C082DDB5F679AD5BB8B132C663EA0F52EBC9A5971A856FFBAB457E4D0073F847764D4E84CFAC7DBB12AFFC6D02C36EC3673A69853051046FD7987AF2C55D49A243EB3CFC5F9FBD905F7EAAE3220193999756FB9E670C1EEF9703D595E5C711A25F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:67:81:95:76:74:6a:52:36:12:8d:ad:f6:80:
                    56:2a:2c:13:5e:9c:52:46:f4:64:f7:88:0b:f9:c9:
                    98:a0:fd:1c:68:34:80:bb:35:42:2e:28:48:a8:c0:
                    4c:b0:90:bf:83:7b:72:61:4c:a7:39:69:46:80:eb:
                    85:af:99:9d:f3:54:07:ce:5e:14:0a:6f:7c:32:ad:
                    1f:70:29:c3:34:cf:ad:fa:98:4e:0d:c7:7c:95:c9:
                    2a:00:59:57:ee:67:74:7c:d4:01:f3:73:70:34:19:
                    00:6f:21:c2:17:cf:12:da:fa:fb:2e:5f:23:20:bd:
                    b5:a5:35:34:c9:55:34:42:cb:a6:b3:50:8c:c4:50:
                    f1:2e:7f:a6:97:3a:b2:3e:2a:4b:c0:1a:91:4a:7c:
                    bb:70:46:88:18:be:0b:0b:e2:54:c0:82:dd:b5:f6:
                    79:ad:5b:b8:b1:32:c6:63:ea:0f:52:eb:c9:a5:97:
                    1a:85:6f:fb:ab:45:7e:4d:00:73:f8:47:76:4d:4e:
                    84:cf:ac:7d:bb:12:af:fc:6d:02:c3:6e:c3:67:3a:
                    69:85:30:51:04:6f:d7:98:7a:f2:c5:5d:49:a2:43:
                    eb:3c:fc:5f:9f:bd:90:5f:7e:aa:e3:22:01:93:99:
                    97:56:fb:9e:67:0c:1e:ef:97:03:d5:95:e5:c7:11:
                    a2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:7A:F1:28:D6:87:69:EE:1E:0A:E1:CC:80:AB:0E:E8:D5:E6:5F:CA
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3134312e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:72:c9:04:e0:96:a9:66:e9:e1:41:38:1c:a0:a2:6f:42:03:
         24:84:fa:a0:5a:7f:37:0c:f7:55:f6:36:31:f6:b1:0e:83:1f:
         f0:1f:3a:7f:fd:af:35:1e:49:76:af:38:85:84:0e:5b:f9:48:
         af:7a:96:74:5d:cf:f3:d5:c0:5f:51:20:83:4c:17:77:ed:58:
         ad:d2:54:d1:be:63:41:f6:ed:3a:1d:6f:05:7f:0e:aa:69:ba:
         3c:48:e0:97:66:b4:df:15:9f:ab:55:52:2b:88:cc:4a:a4:77:
         22:07:77:93:b0:f4:ac:4d:7e:bd:71:ed:4a:4a:df:ea:ac:de:
         56:86:5a:ae:f3:3b:a2:51:7f:8a:0d:ea:c8:f0:ca:d8:95:34:
         4b:06:c0:80:d9:a4:09:0d:6e:3f:d7:45:c2:f2:48:89:5d:99:
         19:a3:c4:69:86:26:55:c8:4b:f7:e6:f9:9c:5f:de:af:6f:ac:
         d8:86:e7:75:13:a3:29:38:03:1b:9d:ea:14:e3:8d:ee:f8:58:
         66:8e:1a:69:93:2a:e9:8c:6b:c1:24:b6:67:0a:73:09:a5:d1:
         9e:f1:62:a8:2c:7b:65:91:37:3a:ca:4b:16:d2:65:f9:01:ef:
         e3:e2:eb:51:79:ce:f6:af:87:c0:90:8e:a3:67:c9:1e:cc:80:
         a5:3b:7f:43
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUYtFEWMNwc/CM+6Oe3/vCDqyYcVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDRaFw0yMjA5MzAwMDAwNDRaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjE2NzgxOTU3Njc0NkE1MjM2
MTI4REFERjY4MDU2MkEyQzEzNUU5QzUyNDZGNDY0Rjc4ODBCRjlDOTk4QTBGRDFD
NjgzNDgwQkIzNTQyMkUyODQ4QThDMDRDQjA5MEJGODM3QjcyNjE0Q0E3Mzk2OTQ2
ODBFQjg1QUY5OTlERjM1NDA3Q0U1RTE0MEE2RjdDMzJBRDFGNzAyOUMzMzRDRkFE
RkE5ODRFMERDNzdDOTVDOTJBMDA1OTU3RUU2Nzc0N0NENDAxRjM3MzcwMzQxOTAw
NkYyMUMyMTdDRjEyREFGQUZCMkU1RjIzMjBCREI1QTUzNTM0Qzk1NTM0NDJDQkE2
QjM1MDhDQzQ1MEYxMkU3RkE2OTczQUIyM0UyQTRCQzAxQTkxNEE3Q0JCNzA0Njg4
MThCRTBCMEJFMjU0QzA4MkREQjVGNjc5QUQ1QkI4QjEzMkM2NjNFQTBGNTJFQkM5
QTU5NzFBODU2RkZCQUI0NTdFNEQwMDczRjg0Nzc2NEQ0RTg0Q0ZBQzdEQkIxMkFG
RkM2RDAyQzM2RUMzNjczQTY5ODUzMDUxMDQ2RkQ3OTg3QUYyQzU1RDQ5QTI0M0VC
M0NGQzVGOUZCRDkwNUY3RUFBRTMyMjAxOTM5OTk3NTZGQjlFNjcwQzFFRUY5NzAz
RDU5NUU1QzcxMUEyNUYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsWeBlXZ0alI2Eo2t9oBWKiwTXpxSRvRk94gL+cmYoP0caDSAuzVC
LihIqMBMsJC/g3tyYUynOWlGgOuFr5md81QHzl4UCm98Mq0fcCnDNM+t+phODcd8
lckqAFlX7md0fNQB83NwNBkAbyHCF88S2vr7Ll8jIL21pTU0yVU0Qsums1CMxFDx
Ln+mlzqyPipLwBqRSny7cEaIGL4LC+JUwILdtfZ5rVu4sTLGY+oPUuvJpZcahW/7
q0V+TQBz+Ed2TU6Ez6x9uxKv/G0Cw27DZzpphTBRBG/XmHryxV1JokPrPPxfn72Q
X36q4yIBk5mXVvueZwwe75cD1ZXlxxGiXwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FMl68SjWh2nuHgrhzICrDujV5l/KMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzNDMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9jTANBgkqhkiG9w0BAQsFAAOCAQEAMnLJBOCW
qWbp4UE4HKCib0IDJIT6oFp/Nwz3VfY2MfaxDoMf8B86f/2vNR5Jdq84hYQOW/lI
r3qWdF3P89XAX1Egg0wXd+1YrdJU0b5jQfbtOh1vBX8Oqmm6PEjgl2a03xWfq1VS
K4jMSqR3Igd3k7D0rE1+vXHtSkrf6qzeVoZarvM7olF/ig3qyPDK2JU0SwbAgNmk
CQ1uP9dFwvJIiV2ZGaPEaYYmVchL9+b5nF/er2+s2IbndROjKTgDG53qFOON7vhY
Zo4aaZMq6YxrwSS2ZwpzCaXRnvFiqCx7ZZE3OspLFtJl+QHv4+LrUXnO9q+HwJCO
o2fJHsyApTt/Qw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org