Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3134362e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3134362e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          0XgaJ/1aG8Iqz3EfZFt/FiD8ycX+8eJOhfp1T2SAIhk=
Subject key identifier:   70:D2:43:1F:C8:E2:F4:5A:E9:FD:B1:2A:20:9B:3E:B7:CD:26:E0:DF
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       17C83DBE1A4CF31162153A22ABF75301D19A020D
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3134362e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:47 +0000
ROA not before:           Wed 29 Sep 2021 23:55:47 +0000
ROA not after:            Fri 30 Sep 2022 00:00:47 +0000
asID:                     17451
IP address blocks:        182.253.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:c8:3d:be:1a:4c:f3:11:62:15:3a:22:ab:f7:53:01:d1:9a:02:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:47 2021 GMT
            Not After : Sep 30 00:00:47 2022 GMT
        Subject: CN=3082010A0282010100E60E83944B0A5278754D0BD505EEDEC4247264AB83F3E288A027B64D408670373A7A9A8C8A7EBD1BCBE3DDCCD765369594A665BB5BCBF5528A53DDCE296A81D3D6081B831142448FFB186FF225B10BCFDF6F681AB915064D3C31415459C262AFB923C749F50C76BA06BA48C8595D073583728E74EF6E8B846FDFAA40A3085669D1264DC0376627CBAD51387F617DFE3184CC46DC9E8C917B4609DD968C8F16EBE12FDBC462C91134F2B2229E95B413282ACED6E7093446EB66B0365957051F9A0BF2C5F243A55751921718B2953F1F8D309CE3935FD1F02008B3FEFA5867A573478289DE736E3DE7AAE7E0CA9AD776A8C72475A9C7D5DAAA977462AE923FE3C90203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:0e:83:94:4b:0a:52:78:75:4d:0b:d5:05:ee:
                    de:c4:24:72:64:ab:83:f3:e2:88:a0:27:b6:4d:40:
                    86:70:37:3a:7a:9a:8c:8a:7e:bd:1b:cb:e3:dd:cc:
                    d7:65:36:95:94:a6:65:bb:5b:cb:f5:52:8a:53:dd:
                    ce:29:6a:81:d3:d6:08:1b:83:11:42:44:8f:fb:18:
                    6f:f2:25:b1:0b:cf:df:6f:68:1a:b9:15:06:4d:3c:
                    31:41:54:59:c2:62:af:b9:23:c7:49:f5:0c:76:ba:
                    06:ba:48:c8:59:5d:07:35:83:72:8e:74:ef:6e:8b:
                    84:6f:df:aa:40:a3:08:56:69:d1:26:4d:c0:37:66:
                    27:cb:ad:51:38:7f:61:7d:fe:31:84:cc:46:dc:9e:
                    8c:91:7b:46:09:dd:96:8c:8f:16:eb:e1:2f:db:c4:
                    62:c9:11:34:f2:b2:22:9e:95:b4:13:28:2a:ce:d6:
                    e7:09:34:46:eb:66:b0:36:59:57:05:1f:9a:0b:f2:
                    c5:f2:43:a5:57:51:92:17:18:b2:95:3f:1f:8d:30:
                    9c:e3:93:5f:d1:f0:20:08:b3:fe:fa:58:67:a5:73:
                    47:82:89:de:73:6e:3d:e7:aa:e7:e0:ca:9a:d7:76:
                    a8:c7:24:75:a9:c7:d5:da:aa:97:74:62:ae:92:3f:
                    e3:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:D2:43:1F:C8:E2:F4:5A:E9:FD:B1:2A:20:9B:3E:B7:CD:26:E0:DF
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3134362e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:cd:13:66:d8:d8:b1:66:22:fd:7f:55:c3:03:7a:cc:81:84:
         2e:14:1e:ce:9c:2f:6e:fa:d6:02:e4:fb:aa:bb:43:12:f6:81:
         48:97:3b:ac:0e:c1:2a:83:33:4f:6f:99:54:fa:43:5b:b7:9e:
         13:eb:b6:35:be:e5:0e:60:f7:e9:9e:3d:0a:1f:76:ca:30:61:
         e1:8c:bd:18:11:75:1e:b2:5e:ea:13:48:a0:5a:be:e1:e4:b7:
         96:58:c5:6b:a4:95:a7:7b:60:d8:23:d1:4a:c4:33:89:c4:44:
         fe:9a:ac:dd:d4:b3:1b:c3:af:5c:b5:50:e7:95:ca:2f:ff:a3:
         a9:37:f9:cf:66:50:86:1c:49:33:1a:c9:23:88:25:1c:06:6a:
         63:07:0d:9f:d3:3e:15:56:1c:cb:5c:fb:cb:d4:95:c0:24:98:
         62:2d:2e:ee:ce:8a:27:7e:20:2d:c3:14:26:50:57:b1:74:2a:
         66:e6:7b:a1:e2:54:8c:b6:f1:65:a1:b1:fa:ab:63:d1:de:f1:
         6e:1c:25:f4:aa:1d:1d:0e:c3:06:90:8e:cc:83:9e:24:47:b0:
         1e:a1:40:b6:da:18:cd:c5:24:0a:f0:38:20:bc:56:ba:77:6b:
         06:31:da:75:51:18:44:0c:d5:e0:81:13:ba:c8:f6:6c:aa:d5:
         95:18:b8:56
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUF8g9vhpM8xFiFToiq/dTAdGaAg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDdaFw0yMjA5MzAwMDAwNDdaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRTYwRTgzOTQ0QjBBNTI3ODc1
NEQwQkQ1MDVFRURFQzQyNDcyNjRBQjgzRjNFMjg4QTAyN0I2NEQ0MDg2NzAzNzNB
N0E5QThDOEE3RUJEMUJDQkUzRERDQ0Q3NjUzNjk1OTRBNjY1QkI1QkNCRjU1MjhB
NTNERENFMjk2QTgxRDNENjA4MUI4MzExNDI0NDhGRkIxODZGRjIyNUIxMEJDRkRG
NkY2ODFBQjkxNTA2NEQzQzMxNDE1NDU5QzI2MkFGQjkyM0M3NDlGNTBDNzZCQTA2
QkE0OEM4NTk1RDA3MzU4MzcyOEU3NEVGNkU4Qjg0NkZERkFBNDBBMzA4NTY2OUQx
MjY0REMwMzc2NjI3Q0JBRDUxMzg3RjYxN0RGRTMxODRDQzQ2REM5RThDOTE3QjQ2
MDlERDk2OEM4RjE2RUJFMTJGREJDNDYyQzkxMTM0RjJCMjIyOUU5NUI0MTMyODJB
Q0VENkU3MDkzNDQ2RUI2NkIwMzY1OTU3MDUxRjlBMEJGMkM1RjI0M0E1NTc1MTky
MTcxOEIyOTUzRjFGOEQzMDlDRTM5MzVGRDFGMDIwMDhCM0ZFRkE1ODY3QTU3MzQ3
ODI4OURFNzM2RTNERTdBQUU3RTBDQTlBRDc3NkE4QzcyNDc1QTlDN0Q1REFBQTk3
NzQ2MkFFOTIzRkUzQzkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA5g6DlEsKUnh1TQvVBe7exCRyZKuD8+KIoCe2TUCGcDc6epqMin69
G8vj3czXZTaVlKZlu1vL9VKKU93OKWqB09YIG4MRQkSP+xhv8iWxC8/fb2gauRUG
TTwxQVRZwmKvuSPHSfUMdroGukjIWV0HNYNyjnTvbouEb9+qQKMIVmnRJk3AN2Yn
y61ROH9hff4xhMxG3J6MkXtGCd2WjI8W6+Ev28RiyRE08rIinpW0EygqztbnCTRG
62awNllXBR+aC/LF8kOlV1GSFxiylT8fjTCc45Nf0fAgCLP++lhnpXNHgonec249
56rn4Mqa13aoxyR1qcfV2qqXdGKukj/jyQIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FHDSQx/I4vRa6f2xKiCbPrfNJuDfMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzNDM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9kjANBgkqhkiG9w0BAQsFAAOCAQEAV80TZtjY
sWYi/X9VwwN6zIGELhQezpwvbvrWAuT7qrtDEvaBSJc7rA7BKoMzT2+ZVPpDW7ee
E+u2Nb7lDmD36Z49Ch92yjBh4Yy9GBF1HrJe6hNIoFq+4eS3lljFa6SVp3tg2CPR
SsQzicRE/pqs3dSzG8OvXLVQ55XKL/+jqTf5z2ZQhhxJMxrJI4glHAZqYwcNn9M+
FVYcy1z7y9SVwCSYYi0u7s6KJ34gLcMUJlBXsXQqZuZ7oeJUjLbxZaGx+qtj0d7x
bhwl9KodHQ7DBpCOzIOeJEewHqFAttoYzcUkCvA4ILxWundrBjHadVEYRAzV4IET
usj2bKrVlRi4Vg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org