Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3135372e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3135372e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          06OWOSJGyghxb0972rj+0zxrHYdt531GgV3TYzVrU3Q=
Subject key identifier:   DE:13:95:39:1A:81:D3:EB:D9:02:27:AD:50:38:A4:2A:6C:BB:E5:5D
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       15336399CF28DAB4B28678E6A31AFAAE30BA0443
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3135372e302f32342d3234203d3e203137343531.roa
Signing time:             Wed 20 Oct 2021 18:00:02 +0000
ROA not before:           Wed 20 Oct 2021 17:55:02 +0000
ROA not after:            Thu 20 Oct 2022 18:00:02 +0000
asID:                     17451
IP address blocks:        182.253.157.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:33:63:99:cf:28:da:b4:b2:86:78:e6:a3:1a:fa:ae:30:ba:04:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Oct 20 17:55:02 2021 GMT
            Not After : Oct 20 18:00:02 2022 GMT
        Subject: CN=3082010A0282010100C34C1E86850431435BF8C034A5CC62856096FD12E812FF69E790AAA41AF5B36E335E5B04D3117EC274F9B3AFEB1CC4AC48A01F08AD854018DA5BDA46996AD43B5EE37A2F7BBED872960946C7A93A74CBDB9E45A01171B7AEB1F90850C8A8FB35E824460C3AA67658AF6D6ABB7419B296E9E6BA83E69A40440D49A79E90B1E548ABD573EBC43E3770745831671CE9BF230353969A2B5C0AC1B4B02C656AED06EA784AB705EA89861955C5CED72E9F8D30EEEFE685AAF2A86C61F07293A045A2AC237DF44A10B9C61807B49330D7DA04F5EC2698AE284FA4D6F06CEDDAA9DE635F6748828A7FE1C6EF62DAA90892410E9030357E7FD4BE95C6200872DF47B578930203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:4c:1e:86:85:04:31:43:5b:f8:c0:34:a5:cc:
                    62:85:60:96:fd:12:e8:12:ff:69:e7:90:aa:a4:1a:
                    f5:b3:6e:33:5e:5b:04:d3:11:7e:c2:74:f9:b3:af:
                    eb:1c:c4:ac:48:a0:1f:08:ad:85:40:18:da:5b:da:
                    46:99:6a:d4:3b:5e:e3:7a:2f:7b:be:d8:72:96:09:
                    46:c7:a9:3a:74:cb:db:9e:45:a0:11:71:b7:ae:b1:
                    f9:08:50:c8:a8:fb:35:e8:24:46:0c:3a:a6:76:58:
                    af:6d:6a:bb:74:19:b2:96:e9:e6:ba:83:e6:9a:40:
                    44:0d:49:a7:9e:90:b1:e5:48:ab:d5:73:eb:c4:3e:
                    37:70:74:58:31:67:1c:e9:bf:23:03:53:96:9a:2b:
                    5c:0a:c1:b4:b0:2c:65:6a:ed:06:ea:78:4a:b7:05:
                    ea:89:86:19:55:c5:ce:d7:2e:9f:8d:30:ee:ef:e6:
                    85:aa:f2:a8:6c:61:f0:72:93:a0:45:a2:ac:23:7d:
                    f4:4a:10:b9:c6:18:07:b4:93:30:d7:da:04:f5:ec:
                    26:98:ae:28:4f:a4:d6:f0:6c:ed:da:a9:de:63:5f:
                    67:48:82:8a:7f:e1:c6:ef:62:da:a9:08:92:41:0e:
                    90:30:35:7e:7f:d4:be:95:c6:20:08:72:df:47:b5:
                    78:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:13:95:39:1A:81:D3:EB:D9:02:27:AD:50:38:A4:2A:6C:BB:E5:5D
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3135372e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:d0:8e:a2:d2:71:58:f9:06:ba:a3:45:6c:3f:24:fc:ec:d5:
         c5:4d:1b:de:c9:69:b3:31:2b:31:b4:56:93:50:62:28:39:02:
         f9:04:a2:12:4d:fc:9d:4d:f8:c6:17:8f:66:e1:4f:0d:c8:2a:
         02:6f:3f:b2:73:ed:0b:08:58:16:ac:75:53:32:10:90:a2:3d:
         7a:1c:07:d9:e4:97:43:85:6e:30:dc:bc:b1:43:51:7c:69:f9:
         cf:b2:47:ff:79:aa:bc:de:54:1b:6e:e0:eb:3c:ec:c7:be:49:
         d2:9f:83:22:7b:3e:97:4b:ca:f4:66:cf:f8:0f:99:25:87:1b:
         92:e0:c7:15:85:93:ff:d5:d5:dc:1c:7d:3d:c4:65:87:fb:ff:
         da:4e:49:86:78:bc:01:02:98:bb:58:5f:55:be:9e:d9:41:1a:
         e2:d6:04:45:25:78:ca:1b:5b:0f:4e:36:7f:ad:59:d8:8e:81:
         2d:40:6f:be:f9:44:b4:b0:ce:b8:88:d1:76:21:8b:40:fc:51:
         11:c9:46:6b:4d:37:ec:21:d2:25:dc:82:1d:bd:55:ab:28:42:
         bc:ae:7b:b2:01:17:51:9e:0f:2c:ba:fd:82:4b:fe:6a:f3:e7:
         c0:45:4f:f7:e1:94:5f:d0:a5:ed:7d:5f:a9:9d:20:62:4e:68:
         10:d0:fc:45
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUFTNjmc8o2rSyhnjmoxr6rjC6BEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTEwMjAxNzU1MDJaFw0yMjEwMjAxODAwMDJaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzM0QzFFODY4NTA0MzE0MzVC
RjhDMDM0QTVDQzYyODU2MDk2RkQxMkU4MTJGRjY5RTc5MEFBQTQxQUY1QjM2RTMz
NUU1QjA0RDMxMTdFQzI3NEY5QjNBRkVCMUNDNEFDNDhBMDFGMDhBRDg1NDAxOERB
NUJEQTQ2OTk2QUQ0M0I1RUUzN0EyRjdCQkVEODcyOTYwOTQ2QzdBOTNBNzRDQkRC
OUU0NUEwMTE3MUI3QUVCMUY5MDg1MEM4QThGQjM1RTgyNDQ2MEMzQUE2NzY1OEFG
NkQ2QUJCNzQxOUIyOTZFOUU2QkE4M0U2OUE0MDQ0MEQ0OUE3OUU5MEIxRTU0OEFC
RDU3M0VCQzQzRTM3NzA3NDU4MzE2NzFDRTlCRjIzMDM1Mzk2OUEyQjVDMEFDMUI0
QjAyQzY1NkFFRDA2RUE3ODRBQjcwNUVBODk4NjE5NTVDNUNFRDcyRTlGOEQzMEVF
RUZFNjg1QUFGMkE4NkM2MUYwNzI5M0EwNDVBMkFDMjM3REY0NEExMEI5QzYxODA3
QjQ5MzMwRDdEQTA0RjVFQzI2OThBRTI4NEZBNEQ2RjA2Q0VEREFBOURFNjM1RjY3
NDg4MjhBN0ZFMUM2RUY2MkRBQTkwODkyNDEwRTkwMzAzNTdFN0ZENEJFOTVDNjIw
MDg3MkRGNDdCNTc4OTMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAw0wehoUEMUNb+MA0pcxihWCW/RLoEv9p55CqpBr1s24zXlsE0xF+
wnT5s6/rHMSsSKAfCK2FQBjaW9pGmWrUO17jei97vthylglGx6k6dMvbnkWgEXG3
rrH5CFDIqPs16CRGDDqmdlivbWq7dBmylunmuoPmmkBEDUmnnpCx5Uir1XPrxD43
cHRYMWcc6b8jA1OWmitcCsG0sCxlau0G6nhKtwXqiYYZVcXO1y6fjTDu7+aFqvKo
bGHwcpOgRaKsI330ShC5xhgHtJMw19oE9ewmmK4oT6TW8Gzt2qneY19nSIKKf+HG
72LaqQiSQQ6QMDV+f9S+lcYgCHLfR7V4kwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FN4TlTkagdPr2QInrVA4pCpsu+VdMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzNTM3MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9nTANBgkqhkiG9w0BAQsFAAOCAQEAaNCOotJx
WPkGuqNFbD8k/OzVxU0b3slpszErMbRWk1BiKDkC+QSiEk38nU34xhePZuFPDcgq
Am8/snPtCwhYFqx1UzIQkKI9ehwH2eSXQ4VuMNy8sUNRfGn5z7JH/3mqvN5UG27g
6zzsx75J0p+DIns+l0vK9GbP+A+ZJYcbkuDHFYWT/9XV3Bx9PcRlh/v/2k5Jhni8
AQKYu1hfVb6e2UEa4tYERSV4yhtbD042f61Z2I6BLUBvvvlEtLDOuIjRdiGLQPxR
EclGa0037CHSJdyCHb1VqyhCvK57sgEXUZ4PLLr9gkv+avPnwEVP9+GUX9Cl7X1f
qZ0gYk5oEND8RQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org