Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3139362e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3139362e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          XhckVXHm/h0X7Z2Xt6YjIi1xa8WukDbFU/aiXxe4gZ0=
Subject key identifier:   C1:3D:56:85:4B:0F:15:BD:1A:4F:1F:C0:75:1C:ED:55:FA:DF:EE:00
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       3A160429E60FB735A8C770AD6457E9B144452545
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3139362e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:34 +0000
ROA not before:           Wed 29 Sep 2021 23:55:34 +0000
ROA not after:            Fri 30 Sep 2022 00:00:34 +0000
asID:                     17451
IP address blocks:        182.253.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:16:04:29:e6:0f:b7:35:a8:c7:70:ad:64:57:e9:b1:44:45:25:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:34 2021 GMT
            Not After : Sep 30 00:00:34 2022 GMT
        Subject: CN=3082010A0282010100D2323FE4BEACEA878D532C560574C3AD72394D3E523CB2B558A316FE04F42F25715CAB604FEEE7AA2CE49058BEFA4DA5C14AE0F7B6307E780D27A041832BBAA1E477285D742214452359847A14303BF9BF9A02E258E54D72B70F469077ED2E385A87A72A93CBE43C9E37C07236E30F1E02CA76482001DDC95453B021930062918D87C58EF2210701CC96D073BE1662946133D066901E83C51CDD89F8C0B124C8E389E654204A281C0D7AE0EA27A0D0B80153CFB4CA74795B37655F16969B08093DC15B35DA5BDC8BED2432B478C22EA37DFDB1312CF0ACD1AFDB7A7A6DAD5D036AB50CE5E0295A8D2D1247C23C8435FB862634149329FDF85183C83DB980DF130203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:32:3f:e4:be:ac:ea:87:8d:53:2c:56:05:74:
                    c3:ad:72:39:4d:3e:52:3c:b2:b5:58:a3:16:fe:04:
                    f4:2f:25:71:5c:ab:60:4f:ee:e7:aa:2c:e4:90:58:
                    be:fa:4d:a5:c1:4a:e0:f7:b6:30:7e:78:0d:27:a0:
                    41:83:2b:ba:a1:e4:77:28:5d:74:22:14:45:23:59:
                    84:7a:14:30:3b:f9:bf:9a:02:e2:58:e5:4d:72:b7:
                    0f:46:90:77:ed:2e:38:5a:87:a7:2a:93:cb:e4:3c:
                    9e:37:c0:72:36:e3:0f:1e:02:ca:76:48:20:01:dd:
                    c9:54:53:b0:21:93:00:62:91:8d:87:c5:8e:f2:21:
                    07:01:cc:96:d0:73:be:16:62:94:61:33:d0:66:90:
                    1e:83:c5:1c:dd:89:f8:c0:b1:24:c8:e3:89:e6:54:
                    20:4a:28:1c:0d:7a:e0:ea:27:a0:d0:b8:01:53:cf:
                    b4:ca:74:79:5b:37:65:5f:16:96:9b:08:09:3d:c1:
                    5b:35:da:5b:dc:8b:ed:24:32:b4:78:c2:2e:a3:7d:
                    fd:b1:31:2c:f0:ac:d1:af:db:7a:7a:6d:ad:5d:03:
                    6a:b5:0c:e5:e0:29:5a:8d:2d:12:47:c2:3c:84:35:
                    fb:86:26:34:14:93:29:fd:f8:51:83:c8:3d:b9:80:
                    df:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:3D:56:85:4B:0F:15:BD:1A:4F:1F:C0:75:1C:ED:55:FA:DF:EE:00
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3139362e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:fa:49:78:79:7d:d0:1f:53:f6:b2:51:f0:fb:83:5c:ed:9b:
         a5:f4:aa:d1:0d:d6:68:83:6a:f6:c9:04:fd:4c:4d:ba:38:d6:
         3c:c6:8a:7d:1c:51:64:cd:51:b3:09:60:2e:93:7d:c8:9e:1c:
         5f:5c:cc:a6:1d:31:2e:e6:16:5c:7e:42:2f:92:d5:25:c2:3f:
         61:ed:05:cb:7a:da:0f:bc:78:07:de:3d:2f:9a:1e:69:44:dd:
         ca:54:d8:e4:33:06:c4:a5:3f:5b:3b:d9:62:24:8e:67:50:46:
         7a:d3:38:56:5e:de:61:ef:64:b0:86:c0:a5:30:22:0f:3e:c9:
         9c:cf:0d:ed:b8:c0:33:45:bb:62:42:01:4e:ef:95:0a:2d:78:
         fd:0e:d2:0b:2e:88:63:5c:a7:11:56:34:5b:15:22:07:6d:f5:
         29:aa:69:4d:da:a0:93:57:c6:f2:47:4d:9d:23:c4:17:10:0b:
         00:f3:9a:0c:6a:d3:fc:03:18:ae:dc:9e:ff:c6:0d:0b:25:c8:
         e2:aa:26:be:07:8f:8c:35:96:5a:15:fe:f9:6c:37:0c:69:fc:
         b0:4c:1a:44:18:0a:02:4e:92:25:1f:85:32:3e:ed:b6:70:d1:
         bb:f8:de:25:cd:ec:57:c3:db:f6:f2:de:40:40:49:ca:7b:d1:
         7c:87:9b:65
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUOhYEKeYPtzWox3CtZFfpsURFJUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzRaFw0yMjA5MzAwMDAwMzRaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDIzMjNGRTRCRUFDRUE4NzhE
NTMyQzU2MDU3NEMzQUQ3MjM5NEQzRTUyM0NCMkI1NThBMzE2RkUwNEY0MkYyNTcx
NUNBQjYwNEZFRUU3QUEyQ0U0OTA1OEJFRkE0REE1QzE0QUUwRjdCNjMwN0U3ODBE
MjdBMDQxODMyQkJBQTFFNDc3Mjg1RDc0MjIxNDQ1MjM1OTg0N0ExNDMwM0JGOUJG
OUEwMkUyNThFNTRENzJCNzBGNDY5MDc3RUQyRTM4NUE4N0E3MkE5M0NCRTQzQzlF
MzdDMDcyMzZFMzBGMUUwMkNBNzY0ODIwMDFEREM5NTQ1M0IwMjE5MzAwNjI5MThE
ODdDNThFRjIyMTA3MDFDQzk2RDA3M0JFMTY2Mjk0NjEzM0QwNjY5MDFFODNDNTFD
REQ4OUY4QzBCMTI0QzhFMzg5RTY1NDIwNEEyODFDMEQ3QUUwRUEyN0EwRDBCODAx
NTNDRkI0Q0E3NDc5NUIzNzY1NUYxNjk2OUIwODA5M0RDMTVCMzVEQTVCREM4QkVE
MjQzMkI0NzhDMjJFQTM3REZEQjEzMTJDRjBBQ0QxQUZEQjdBN0E2REFENUQwMzZB
QjUwQ0U1RTAyOTVBOEQyRDEyNDdDMjNDODQzNUZCODYyNjM0MTQ5MzI5RkRGODUx
ODNDODNEQjk4MERGMTMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0jI/5L6s6oeNUyxWBXTDrXI5TT5SPLK1WKMW/gT0LyVxXKtgT+7n
qizkkFi++k2lwUrg97YwfngNJ6BBgyu6oeR3KF10IhRFI1mEehQwO/m/mgLiWOVN
crcPRpB37S44WoenKpPL5DyeN8ByNuMPHgLKdkggAd3JVFOwIZMAYpGNh8WO8iEH
AcyW0HO+FmKUYTPQZpAeg8Uc3Yn4wLEkyOOJ5lQgSigcDXrg6ieg0LgBU8+0ynR5
WzdlXxaWmwgJPcFbNdpb3IvtJDK0eMIuo339sTEs8KzRr9t6em2tXQNqtQzl4Cla
jS0SR8I8hDX7hiY0FJMp/fhRg8g9uYDfEwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FME9VoVLDxW9Gk8fwHUc7VX63+4AMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzOTM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9xDANBgkqhkiG9w0BAQsFAAOCAQEAYvpJeHl9
0B9T9rJR8PuDXO2bpfSq0Q3WaINq9skE/UxNujjWPMaKfRxRZM1RswlgLpN9yJ4c
X1zMph0xLuYWXH5CL5LVJcI/Ye0Fy3raD7x4B949L5oeaUTdylTY5DMGxKU/WzvZ
YiSOZ1BGetM4Vl7eYe9ksIbApTAiDz7JnM8N7bjAM0W7YkIBTu+VCi14/Q7SCy6I
Y1ynEVY0WxUiB231KappTdqgk1fG8kdNnSPEFxALAPOaDGrT/AMYrtye/8YNCyXI
4qomvgePjDWWWhX++Ww3DGn8sEwaRBgKAk6SJR+FMj7ttnDRu/jeJc3sV8Pb9vLe
QEBJynvRfIebZQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org