Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230332e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3230332e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          nOFenxCojm7+vXP7I9iqM2Ug4ZdANsuJedbjVWkECXY=
Subject key identifier:   D3:DC:0E:E6:A5:C3:65:BF:B5:7C:75:6C:3E:C8:48:5E:E9:09:AE:FD
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       7045133E3C516432C5449339472ED063F95DC55A
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230332e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:17 +0000
ROA not before:           Wed 29 Sep 2021 23:55:17 +0000
ROA not after:            Fri 30 Sep 2022 00:00:17 +0000
asID:                     17451
IP address blocks:        182.253.203.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:45:13:3e:3c:51:64:32:c5:44:93:39:47:2e:d0:63:f9:5d:c5:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:17 2021 GMT
            Not After : Sep 30 00:00:17 2022 GMT
        Subject: CN=3082010A0282010100C8AFF255C427752C0E439B2B80C8BB7E40278D22F5549CD0AA5CF3EFAB70063A2437A40AAB0FC8DBE17B319FFFCE59886E35DAC6E5C667A308E183D78A908BDF9C4CEB4C533E974B239407AD084D3B512537121603CC15722B8B7BD40E5A925060C95C17B99428DD2586163107F9992F2EA8FC3A74A49B3E74CA49D88B4CCAF53D47A911D515315717FAB7DF7540ADA4EC8FC555BDB651A13B9A3C26AC3E24B66282A02535DD7B391DAF499870541D36E49FCE95C8B45A7ACB8B3420552569F60804F7170F9F66CC10D08DD7FA7D97CB68F3067931B6C1798227B6C2F507D75758080773D6768895C4B5130DDC3526DE554C931D866DB77253DF6CD2A14387470203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:af:f2:55:c4:27:75:2c:0e:43:9b:2b:80:c8:
                    bb:7e:40:27:8d:22:f5:54:9c:d0:aa:5c:f3:ef:ab:
                    70:06:3a:24:37:a4:0a:ab:0f:c8:db:e1:7b:31:9f:
                    ff:ce:59:88:6e:35:da:c6:e5:c6:67:a3:08:e1:83:
                    d7:8a:90:8b:df:9c:4c:eb:4c:53:3e:97:4b:23:94:
                    07:ad:08:4d:3b:51:25:37:12:16:03:cc:15:72:2b:
                    8b:7b:d4:0e:5a:92:50:60:c9:5c:17:b9:94:28:dd:
                    25:86:16:31:07:f9:99:2f:2e:a8:fc:3a:74:a4:9b:
                    3e:74:ca:49:d8:8b:4c:ca:f5:3d:47:a9:11:d5:15:
                    31:57:17:fa:b7:df:75:40:ad:a4:ec:8f:c5:55:bd:
                    b6:51:a1:3b:9a:3c:26:ac:3e:24:b6:62:82:a0:25:
                    35:dd:7b:39:1d:af:49:98:70:54:1d:36:e4:9f:ce:
                    95:c8:b4:5a:7a:cb:8b:34:20:55:25:69:f6:08:04:
                    f7:17:0f:9f:66:cc:10:d0:8d:d7:fa:7d:97:cb:68:
                    f3:06:79:31:b6:c1:79:82:27:b6:c2:f5:07:d7:57:
                    58:08:07:73:d6:76:88:95:c4:b5:13:0d:dc:35:26:
                    de:55:4c:93:1d:86:6d:b7:72:53:df:6c:d2:a1:43:
                    87:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:DC:0E:E6:A5:C3:65:BF:B5:7C:75:6C:3E:C8:48:5E:E9:09:AE:FD
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230332e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:31:fe:d8:78:af:40:69:f6:78:9e:7b:6f:b4:e6:bf:61:22:
         59:4a:50:6f:f3:1a:e6:0f:a2:c8:4d:9e:ee:92:43:2e:6b:52:
         d7:11:fa:3e:82:83:4a:75:9f:ef:48:42:ec:be:d4:3c:ba:6a:
         a0:41:5e:36:fc:1a:6d:4d:77:20:14:f1:c2:c9:1e:2e:98:42:
         90:1b:37:16:b6:f4:4e:36:af:6e:1e:7f:c6:68:2a:5b:84:8a:
         bd:2e:81:ee:5e:95:29:1d:0c:5e:05:73:d7:4d:17:00:2c:cb:
         c1:3b:89:b6:7c:69:1a:e0:f6:3b:87:b3:75:85:a1:e9:a2:24:
         5a:eb:fb:ae:f2:89:a1:ac:01:0a:3e:07:f7:31:fa:bb:ed:11:
         1f:78:eb:39:a6:a7:0b:9f:5b:33:88:fd:60:49:ad:83:f3:56:
         72:00:7f:bc:90:18:83:de:28:95:e7:4c:eb:17:83:bb:7f:00:
         d1:2d:23:11:0b:ba:b9:61:eb:be:c7:6a:82:4c:a4:ea:5a:d7:
         05:d9:3d:3c:a2:b6:9c:66:81:82:b5:95:3e:e4:d5:92:33:7d:
         28:61:81:06:4f:ac:05:32:8a:dc:59:84:95:55:2f:d6:00:5e:
         a9:5d:38:8f:81:0c:17:92:a8:4a:33:84:1e:73:02:b1:8c:9a:
         ed:3a:ad:26
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUcEUTPjxRZDLFRJM5Ry7QY/ldxVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MTdaFw0yMjA5MzAwMDAwMTdaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzhBRkYyNTVDNDI3NzUyQzBF
NDM5QjJCODBDOEJCN0U0MDI3OEQyMkY1NTQ5Q0QwQUE1Q0YzRUZBQjcwMDYzQTI0
MzdBNDBBQUIwRkM4REJFMTdCMzE5RkZGQ0U1OTg4NkUzNURBQzZFNUM2NjdBMzA4
RTE4M0Q3OEE5MDhCREY5QzRDRUI0QzUzM0U5NzRCMjM5NDA3QUQwODREM0I1MTI1
MzcxMjE2MDNDQzE1NzIyQjhCN0JENDBFNUE5MjUwNjBDOTVDMTdCOTk0MjhERDI1
ODYxNjMxMDdGOTk5MkYyRUE4RkMzQTc0QTQ5QjNFNzRDQTQ5RDg4QjRDQ0FGNTNE
NDdBOTExRDUxNTMxNTcxN0ZBQjdERjc1NDBBREE0RUM4RkM1NTVCREI2NTFBMTNC
OUEzQzI2QUMzRTI0QjY2MjgyQTAyNTM1REQ3QjM5MURBRjQ5OTg3MDU0MUQzNkU0
OUZDRTk1QzhCNDVBN0FDQjhCMzQyMDU1MjU2OUY2MDgwNEY3MTcwRjlGNjZDQzEw
RDA4REQ3RkE3RDk3Q0I2OEYzMDY3OTMxQjZDMTc5ODIyN0I2QzJGNTA3RDc1NzU4
MDgwNzczRDY3Njg4OTVDNEI1MTMwRERDMzUyNkRFNTU0QzkzMUQ4NjZEQjc3MjUz
REY2Q0QyQTE0Mzg3NDcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAyK/yVcQndSwOQ5srgMi7fkAnjSL1VJzQqlzz76twBjokN6QKqw/I
2+F7MZ//zlmIbjXaxuXGZ6MI4YPXipCL35xM60xTPpdLI5QHrQhNO1ElNxIWA8wV
ciuLe9QOWpJQYMlcF7mUKN0lhhYxB/mZLy6o/Dp0pJs+dMpJ2ItMyvU9R6kR1RUx
Vxf6t991QK2k7I/FVb22UaE7mjwmrD4ktmKCoCU13Xs5Ha9JmHBUHTbkn86VyLRa
esuLNCBVJWn2CAT3Fw+fZswQ0I3X+n2Xy2jzBnkxtsF5gie2wvUH11dYCAdz1naI
lcS1Ew3cNSbeVUyTHYZtt3JT32zSoUOHRwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FNPcDualw2W/tXx1bD7ISF7pCa79MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzMDMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9yzANBgkqhkiG9w0BAQsFAAOCAQEAozH+2Hiv
QGn2eJ57b7Tmv2EiWUpQb/Ma5g+iyE2e7pJDLmtS1xH6PoKDSnWf70hC7L7UPLpq
oEFeNvwabU13IBTxwskeLphCkBs3Frb0Tjavbh5/xmgqW4SKvS6B7l6VKR0MXgVz
100XACzLwTuJtnxpGuD2O4ezdYWh6aIkWuv7rvKJoawBCj4H9zH6u+0RH3jrOaan
C59bM4j9YEmtg/NWcgB/vJAYg94oledM6xeDu38A0S0jEQu6uWHrvsdqgkyk6lrX
Bdk9PKK2nGaBgrWVPuTVkjN9KGGBBk+sBTKK3FmElVUv1gBeqV04j4EMF5KoSjOE
HnMCsYya7TqtJg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org