Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232312e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3232312e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          FYcUuvK3o7EPEwH0sQjFATya2zEEZIj1L0bFnpkt2gE=
Subject key identifier:   5D:87:80:9B:CC:43:80:E0:2B:78:5F:42:55:5B:85:CC:25:4A:B5:7C
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       43A1846E759A889B936A8717F6C524FDB1F6A926
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232312e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:38 +0000
ROA not before:           Wed 29 Sep 2021 23:55:38 +0000
ROA not after:            Fri 30 Sep 2022 00:00:38 +0000
asID:                     17451
IP address blocks:        182.253.221.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:a1:84:6e:75:9a:88:9b:93:6a:87:17:f6:c5:24:fd:b1:f6:a9:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:38 2021 GMT
            Not After : Sep 30 00:00:38 2022 GMT
        Subject: CN=3082010A0282010100B06E48989528747CD6548C4EEB7CB7F2F33E2C0098C98D70FD02CBB54D0C33E0624641BE95EAC15D1DCCA3F00E6BB6CA24B57193A11CFEA9F17FA19382BD3B32614A895A4D0A71D0F362F642242FAAC674F76AEA1F532527DE70BCB71C4EA3CCE024A057E861F1B3656AB4AB35363451F6C41226D04A8ECC31B6A4FF7B2AA550DBB84F1B0C8042AA81363FCC474F9304DD2F82197FFA0D63A5E8FEB5D460F8F9083C3138986998C2C8ABFC26A1527FC66D3B112F67185215C81BA4B5EAE0E98815121D1E74C027FC479141BBCED24A9CFDCCC09E31B6148D1EE10466F12DAB834114CC1984648CFEF30DFD671E8128E5738881D5CA3E0AF31943EE691337B2FD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6e:48:98:95:28:74:7c:d6:54:8c:4e:eb:7c:
                    b7:f2:f3:3e:2c:00:98:c9:8d:70:fd:02:cb:b5:4d:
                    0c:33:e0:62:46:41:be:95:ea:c1:5d:1d:cc:a3:f0:
                    0e:6b:b6:ca:24:b5:71:93:a1:1c:fe:a9:f1:7f:a1:
                    93:82:bd:3b:32:61:4a:89:5a:4d:0a:71:d0:f3:62:
                    f6:42:24:2f:aa:c6:74:f7:6a:ea:1f:53:25:27:de:
                    70:bc:b7:1c:4e:a3:cc:e0:24:a0:57:e8:61:f1:b3:
                    65:6a:b4:ab:35:36:34:51:f6:c4:12:26:d0:4a:8e:
                    cc:31:b6:a4:ff:7b:2a:a5:50:db:b8:4f:1b:0c:80:
                    42:aa:81:36:3f:cc:47:4f:93:04:dd:2f:82:19:7f:
                    fa:0d:63:a5:e8:fe:b5:d4:60:f8:f9:08:3c:31:38:
                    98:69:98:c2:c8:ab:fc:26:a1:52:7f:c6:6d:3b:11:
                    2f:67:18:52:15:c8:1b:a4:b5:ea:e0:e9:88:15:12:
                    1d:1e:74:c0:27:fc:47:91:41:bb:ce:d2:4a:9c:fd:
                    cc:c0:9e:31:b6:14:8d:1e:e1:04:66:f1:2d:ab:83:
                    41:14:cc:19:84:64:8c:fe:f3:0d:fd:67:1e:81:28:
                    e5:73:88:81:d5:ca:3e:0a:f3:19:43:ee:69:13:37:
                    b2:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:87:80:9B:CC:43:80:E0:2B:78:5F:42:55:5B:85:CC:25:4A:B5:7C
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232312e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:ee:9f:c9:87:7c:e8:5f:6d:fe:a0:f0:88:d9:c3:e6:a8:e7:
         d3:52:36:af:01:cd:b4:3b:48:0d:6e:8d:df:93:fc:47:e9:8b:
         dd:5d:10:d7:d6:2c:c2:a9:0c:54:fd:b7:13:e4:f2:dd:31:02:
         e4:16:b5:b4:69:3a:78:ed:68:d9:d3:ea:56:07:44:ac:dd:16:
         3f:b7:25:df:19:9c:51:f1:43:0d:2d:3c:6e:dd:a9:b4:c2:41:
         cc:38:f6:41:8d:7a:1b:26:1a:93:48:82:d7:c5:dd:d3:0b:ab:
         f8:d8:40:8b:7c:f7:b3:78:4f:9b:d6:9e:53:7f:19:a8:c3:06:
         82:d4:7f:4c:4d:4e:a0:a2:83:86:06:44:13:1b:e8:12:02:30:
         9f:1c:b0:27:ba:6b:bb:8d:91:67:bb:d1:55:0f:09:e7:df:d0:
         d6:01:fc:09:d3:e3:61:ca:b4:bb:aa:1b:50:b4:cc:c3:97:80:
         a8:00:aa:39:f7:44:e3:8e:3e:6d:29:1a:6d:2a:62:38:bd:9e:
         0e:24:36:d0:f2:a9:e9:22:61:8c:d9:40:c6:c3:fc:6f:4c:7b:
         bf:06:06:b5:cc:a2:a4:4d:cb:eb:07:f7:62:b3:b3:56:00:61:
         2e:a8:85:ed:51:34:e7:3e:bf:a0:51:bf:e1:65:06:e3:06:fb:
         dd:94:45:9a
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUQ6GEbnWaiJuTaocX9sUk/bH2qSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzhaFw0yMjA5MzAwMDAwMzhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjA2RTQ4OTg5NTI4NzQ3Q0Q2
NTQ4QzRFRUI3Q0I3RjJGMzNFMkMwMDk4Qzk4RDcwRkQwMkNCQjU0RDBDMzNFMDYy
NDY0MUJFOTVFQUMxNUQxRENDQTNGMDBFNkJCNkNBMjRCNTcxOTNBMTFDRkVBOUYx
N0ZBMTkzODJCRDNCMzI2MTRBODk1QTREMEE3MUQwRjM2MkY2NDIyNDJGQUFDNjc0
Rjc2QUVBMUY1MzI1MjdERTcwQkNCNzFDNEVBM0NDRTAyNEEwNTdFODYxRjFCMzY1
NkFCNEFCMzUzNjM0NTFGNkM0MTIyNkQwNEE4RUNDMzFCNkE0RkY3QjJBQTU1MERC
Qjg0RjFCMEM4MDQyQUE4MTM2M0ZDQzQ3NEY5MzA0REQyRjgyMTk3RkZBMEQ2M0E1
RThGRUI1RDQ2MEY4RjkwODNDMzEzODk4Njk5OEMyQzhBQkZDMjZBMTUyN0ZDNjZE
M0IxMTJGNjcxODUyMTVDODFCQTRCNUVBRTBFOTg4MTUxMjFEMUU3NEMwMjdGQzQ3
OTE0MUJCQ0VEMjRBOUNGRENDQzA5RTMxQjYxNDhEMUVFMTA0NjZGMTJEQUI4MzQx
MTRDQzE5ODQ2NDhDRkVGMzBERkQ2NzFFODEyOEU1NzM4ODgxRDVDQTNFMEFGMzE5
NDNFRTY5MTMzN0IyRkQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsG5ImJUodHzWVIxO63y38vM+LACYyY1w/QLLtU0MM+BiRkG+lerB
XR3Mo/AOa7bKJLVxk6Ec/qnxf6GTgr07MmFKiVpNCnHQ82L2QiQvqsZ092rqH1Ml
J95wvLccTqPM4CSgV+hh8bNlarSrNTY0UfbEEibQSo7MMbak/3sqpVDbuE8bDIBC
qoE2P8xHT5ME3S+CGX/6DWOl6P611GD4+Qg8MTiYaZjCyKv8JqFSf8ZtOxEvZxhS
FcgbpLXq4OmIFRIdHnTAJ/xHkUG7ztJKnP3MwJ4xthSNHuEEZvEtq4NBFMwZhGSM
/vMN/WcegSjlc4iB1co+CvMZQ+5pEzey/QIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FF2HgJvMQ4DgK3hfQlVbhcwlSrV8MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzMjMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb93TANBgkqhkiG9w0BAQsFAAOCAQEAle6fyYd8
6F9t/qDwiNnD5qjn01I2rwHNtDtIDW6N35P8R+mL3V0Q19YswqkMVP23E+Ty3TEC
5Ba1tGk6eO1o2dPqVgdErN0WP7cl3xmcUfFDDS08bt2ptMJBzDj2QY16GyYak0iC
18Xd0wur+NhAi3z3s3hPm9aeU38ZqMMGgtR/TE1OoKKDhgZEExvoEgIwnxywJ7pr
u42RZ7vRVQ8J59/Q1gH8CdPjYcq0u6obULTMw5eAqACqOfdE444+bSkabSpiOL2e
DiQ20PKp6SJhjNlAxsP8b0x7vwYGtcyipE3L6wf3YrOzVgBhLqiF7VE05z6/oFG/
4WUG4wb73ZRFmg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org