Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232362e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3232362e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          hLfVFloDpN1jNv5rWZ9Ff2y2B5xSj2ScuidzAxVSXkA=
Subject key identifier:   B8:3A:29:4C:93:54:81:E4:02:D9:F7:F3:4B:F9:B9:93:8A:73:40:25
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       4DD781F84237754B7F8233C2452CC1D90D2E2AF8
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232362e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:44 +0000
ROA not before:           Wed 29 Sep 2021 23:55:44 +0000
ROA not after:            Fri 30 Sep 2022 00:00:44 +0000
asID:                     17451
IP address blocks:        182.253.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:d7:81:f8:42:37:75:4b:7f:82:33:c2:45:2c:c1:d9:0d:2e:2a:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:44 2021 GMT
            Not After : Sep 30 00:00:44 2022 GMT
        Subject: CN=3082010A0282010100C640D22261B6CD75FFE29DE6894EDC0E6C9E1E5C84C240DE8758AE25864F599BCEE5D6F001B98EA0B78BDE9D74E056BB33494AB32382530A37ABFA3326FAD44C7C858DD1E4612F4FB88AB0392282CAFFAF4962EA567E7E368555FFC380285DE527BC9DE2440F20643FA4DD203FF7B3EB01ADF66C14F606A117EA8E86E8FD819E3B47F4F55A32202E7C42103785BD63F193652B4AFB6AB1EA61F9785026BAAFF14383C17CE2BA86EA986E3C4DF81FC2ADA3CC2A62D7AD8E688C7EA2C9F90FD958131EF1D376FDF36547201688B9AE693B0BD83F0F17A1018819BBC4439F67D9DB4CBECB6D2698DB3BE6F0C2CB391EAA481BB74A23656E01C46D7EAEF9738134450203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:40:d2:22:61:b6:cd:75:ff:e2:9d:e6:89:4e:
                    dc:0e:6c:9e:1e:5c:84:c2:40:de:87:58:ae:25:86:
                    4f:59:9b:ce:e5:d6:f0:01:b9:8e:a0:b7:8b:de:9d:
                    74:e0:56:bb:33:49:4a:b3:23:82:53:0a:37:ab:fa:
                    33:26:fa:d4:4c:7c:85:8d:d1:e4:61:2f:4f:b8:8a:
                    b0:39:22:82:ca:ff:af:49:62:ea:56:7e:7e:36:85:
                    55:ff:c3:80:28:5d:e5:27:bc:9d:e2:44:0f:20:64:
                    3f:a4:dd:20:3f:f7:b3:eb:01:ad:f6:6c:14:f6:06:
                    a1:17:ea:8e:86:e8:fd:81:9e:3b:47:f4:f5:5a:32:
                    20:2e:7c:42:10:37:85:bd:63:f1:93:65:2b:4a:fb:
                    6a:b1:ea:61:f9:78:50:26:ba:af:f1:43:83:c1:7c:
                    e2:ba:86:ea:98:6e:3c:4d:f8:1f:c2:ad:a3:cc:2a:
                    62:d7:ad:8e:68:8c:7e:a2:c9:f9:0f:d9:58:13:1e:
                    f1:d3:76:fd:f3:65:47:20:16:88:b9:ae:69:3b:0b:
                    d8:3f:0f:17:a1:01:88:19:bb:c4:43:9f:67:d9:db:
                    4c:be:cb:6d:26:98:db:3b:e6:f0:c2:cb:39:1e:aa:
                    48:1b:b7:4a:23:65:6e:01:c4:6d:7e:ae:f9:73:81:
                    34:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:3A:29:4C:93:54:81:E4:02:D9:F7:F3:4B:F9:B9:93:8A:73:40:25
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232362e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:b1:2f:ed:be:76:9c:41:20:8d:0f:80:f4:c3:6e:35:7f:37:
         97:60:5a:89:60:5d:95:c0:e4:e1:bb:64:4c:ee:91:ef:24:62:
         c8:08:f0:33:14:db:13:fa:56:20:41:43:4b:e5:44:74:7f:71:
         e0:2e:f8:eb:9b:dd:13:00:6a:fa:c4:44:8d:11:52:f2:3c:4e:
         7d:65:a7:50:1e:4e:7d:5b:95:3c:7c:0f:2a:9d:d0:9e:05:29:
         81:f5:69:5b:01:18:28:41:73:54:8b:de:0c:6f:be:4c:84:ee:
         fd:90:ec:24:b6:65:f3:b2:da:46:ee:39:63:a9:7b:92:67:14:
         52:f5:3a:8b:a3:88:90:d5:7e:95:af:87:e2:6d:9d:f6:c2:dd:
         05:6f:a4:c6:ed:bb:7e:4c:a2:e9:d5:a2:35:c4:84:ad:4d:2e:
         c4:86:2b:10:a3:9a:f0:5b:f7:26:6a:84:97:28:a0:5f:ce:51:
         a6:44:17:6f:dd:cd:23:be:d2:f7:be:f3:ae:c4:c1:a5:51:d9:
         75:8b:27:c7:b0:a1:89:5f:e6:99:1f:18:6d:f7:84:55:f4:a9:
         6c:92:95:d1:85:7e:e6:8f:74:0d:06:24:97:ca:cf:2e:c9:e6:
         04:3a:bf:b5:cd:1a:a0:d1:a5:31:5a:23:56:19:39:70:b7:d2:
         a6:2e:a3:81
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUTdeB+EI3dUt/gjPCRSzB2Q0uKvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDRaFw0yMjA5MzAwMDAwNDRaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzY0MEQyMjI2MUI2Q0Q3NUZG
RTI5REU2ODk0RURDMEU2QzlFMUU1Qzg0QzI0MERFODc1OEFFMjU4NjRGNTk5QkNF
RTVENkYwMDFCOThFQTBCNzhCREU5RDc0RTA1NkJCMzM0OTRBQjMyMzgyNTMwQTM3
QUJGQTMzMjZGQUQ0NEM3Qzg1OEREMUU0NjEyRjRGQjg4QUIwMzkyMjgyQ0FGRkFG
NDk2MkVBNTY3RTdFMzY4NTU1RkZDMzgwMjg1REU1MjdCQzlERTI0NDBGMjA2NDNG
QTRERDIwM0ZGN0IzRUIwMUFERjY2QzE0RjYwNkExMTdFQThFODZFOEZEODE5RTNC
NDdGNEY1NUEzMjIwMkU3QzQyMTAzNzg1QkQ2M0YxOTM2NTJCNEFGQjZBQjFFQTYx
Rjk3ODUwMjZCQUFGRjE0MzgzQzE3Q0UyQkE4NkVBOTg2RTNDNERGODFGQzJBREEz
Q0MyQTYyRDdBRDhFNjg4QzdFQTJDOUY5MEZEOTU4MTMxRUYxRDM3NkZERjM2NTQ3
MjAxNjg4QjlBRTY5M0IwQkQ4M0YwRjE3QTEwMTg4MTlCQkM0NDM5RjY3RDlEQjRD
QkVDQjZEMjY5OERCM0JFNkYwQzJDQjM5MUVBQTQ4MUJCNzRBMjM2NTZFMDFDNDZE
N0VBRUY5NzM4MTM0NDUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxkDSImG2zXX/4p3miU7cDmyeHlyEwkDeh1iuJYZPWZvO5dbwAbmO
oLeL3p104Fa7M0lKsyOCUwo3q/ozJvrUTHyFjdHkYS9PuIqwOSKCyv+vSWLqVn5+
NoVV/8OAKF3lJ7yd4kQPIGQ/pN0gP/ez6wGt9mwU9gahF+qOhuj9gZ47R/T1WjIg
LnxCEDeFvWPxk2UrSvtqseph+XhQJrqv8UODwXziuobqmG48Tfgfwq2jzCpi162O
aIx+osn5D9lYEx7x03b982VHIBaIua5pOwvYPw8XoQGIGbvEQ59n2dtMvsttJpjb
O+bwwss5HqpIG7dKI2VuAcRtfq75c4E0RQIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FLg6KUyTVIHkAtn380v5uZOKc0AlMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzMjM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb94jANBgkqhkiG9w0BAQsFAAOCAQEAirEv7b52
nEEgjQ+A9MNuNX83l2BaiWBdlcDk4btkTO6R7yRiyAjwMxTbE/pWIEFDS+VEdH9x
4C7465vdEwBq+sREjRFS8jxOfWWnUB5OfVuVPHwPKp3QngUpgfVpWwEYKEFzVIve
DG++TITu/ZDsJLZl87LaRu45Y6l7kmcUUvU6i6OIkNV+la+H4m2d9sLdBW+kxu27
fkyi6dWiNcSErU0uxIYrEKOa8Fv3JmqElyigX85RpkQXb93NI77S977zrsTBpVHZ
dYsnx7ChiV/mmR8YbfeEVfSpbJKV0YV+5o90DQYkl8rPLsnmBDq/tc0aoNGlMVoj
Vhk5cLfSpi6jgQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org