Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232382e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3232382e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          kSF9+C92LIce1mjWHo55VECgV/dEKzctg5Cn7cscebE=
Subject key identifier:   E3:6E:A8:1E:89:0D:B9:2B:B1:FC:06:3B:D1:7F:6C:18:D2:8A:23:D4
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       3A82076BB41179655F34CB45A2D9F0B2B6E0E7A4
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232382e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:42 +0000
ROA not before:           Wed 29 Sep 2021 23:55:42 +0000
ROA not after:            Fri 30 Sep 2022 00:00:42 +0000
asID:                     17451
IP address blocks:        182.253.228.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:82:07:6b:b4:11:79:65:5f:34:cb:45:a2:d9:f0:b2:b6:e0:e7:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:42 2021 GMT
            Not After : Sep 30 00:00:42 2022 GMT
        Subject: CN=3082010A0282010100E4BE0F6DECACC8802D4AA5297860F7A382904B915C868FE747758DD84BD8F4C031854A3F1B982B07D1A46A6C4B29457BD76D91CC14278BDE4CE5D70062073FED081447B9121426793E630AEE11E9A8D7EF5DEE610080E0194F5456F04D91D8BC31568DB65B71E674F181FA7BCBE29D331F05A4BC600F8013D959E6780CDA24E41D16C64CD17A30316C676537106C357F10599BD316D7AEDB9E951F2C682B8D36A7D2982529FB1EFEF0BDC61A95914391A3425868CBF6339C15103FF8D67316772C768DFCF2BC8E4E698C48E13094275A1FA46803D36AC576BB4BE76904223090E2A88C48772E7860D28C0A85C40BEC2ADD1A26D51A98F82D1A62C5C7ED1C15FB0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:be:0f:6d:ec:ac:c8:80:2d:4a:a5:29:78:60:
                    f7:a3:82:90:4b:91:5c:86:8f:e7:47:75:8d:d8:4b:
                    d8:f4:c0:31:85:4a:3f:1b:98:2b:07:d1:a4:6a:6c:
                    4b:29:45:7b:d7:6d:91:cc:14:27:8b:de:4c:e5:d7:
                    00:62:07:3f:ed:08:14:47:b9:12:14:26:79:3e:63:
                    0a:ee:11:e9:a8:d7:ef:5d:ee:61:00:80:e0:19:4f:
                    54:56:f0:4d:91:d8:bc:31:56:8d:b6:5b:71:e6:74:
                    f1:81:fa:7b:cb:e2:9d:33:1f:05:a4:bc:60:0f:80:
                    13:d9:59:e6:78:0c:da:24:e4:1d:16:c6:4c:d1:7a:
                    30:31:6c:67:65:37:10:6c:35:7f:10:59:9b:d3:16:
                    d7:ae:db:9e:95:1f:2c:68:2b:8d:36:a7:d2:98:25:
                    29:fb:1e:fe:f0:bd:c6:1a:95:91:43:91:a3:42:58:
                    68:cb:f6:33:9c:15:10:3f:f8:d6:73:16:77:2c:76:
                    8d:fc:f2:bc:8e:4e:69:8c:48:e1:30:94:27:5a:1f:
                    a4:68:03:d3:6a:c5:76:bb:4b:e7:69:04:22:30:90:
                    e2:a8:8c:48:77:2e:78:60:d2:8c:0a:85:c4:0b:ec:
                    2a:dd:1a:26:d5:1a:98:f8:2d:1a:62:c5:c7:ed:1c:
                    15:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:6E:A8:1E:89:0D:B9:2B:B1:FC:06:3B:D1:7F:6C:18:D2:8A:23:D4
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3232382e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:df:03:ac:96:94:94:ba:9f:69:4c:82:55:4b:15:92:7b:98:
         07:a7:bf:5b:24:41:1b:ff:f1:9f:6e:6f:4e:a5:ce:bb:de:15:
         ac:20:ac:ba:8a:9b:92:f3:20:ad:7e:70:a6:73:5a:d2:ab:e4:
         88:82:b9:ad:3d:a7:c3:9b:4c:32:b7:26:3d:52:77:da:c6:31:
         48:ea:af:ad:52:cd:40:16:2b:1b:71:43:19:a9:93:1f:12:4a:
         8f:93:41:67:d7:65:7b:27:53:2c:3d:71:ac:21:ad:84:09:ad:
         db:7f:e6:c8:5e:e5:0f:47:51:fd:d0:b3:4d:e1:7b:63:a9:06:
         71:66:2b:1c:10:71:67:61:c8:95:0c:e5:ea:54:35:9e:0f:db:
         82:c3:6b:98:87:e5:e2:d9:fe:4a:54:0c:c6:ce:a1:42:9e:0a:
         32:ca:fc:a2:1b:f1:e3:20:df:15:d2:2e:31:10:ca:3e:33:27:
         08:52:f8:f1:95:04:fd:d9:f4:03:82:95:29:c8:4a:22:9f:3c:
         54:60:d5:6e:27:23:2a:6b:c5:70:83:b1:57:ff:7a:be:56:0a:
         56:fa:03:80:4e:bc:d0:01:ed:e9:00:be:c2:af:57:77:f4:f6:
         e3:10:0b:88:e4:1f:29:36:26:93:64:fc:e0:19:e4:fc:f3:c1:
         a9:0b:c1:76
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUOoIHa7QReWVfNMtFotnwsrbg56QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDJaFw0yMjA5MzAwMDAwNDJaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRTRCRTBGNkRFQ0FDQzg4MDJE
NEFBNTI5Nzg2MEY3QTM4MjkwNEI5MTVDODY4RkU3NDc3NThERDg0QkQ4RjRDMDMx
ODU0QTNGMUI5ODJCMDdEMUE0NkE2QzRCMjk0NTdCRDc2RDkxQ0MxNDI3OEJERTRD
RTVENzAwNjIwNzNGRUQwODE0NDdCOTEyMTQyNjc5M0U2MzBBRUUxMUU5QThEN0VG
NURFRTYxMDA4MEUwMTk0RjU0NTZGMDREOTFEOEJDMzE1NjhEQjY1QjcxRTY3NEYx
ODFGQTdCQ0JFMjlEMzMxRjA1QTRCQzYwMEY4MDEzRDk1OUU2NzgwQ0RBMjRFNDFE
MTZDNjRDRDE3QTMwMzE2QzY3NjUzNzEwNkMzNTdGMTA1OTlCRDMxNkQ3QUVEQjlF
OTUxRjJDNjgyQjhEMzZBN0QyOTgyNTI5RkIxRUZFRjBCREM2MUE5NTkxNDM5MUEz
NDI1ODY4Q0JGNjMzOUMxNTEwM0ZGOEQ2NzMxNjc3MkM3NjhERkNGMkJDOEU0RTY5
OEM0OEUxMzA5NDI3NUExRkE0NjgwM0QzNkFDNTc2QkI0QkU3NjkwNDIyMzA5MEUy
QTg4QzQ4NzcyRTc4NjBEMjhDMEE4NUM0MEJFQzJBREQxQTI2RDUxQTk4RjgyRDFB
NjJDNUM3RUQxQzE1RkIwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA5L4PbeysyIAtSqUpeGD3o4KQS5Fcho/nR3WN2EvY9MAxhUo/G5gr
B9GkamxLKUV7122RzBQni95M5dcAYgc/7QgUR7kSFCZ5PmMK7hHpqNfvXe5hAIDg
GU9UVvBNkdi8MVaNtltx5nTxgfp7y+KdMx8FpLxgD4AT2VnmeAzaJOQdFsZM0Xow
MWxnZTcQbDV/EFmb0xbXrtuelR8saCuNNqfSmCUp+x7+8L3GGpWRQ5GjQlhoy/Yz
nBUQP/jWcxZ3LHaN/PK8jk5pjEjhMJQnWh+kaAPTasV2u0vnaQQiMJDiqIxIdy54
YNKMCoXEC+wq3Rom1RqY+C0aYsXH7RwV+wIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FONuqB6JDbkrsfwGO9F/bBjSiiPUMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzMjM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb95DANBgkqhkiG9w0BAQsFAAOCAQEAB98DrJaU
lLqfaUyCVUsVknuYB6e/WyRBG//xn25vTqXOu94VrCCsuoqbkvMgrX5wpnNa0qvk
iIK5rT2nw5tMMrcmPVJ32sYxSOqvrVLNQBYrG3FDGamTHxJKj5NBZ9dleydTLD1x
rCGthAmt23/myF7lD0dR/dCzTeF7Y6kGcWYrHBBxZ2HIlQzl6lQ1ng/bgsNrmIfl
4tn+SlQMxs6hQp4KMsr8ohvx4yDfFdIuMRDKPjMnCFL48ZUE/dn0A4KVKchKIp88
VGDVbicjKmvFcIOxV/96vlYKVvoDgE680AHt6QC+wq9Xd/T24xALiOQfKTYmk2T8
4Bnk/PPBqQvBdg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org