Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3234312e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3234312e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          1uy3CUz62SZFNiAXp/puBQ4hsWHC2MdUCj5qBfSCX8Y=
Subject key identifier:   CD:8C:B2:D5:82:CE:60:ED:35:01:92:75:7A:8E:B6:22:4F:3E:A6:D7
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       7602FF9BC464E98BE0965E89131C098E746581C0
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3234312e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:58 +0000
ROA not before:           Wed 29 Sep 2021 23:55:58 +0000
ROA not after:            Fri 30 Sep 2022 00:00:58 +0000
asID:                     17451
IP address blocks:        182.253.241.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:02:ff:9b:c4:64:e9:8b:e0:96:5e:89:13:1c:09:8e:74:65:81:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:58 2021 GMT
            Not After : Sep 30 00:00:58 2022 GMT
        Subject: CN=3082010A0282010100D460161741B14A2AC3CE965B27C4F3F83A3F1596E628C5F8BA52851EA3E8B959A2B2E95EB73225419354B963A39B40C4385A3435F3F500DEB1D9DF48CD14EC55222DF71CAE50841031008C4AA28D94195FF282D6C6BC5075A7E0ED0CA858208295AF151D9468DA3B6C7FC47EFC297EBE99FFD667BFD44FC6FA2044D26F10C32277ABE571334E70917D30211877F1501CB2C1C19FF8DBB1D55614AA7BAF0D073985B58DCC98EF092483311FC69888565B0D4EB6580DCCA7382B7DDA214B78A15087A1815CE3EB35D4BD84DCAF48F4C79DB353362475DC4BBBD6B451007263867FACDFF731AC8E270F49074E65E19D6E260DCC195D80BA729588D02E0C214A391D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:60:16:17:41:b1:4a:2a:c3:ce:96:5b:27:c4:
                    f3:f8:3a:3f:15:96:e6:28:c5:f8:ba:52:85:1e:a3:
                    e8:b9:59:a2:b2:e9:5e:b7:32:25:41:93:54:b9:63:
                    a3:9b:40:c4:38:5a:34:35:f3:f5:00:de:b1:d9:df:
                    48:cd:14:ec:55:22:2d:f7:1c:ae:50:84:10:31:00:
                    8c:4a:a2:8d:94:19:5f:f2:82:d6:c6:bc:50:75:a7:
                    e0:ed:0c:a8:58:20:82:95:af:15:1d:94:68:da:3b:
                    6c:7f:c4:7e:fc:29:7e:be:99:ff:d6:67:bf:d4:4f:
                    c6:fa:20:44:d2:6f:10:c3:22:77:ab:e5:71:33:4e:
                    70:91:7d:30:21:18:77:f1:50:1c:b2:c1:c1:9f:f8:
                    db:b1:d5:56:14:aa:7b:af:0d:07:39:85:b5:8d:cc:
                    98:ef:09:24:83:31:1f:c6:98:88:56:5b:0d:4e:b6:
                    58:0d:cc:a7:38:2b:7d:da:21:4b:78:a1:50:87:a1:
                    81:5c:e3:eb:35:d4:bd:84:dc:af:48:f4:c7:9d:b3:
                    53:36:24:75:dc:4b:bb:d6:b4:51:00:72:63:86:7f:
                    ac:df:f7:31:ac:8e:27:0f:49:07:4e:65:e1:9d:6e:
                    26:0d:cc:19:5d:80:ba:72:95:88:d0:2e:0c:21:4a:
                    39:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:8C:B2:D5:82:CE:60:ED:35:01:92:75:7A:8E:B6:22:4F:3E:A6:D7
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3234312e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:46:36:6c:86:22:f9:f9:b5:e6:d2:69:36:a4:30:f3:03:02:
         44:58:ce:b3:56:bc:4d:8e:ca:d1:4b:57:88:d5:34:d7:3a:6a:
         08:7e:34:66:98:a0:5e:3a:b1:ef:aa:2c:a8:5c:4b:b5:c2:92:
         c7:1a:88:27:41:dc:85:29:7c:a1:d8:82:cf:74:44:dc:c3:24:
         d5:e0:f0:50:6c:f3:ff:ad:63:41:1d:ab:e9:4e:80:e9:35:e5:
         d8:97:b5:46:71:88:dc:38:09:a0:8f:db:a6:b9:d7:c2:66:1b:
         24:f9:80:da:f2:bb:15:d0:d4:ba:0b:2d:b4:26:3c:be:27:ec:
         18:96:a1:15:32:e4:f6:47:f0:76:0f:c0:93:e7:c0:3e:56:44:
         ed:7c:c7:7c:76:7b:d6:79:67:3d:a0:b7:02:67:2b:e7:f7:2f:
         8c:54:03:65:65:ca:2d:1e:83:cd:60:aa:09:be:4a:dc:32:6f:
         c1:1c:88:aa:ba:6d:01:1d:c1:2c:7f:94:ff:3e:96:95:51:de:
         db:ab:7f:49:f3:76:3c:75:ee:f4:ee:82:d1:da:d6:05:da:d9:
         3d:9e:3c:6b:02:2a:82:66:1b:43:2e:53:f3:39:e2:9d:ba:c2:
         d6:b4:16:cf:e7:91:ca:8f:1e:ad:1c:5f:11:81:18:64:0d:54:
         f8:2a:38:df
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUdgL/m8Rk6Yvgll6JExwJjnRlgcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NThaFw0yMjA5MzAwMDAwNThaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDQ2MDE2MTc0MUIxNEEyQUMz
Q0U5NjVCMjdDNEYzRjgzQTNGMTU5NkU2MjhDNUY4QkE1Mjg1MUVBM0U4Qjk1OUEy
QjJFOTVFQjczMjI1NDE5MzU0Qjk2M0EzOUI0MEM0Mzg1QTM0MzVGM0Y1MDBERUIx
RDlERjQ4Q0QxNEVDNTUyMjJERjcxQ0FFNTA4NDEwMzEwMDhDNEFBMjhEOTQxOTVG
RjI4MkQ2QzZCQzUwNzVBN0UwRUQwQ0E4NTgyMDgyOTVBRjE1MUQ5NDY4REEzQjZD
N0ZDNDdFRkMyOTdFQkU5OUZGRDY2N0JGRDQ0RkM2RkEyMDQ0RDI2RjEwQzMyMjc3
QUJFNTcxMzM0RTcwOTE3RDMwMjExODc3RjE1MDFDQjJDMUMxOUZGOERCQjFENTU2
MTRBQTdCQUYwRDA3Mzk4NUI1OERDQzk4RUYwOTI0ODMzMTFGQzY5ODg4NTY1QjBE
NEVCNjU4MERDQ0E3MzgyQjdEREEyMTRCNzhBMTUwODdBMTgxNUNFM0VCMzVENEJE
ODREQ0FGNDhGNEM3OURCMzUzMzYyNDc1REM0QkJCRDZCNDUxMDA3MjYzODY3RkFD
REZGNzMxQUM4RTI3MEY0OTA3NEU2NUUxOUQ2RTI2MERDQzE5NUQ4MEJBNzI5NTg4
RDAyRTBDMjE0QTM5MUQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA1GAWF0GxSirDzpZbJ8Tz+Do/FZbmKMX4ulKFHqPouVmisuletzIl
QZNUuWOjm0DEOFo0NfP1AN6x2d9IzRTsVSIt9xyuUIQQMQCMSqKNlBlf8oLWxrxQ
dafg7QyoWCCCla8VHZRo2jtsf8R+/Cl+vpn/1me/1E/G+iBE0m8QwyJ3q+VxM05w
kX0wIRh38VAcssHBn/jbsdVWFKp7rw0HOYW1jcyY7wkkgzEfxpiIVlsNTrZYDcyn
OCt92iFLeKFQh6GBXOPrNdS9hNyvSPTHnbNTNiR13Eu71rRRAHJjhn+s3/cxrI4n
D0kHTmXhnW4mDcwZXYC6cpWI0C4MIUo5HQIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FM2MstWCzmDtNQGSdXqOtiJPPqbXMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzNDMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb98TANBgkqhkiG9w0BAQsFAAOCAQEAnUY2bIYi
+fm15tJpNqQw8wMCRFjOs1a8TY7K0UtXiNU01zpqCH40ZpigXjqx76osqFxLtcKS
xxqIJ0HchSl8odiCz3RE3MMk1eDwUGzz/61jQR2r6U6A6TXl2Je1RnGI3DgJoI/b
prnXwmYbJPmA2vK7FdDUugsttCY8vifsGJahFTLk9kfwdg/Ak+fAPlZE7XzHfHZ7
1nlnPaC3Amcr5/cvjFQDZWXKLR6DzWCqCb5K3DJvwRyIqrptAR3BLH+U/z6WlVHe
26t/SfN2PHXu9O6C0drWBdrZPZ48awIqgmYbQy5T8zninbrC1rQWz+eRyo8erRxf
EYEYZA1U+Co43w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org