Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3234382e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3234382e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          5s4bUw9tgeT5iIBIhUhy/2PbGxJzxaQTsok+W/xHq9U=
Subject key identifier:   85:28:6E:7A:D4:B3:D6:7F:4D:46:35:B6:83:EE:89:F0:B7:EF:C5:AA
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       1EF2A3BBDD61E988DFAC8A484210F1B34D91E541
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3234382e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:40 +0000
ROA not before:           Wed 29 Sep 2021 23:55:40 +0000
ROA not after:            Fri 30 Sep 2022 00:00:40 +0000
asID:                     17451
IP address blocks:        182.253.248.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:f2:a3:bb:dd:61:e9:88:df:ac:8a:48:42:10:f1:b3:4d:91:e5:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:40 2021 GMT
            Not After : Sep 30 00:00:40 2022 GMT
        Subject: CN=3082010A0282010100C080298D58AB1A5FFD4929A298742D8831693E4B6C0BDCA1FE737929D00B6CB775703DC4D4567BA86ADEDC125C0A3BCF2B60C39E1DD7DCF86E4F1CF69002376F9B38BC6E9B08B951B1E3017B69EB193C1E4D6C5FCFDBF493D75272A7F7E88C570CA2B4079207D18C3A40B91021048A3A2E41806BFBA189ABA3310E218EF25A1EEC271D40D759EC90F5A0F743BF5D83881A2AD76F25700F274B5BDB3EBEC9538F0C980719AD65423D412548AD648AA63305B356E50BE6E33A46CE9C83314CAA611A6AC654A2C790C69F1731DA2AFE4ECB8C1890927A7AD443F276CE2E9BD4A82668764B280750AA60BBA829E5A1CAF42207964AE4F0429A240642167D0A79EA6B0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:80:29:8d:58:ab:1a:5f:fd:49:29:a2:98:74:
                    2d:88:31:69:3e:4b:6c:0b:dc:a1:fe:73:79:29:d0:
                    0b:6c:b7:75:70:3d:c4:d4:56:7b:a8:6a:de:dc:12:
                    5c:0a:3b:cf:2b:60:c3:9e:1d:d7:dc:f8:6e:4f:1c:
                    f6:90:02:37:6f:9b:38:bc:6e:9b:08:b9:51:b1:e3:
                    01:7b:69:eb:19:3c:1e:4d:6c:5f:cf:db:f4:93:d7:
                    52:72:a7:f7:e8:8c:57:0c:a2:b4:07:92:07:d1:8c:
                    3a:40:b9:10:21:04:8a:3a:2e:41:80:6b:fb:a1:89:
                    ab:a3:31:0e:21:8e:f2:5a:1e:ec:27:1d:40:d7:59:
                    ec:90:f5:a0:f7:43:bf:5d:83:88:1a:2a:d7:6f:25:
                    70:0f:27:4b:5b:db:3e:be:c9:53:8f:0c:98:07:19:
                    ad:65:42:3d:41:25:48:ad:64:8a:a6:33:05:b3:56:
                    e5:0b:e6:e3:3a:46:ce:9c:83:31:4c:aa:61:1a:6a:
                    c6:54:a2:c7:90:c6:9f:17:31:da:2a:fe:4e:cb:8c:
                    18:90:92:7a:7a:d4:43:f2:76:ce:2e:9b:d4:a8:26:
                    68:76:4b:28:07:50:aa:60:bb:a8:29:e5:a1:ca:f4:
                    22:07:96:4a:e4:f0:42:9a:24:06:42:16:7d:0a:79:
                    ea:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:28:6E:7A:D4:B3:D6:7F:4D:46:35:B6:83:EE:89:F0:B7:EF:C5:AA
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3234382e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:24:10:d6:ff:d6:1f:2c:d6:c2:a5:c4:07:a3:f8:7f:d0:4d:
         a4:aa:b8:4d:9f:7a:4f:ab:da:4b:29:e7:7f:7c:2b:86:55:7e:
         72:06:66:9f:85:5a:08:b3:dc:4c:c2:be:ff:58:7f:4f:ab:e2:
         25:1a:27:46:fb:e6:34:f0:bf:36:60:8c:79:4d:be:8b:e4:87:
         ce:d9:f6:54:5b:5b:6a:96:b6:de:91:ef:87:a7:d2:27:a3:2b:
         4d:bb:f9:82:a1:b9:18:5a:91:3c:7d:3c:3e:17:da:3d:21:55:
         df:6f:cd:64:8e:71:84:be:08:46:94:42:0b:e2:82:ed:85:af:
         18:d6:9a:ef:51:a5:a6:e4:75:fd:fc:6f:76:26:51:9e:7c:86:
         ff:ef:b0:47:2f:10:80:b5:de:00:e3:3d:a7:61:ab:64:7d:8c:
         e9:21:f8:23:00:5a:9b:33:72:01:31:29:e8:86:e7:53:40:ab:
         07:3c:b3:b6:90:50:59:35:d9:b4:f5:fe:4d:aa:d7:26:31:52:
         28:44:b5:a9:c8:f9:a4:1d:14:d3:da:42:d1:e4:f4:bf:a4:69:
         80:2a:96:f1:06:2f:ee:c5:75:da:88:56:74:e5:50:37:7f:39:
         23:fa:d4:21:41:c4:1d:e6:7c:96:4e:30:79:91:0c:11:8a:15:
         20:a4:3e:ae
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUHvKju91h6YjfrIpIQhDxs02R5UEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDBaFw0yMjA5MzAwMDAwNDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzA4MDI5OEQ1OEFCMUE1RkZE
NDkyOUEyOTg3NDJEODgzMTY5M0U0QjZDMEJEQ0ExRkU3Mzc5MjlEMDBCNkNCNzc1
NzAzREM0RDQ1NjdCQTg2QURFREMxMjVDMEEzQkNGMkI2MEMzOUUxREQ3RENGODZF
NEYxQ0Y2OTAwMjM3NkY5QjM4QkM2RTlCMDhCOTUxQjFFMzAxN0I2OUVCMTkzQzFF
NEQ2QzVGQ0ZEQkY0OTNENzUyNzJBN0Y3RTg4QzU3MENBMkI0MDc5MjA3RDE4QzNB
NDBCOTEwMjEwNDhBM0EyRTQxODA2QkZCQTE4OUFCQTMzMTBFMjE4RUYyNUExRUVD
MjcxRDQwRDc1OUVDOTBGNUEwRjc0M0JGNUQ4Mzg4MUEyQUQ3NkYyNTcwMEYyNzRC
NUJEQjNFQkVDOTUzOEYwQzk4MDcxOUFENjU0MjNENDEyNTQ4QUQ2NDhBQTYzMzA1
QjM1NkU1MEJFNkUzM0E0NkNFOUM4MzMxNENBQTYxMUE2QUM2NTRBMkM3OTBDNjlG
MTczMURBMkFGRTRFQ0I4QzE4OTA5MjdBN0FENDQzRjI3NkNFMkU5QkQ0QTgyNjY4
NzY0QjI4MDc1MEFBNjBCQkE4MjlFNUExQ0FGNDIyMDc5NjRBRTRGMDQyOUEyNDA2
NDIxNjdEMEE3OUVBNkIwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwIApjVirGl/9SSmimHQtiDFpPktsC9yh/nN5KdALbLd1cD3E1FZ7
qGre3BJcCjvPK2DDnh3X3PhuTxz2kAI3b5s4vG6bCLlRseMBe2nrGTweTWxfz9v0
k9dScqf36IxXDKK0B5IH0Yw6QLkQIQSKOi5BgGv7oYmrozEOIY7yWh7sJx1A11ns
kPWg90O/XYOIGirXbyVwDydLW9s+vslTjwyYBxmtZUI9QSVIrWSKpjMFs1blC+bj
OkbOnIMxTKphGmrGVKLHkMafFzHaKv5Oy4wYkJJ6etRD8nbOLpvUqCZodksoB1Cq
YLuoKeWhyvQiB5ZK5PBCmiQGQhZ9CnnqawIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FIUobnrUs9Z/TUY1toPuifC378WqMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzNDM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9+DANBgkqhkiG9w0BAQsFAAOCAQEAEyQQ1v/W
HyzWwqXEB6P4f9BNpKq4TZ96T6vaSynnf3wrhlV+cgZmn4VaCLPcTMK+/1h/T6vi
JRonRvvmNPC/NmCMeU2+i+SHztn2VFtbapa23pHvh6fSJ6MrTbv5gqG5GFqRPH08
PhfaPSFV32/NZI5xhL4IRpRCC+KC7YWvGNaa71GlpuR1/fxvdiZRnnyG/++wRy8Q
gLXeAOM9p2GrZH2M6SH4IwBamzNyATEp6IbnU0CrBzyztpBQWTXZtPX+TarXJjFS
KES1qcj5pB0U09pC0eT0v6RpgCqW8QYv7sV12ohWdOVQN385I/rUIUHEHeZ8lk4w
eZEMEYoVIKQ+rg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org