Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e33302e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e33302e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          S/dgDCdC9rpzKNqzBOIWTJ896fh3j4KrHaHY7pweO0s=
Subject key identifier:   C8:09:3A:5B:EA:16:EF:20:5D:35:42:92:1D:B0:B8:FF:16:60:A7:AB
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       2FB664FDD472A019E30948568BE0F1FA467D7412
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e33302e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:41 +0000
ROA not before:           Wed 29 Sep 2021 23:55:41 +0000
ROA not after:            Fri 30 Sep 2022 00:00:41 +0000
asID:                     17451
IP address blocks:        182.253.30.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:b6:64:fd:d4:72:a0:19:e3:09:48:56:8b:e0:f1:fa:46:7d:74:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:41 2021 GMT
            Not After : Sep 30 00:00:41 2022 GMT
        Subject: CN=3082010A0282010100C7D79F264B5416F1FF86D2B9D41A9427A2EE9C6DBE008DDFD640027129D25AAAABC8BCA8875D7A9F2C5C9EE1AEF55ECC2E199EF49B4EE7F15571970EBE2C7C673B01DB8919E4F8CAC91BEDAC27819B049603CBA8E3245EA889A809A041E14C60FCA3E0E4DD2FECFCEFB6F3E344AF3F8A6C95CE5C1BE50823FAB527A3D95462EEF2A7629F911B417A2CB90307E3E78B60A0CCD6BF289F977426344139D651A074D1A935BFCAC9A337CB77AFD5402C17B40CE63D2D5583B09E6275CE04548FB904F699889B1D6126D105FCFEB118BDA2647B7ED959D3E5FB6A34048F213F0E6FC99BED988BC2F72CED5697161C350674882A7910A515586757404C9ED3AA24C9950203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d7:9f:26:4b:54:16:f1:ff:86:d2:b9:d4:1a:
                    94:27:a2:ee:9c:6d:be:00:8d:df:d6:40:02:71:29:
                    d2:5a:aa:ab:c8:bc:a8:87:5d:7a:9f:2c:5c:9e:e1:
                    ae:f5:5e:cc:2e:19:9e:f4:9b:4e:e7:f1:55:71:97:
                    0e:be:2c:7c:67:3b:01:db:89:19:e4:f8:ca:c9:1b:
                    ed:ac:27:81:9b:04:96:03:cb:a8:e3:24:5e:a8:89:
                    a8:09:a0:41:e1:4c:60:fc:a3:e0:e4:dd:2f:ec:fc:
                    ef:b6:f3:e3:44:af:3f:8a:6c:95:ce:5c:1b:e5:08:
                    23:fa:b5:27:a3:d9:54:62:ee:f2:a7:62:9f:91:1b:
                    41:7a:2c:b9:03:07:e3:e7:8b:60:a0:cc:d6:bf:28:
                    9f:97:74:26:34:41:39:d6:51:a0:74:d1:a9:35:bf:
                    ca:c9:a3:37:cb:77:af:d5:40:2c:17:b4:0c:e6:3d:
                    2d:55:83:b0:9e:62:75:ce:04:54:8f:b9:04:f6:99:
                    88:9b:1d:61:26:d1:05:fc:fe:b1:18:bd:a2:64:7b:
                    7e:d9:59:d3:e5:fb:6a:34:04:8f:21:3f:0e:6f:c9:
                    9b:ed:98:8b:c2:f7:2c:ed:56:97:16:1c:35:06:74:
                    88:2a:79:10:a5:15:58:67:57:40:4c:9e:d3:aa:24:
                    c9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:09:3A:5B:EA:16:EF:20:5D:35:42:92:1D:B0:B8:FF:16:60:A7:AB
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e33302e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:0d:51:e9:94:27:6b:1a:48:5f:90:e6:ba:b8:0f:66:5d:3e:
         f2:5d:e5:64:b0:dc:73:13:91:08:6f:33:32:84:1d:3e:25:e0:
         cc:0b:e4:3d:df:d2:9f:e4:c8:ee:51:25:cd:7f:6f:90:97:65:
         e9:42:be:4e:be:c7:d5:0c:7a:b8:db:bb:b9:fb:17:11:6f:83:
         f6:dd:fa:50:56:09:2e:d7:87:02:9d:c9:c5:37:31:88:e7:20:
         70:db:f5:da:de:bd:96:f8:4e:49:2e:57:13:fe:e3:8e:ad:5f:
         06:51:32:08:a9:0b:70:0e:20:10:a8:81:e8:ff:18:9d:21:3d:
         c3:48:9c:c1:9f:86:4c:4e:36:47:ce:17:ed:4c:9a:0a:39:2a:
         0f:15:ff:47:cd:da:54:e6:42:86:61:84:ea:42:79:e3:63:06:
         b5:63:a0:ee:90:e0:89:08:8c:9f:7a:63:b1:d4:26:ab:9d:a3:
         93:f8:ce:ac:db:63:a7:27:4b:75:ce:a5:5d:af:96:ac:ea:42:
         d7:d4:1b:32:f0:0d:8a:35:d7:04:e7:18:99:dc:32:50:28:00:
         be:42:19:62:f3:0c:16:81:6e:fe:f3:57:8b:fa:da:62:f2:be:
         e5:6f:6a:c9:7a:d2:ba:b1:0e:73:e7:3c:bf:7a:6b:15:74:89:
         ae:8c:fe:a4
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUL7Zk/dRyoBnjCUhWi+Dx+kZ9dBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDFaFw0yMjA5MzAwMDAwNDFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzdENzlGMjY0QjU0MTZGMUZG
ODZEMkI5RDQxQTk0MjdBMkVFOUM2REJFMDA4RERGRDY0MDAyNzEyOUQyNUFBQUFC
QzhCQ0E4ODc1RDdBOUYyQzVDOUVFMUFFRjU1RUNDMkUxOTlFRjQ5QjRFRTdGMTU1
NzE5NzBFQkUyQzdDNjczQjAxREI4OTE5RTRGOENBQzkxQkVEQUMyNzgxOUIwNDk2
MDNDQkE4RTMyNDVFQTg4OUE4MDlBMDQxRTE0QzYwRkNBM0UwRTRERDJGRUNGQ0VG
QjZGM0UzNDRBRjNGOEE2Qzk1Q0U1QzFCRTUwODIzRkFCNTI3QTNEOTU0NjJFRUYy
QTc2MjlGOTExQjQxN0EyQ0I5MDMwN0UzRTc4QjYwQTBDQ0Q2QkYyODlGOTc3NDI2
MzQ0MTM5RDY1MUEwNzREMUE5MzVCRkNBQzlBMzM3Q0I3N0FGRDU0MDJDMTdCNDBD
RTYzRDJENTU4M0IwOUU2Mjc1Q0UwNDU0OEZCOTA0RjY5OTg4OUIxRDYxMjZEMTA1
RkNGRUIxMThCREEyNjQ3QjdFRDk1OUQzRTVGQjZBMzQwNDhGMjEzRjBFNkZDOTlC
RUQ5ODhCQzJGNzJDRUQ1Njk3MTYxQzM1MDY3NDg4MkE3OTEwQTUxNTU4Njc1NzQw
NEM5RUQzQUEyNEM5OTUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAx9efJktUFvH/htK51BqUJ6LunG2+AI3f1kACcSnSWqqryLyoh116
nyxcnuGu9V7MLhme9JtO5/FVcZcOvix8ZzsB24kZ5PjKyRvtrCeBmwSWA8uo4yRe
qImoCaBB4Uxg/KPg5N0v7PzvtvPjRK8/imyVzlwb5Qgj+rUno9lUYu7yp2KfkRtB
eiy5Awfj54tgoMzWvyifl3QmNEE51lGgdNGpNb/KyaM3y3ev1UAsF7QM5j0tVYOw
nmJ1zgRUj7kE9pmImx1hJtEF/P6xGL2iZHt+2VnT5ftqNASPIT8Ob8mb7ZiLwvcs
7VaXFhw1BnSIKnkQpRVYZ1dATJ7TqiTJlQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FMgJOlvqFu8gXTVCkh2wuP8WYKerMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzMzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAC2/R4wDQYJKoZIhvcNAQELBQADggEBAAUNUemUJ2sa
SF+Q5rq4D2ZdPvJd5WSw3HMTkQhvMzKEHT4l4MwL5D3f0p/kyO5RJc1/b5CXZelC
vk6+x9UMerjbu7n7FxFvg/bd+lBWCS7XhwKdycU3MYjnIHDb9drevZb4TkkuVxP+
446tXwZRMgipC3AOIBCogej/GJ0hPcNInMGfhkxONkfOF+1Mmgo5Kg8V/0fN2lTm
QoZhhOpCeeNjBrVjoO6Q4IkIjJ96Y7HUJqudo5P4zqzbY6cnS3XOpV2vlqzqQtfU
GzLwDYo11wTnGJncMlAoAL5CGWLzDBaBbv7zV4v62mLyvuVvasl60rqxDnPnPL96
axV0ia6M/qQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org