Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e38302e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e38302e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          HrnkK+3AI3mtR+a24Lq0a+LuzUtXdqePAmSewIn1MzA=
Subject key identifier:   F6:9E:20:3E:E6:46:DE:AD:93:9B:3A:24:4A:C5:11:B9:FA:9E:39:0B
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       1F9C04431CA4ABCD0DB56150AD39604CAD07DDAB
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e38302e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:16 +0000
ROA not before:           Wed 29 Sep 2021 23:56:16 +0000
ROA not after:            Fri 30 Sep 2022 00:01:16 +0000
asID:                     17451
IP address blocks:        182.253.80.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:9c:04:43:1c:a4:ab:cd:0d:b5:61:50:ad:39:60:4c:ad:07:dd:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:16 2021 GMT
            Not After : Sep 30 00:01:16 2022 GMT
        Subject: CN=3082010A0282010100B2F59CFECA4D15A2FE0C54912795CE6331997B6DBF635450AED337C2C17ABB00F19B5A98881DC527242152BB8157B9FBFC2E30675E4B9A29A8CC0B2DEC4D1BE54558A5D52D917C971B6F5E5374AAD13F06AA9DB47F6BAD8CA21E4649885249A6F2E1003F2B2CB676CCA84004916B4A7388D9BE76AF6ED21EEB1D1024BF68DEDC63F774903442448D5E4F1F9AB0EF3EFA1E746B42E605F9DDF988B412EF486DBDEAEACF323E5F64827446B722BA22C708E9ED4D04B40A3104092C3EB846A641C585AE880184C7322D85CED9A60A9BBECB1B5D5CAFF8F64ECB97F8AAC3353F68D91B76C00CB6ABA0257F8885796B045D8C56B803E40A147C09C1B5DF0C054F05350203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f5:9c:fe:ca:4d:15:a2:fe:0c:54:91:27:95:
                    ce:63:31:99:7b:6d:bf:63:54:50:ae:d3:37:c2:c1:
                    7a:bb:00:f1:9b:5a:98:88:1d:c5:27:24:21:52:bb:
                    81:57:b9:fb:fc:2e:30:67:5e:4b:9a:29:a8:cc:0b:
                    2d:ec:4d:1b:e5:45:58:a5:d5:2d:91:7c:97:1b:6f:
                    5e:53:74:aa:d1:3f:06:aa:9d:b4:7f:6b:ad:8c:a2:
                    1e:46:49:88:52:49:a6:f2:e1:00:3f:2b:2c:b6:76:
                    cc:a8:40:04:91:6b:4a:73:88:d9:be:76:af:6e:d2:
                    1e:eb:1d:10:24:bf:68:de:dc:63:f7:74:90:34:42:
                    44:8d:5e:4f:1f:9a:b0:ef:3e:fa:1e:74:6b:42:e6:
                    05:f9:dd:f9:88:b4:12:ef:48:6d:bd:ea:ea:cf:32:
                    3e:5f:64:82:74:46:b7:22:ba:22:c7:08:e9:ed:4d:
                    04:b4:0a:31:04:09:2c:3e:b8:46:a6:41:c5:85:ae:
                    88:01:84:c7:32:2d:85:ce:d9:a6:0a:9b:be:cb:1b:
                    5d:5c:af:f8:f6:4e:cb:97:f8:aa:c3:35:3f:68:d9:
                    1b:76:c0:0c:b6:ab:a0:25:7f:88:85:79:6b:04:5d:
                    8c:56:b8:03:e4:0a:14:7c:09:c1:b5:df:0c:05:4f:
                    05:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:9E:20:3E:E6:46:DE:AD:93:9B:3A:24:4A:C5:11:B9:FA:9E:39:0B
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e38302e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:91:0a:da:32:e6:78:48:d1:ea:09:3f:89:78:6b:49:40:3f:
         20:25:35:7e:84:9e:1f:3a:51:65:d7:fd:f7:03:fb:0b:2d:77:
         7c:fd:c2:7f:4e:db:ef:27:b8:05:2a:32:9c:b4:9c:26:6c:92:
         d0:1d:ca:1a:5d:f3:c8:36:9a:67:d2:25:4f:df:ba:e5:5a:b6:
         e4:ef:24:62:13:d6:40:2d:b0:02:b9:5d:86:d4:f4:27:f9:53:
         eb:0e:56:30:ca:a7:0a:3b:bc:9b:7e:96:7f:1c:a2:8d:95:22:
         39:a7:c4:6d:d9:1d:90:97:c4:ba:b8:0c:4d:d6:c5:a1:08:ba:
         be:84:6e:71:5a:79:1b:6d:48:80:0c:c6:0f:bb:79:c3:bd:f4:
         84:b0:00:8b:a2:b3:14:7c:08:58:ee:65:66:5f:df:c4:1f:e1:
         73:84:0f:e3:34:c6:7c:57:4a:f9:67:46:c9:a1:8f:c5:6b:fb:
         fb:64:1b:9e:31:9a:72:30:de:95:0d:21:90:de:02:1d:9a:7b:
         97:d1:1d:12:12:09:38:7b:5b:d2:2e:b4:d4:eb:e4:a2:eb:ca:
         6b:5a:5d:0c:fd:af:65:6a:3f:9a:8e:e4:40:36:a8:c0:ce:3a:
         1f:f0:5f:6d:94:41:8b:03:b6:3f:09:b9:21:a2:ac:ab:11:0b:
         d9:26:cf:78
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUH5wEQxykq80NtWFQrTlgTK0H3aswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MTZaFw0yMjA5MzAwMDAxMTZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjJGNTlDRkVDQTREMTVBMkZF
MEM1NDkxMjc5NUNFNjMzMTk5N0I2REJGNjM1NDUwQUVEMzM3QzJDMTdBQkIwMEYx
OUI1QTk4ODgxREM1MjcyNDIxNTJCQjgxNTdCOUZCRkMyRTMwNjc1RTRCOUEyOUE4
Q0MwQjJERUM0RDFCRTU0NTU4QTVENTJEOTE3Qzk3MUI2RjVFNTM3NEFBRDEzRjA2
QUE5REI0N0Y2QkFEOENBMjFFNDY0OTg4NTI0OUE2RjJFMTAwM0YyQjJDQjY3NkND
QTg0MDA0OTE2QjRBNzM4OEQ5QkU3NkFGNkVEMjFFRUIxRDEwMjRCRjY4REVEQzYz
Rjc3NDkwMzQ0MjQ0OEQ1RTRGMUY5QUIwRUYzRUZBMUU3NDZCNDJFNjA1RjlEREY5
ODhCNDEyRUY0ODZEQkRFQUVBQ0YzMjNFNUY2NDgyNzQ0NkI3MjJCQTIyQzcwOEU5
RUQ0RDA0QjQwQTMxMDQwOTJDM0VCODQ2QTY0MUM1ODVBRTg4MDE4NEM3MzIyRDg1
Q0VEOUE2MEE5QkJFQ0IxQjVENUNBRkY4RjY0RUNCOTdGOEFBQzMzNTNGNjhEOTFC
NzZDMDBDQjZBQkEwMjU3Rjg4ODU3OTZCMDQ1RDhDNTZCODAzRTQwQTE0N0MwOUMx
QjVERjBDMDU0RjA1MzUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsvWc/spNFaL+DFSRJ5XOYzGZe22/Y1RQrtM3wsF6uwDxm1qYiB3F
JyQhUruBV7n7/C4wZ15LmimozAst7E0b5UVYpdUtkXyXG29eU3Sq0T8Gqp20f2ut
jKIeRkmIUkmm8uEAPysstnbMqEAEkWtKc4jZvnavbtIe6x0QJL9o3txj93SQNEJE
jV5PH5qw7z76HnRrQuYF+d35iLQS70htverqzzI+X2SCdEa3Iroixwjp7U0EtAox
BAksPrhGpkHFha6IAYTHMi2FztmmCpu+yxtdXK/49k7Ll/iqwzU/aNkbdsAMtqug
JX+IhXlrBF2MVrgD5AoUfAnBtd8MBU8FNQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FPaeID7mRt6tk5s6JErFEbn6njkLMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzgzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAC2/VAwDQYJKoZIhvcNAQELBQADggEBAGqRCtoy5nhI
0eoJP4l4a0lAPyAlNX6Enh86UWXX/fcD+wstd3z9wn9O2+8nuAUqMpy0nCZsktAd
yhpd88g2mmfSJU/fuuVatuTvJGIT1kAtsAK5XYbU9Cf5U+sOVjDKpwo7vJt+ln8c
oo2VIjmnxG3ZHZCXxLq4DE3WxaEIur6EbnFaeRttSIAMxg+7ecO99ISwAIuisxR8
CFjuZWZf38Qf4XOED+M0xnxXSvlnRsmhj8Vr+/tkG54xmnIw3pUNIZDeAh2ae5fR
HRISCTh7W9IutNTr5KLrymtaXQz9r2VqP5qO5EA2qMDOOh/wX22UQYsDtj8JuSGi
rKsRC9kmz3g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org