Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e38342e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e38342e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          SaVo7Iyg/oWwBiv+kp9Bg2QRsTfH3cATAt5cZ+Mw2+8=
Subject key identifier:   4A:6D:65:5E:18:A8:74:8A:C0:4E:D0:17:22:7D:A5:28:F2:0C:7F:06
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       013A2F4999C06EEC4A575B983B7D79FE8726AE3B
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e38342e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:25 +0000
ROA not before:           Wed 29 Sep 2021 23:55:25 +0000
ROA not after:            Fri 30 Sep 2022 00:00:25 +0000
asID:                     17451
IP address blocks:        182.253.84.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:3a:2f:49:99:c0:6e:ec:4a:57:5b:98:3b:7d:79:fe:87:26:ae:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:25 2021 GMT
            Not After : Sep 30 00:00:25 2022 GMT
        Subject: CN=3082010A0282010100C20ABCBC2AA044A37142CFA97C4A94CE8AF8BA8018EE33A729E849BC866AE27C6385E3CDD81122FCB076ADAFF28E437577937B72CABE75D547EE908E42419E9DF0D77DA3110DCE6B3F550D1435EFCE738ABD1E6642D2C55B3BAD5B391D2F9215574D3754308452635E8339CA535A22F03A144701E97B67174EB4B0A5E07FD72F0DD5CF78489E79B3179EFF6AA77BAE742462B13181795193A18AE3DE34D10848F06222DADE03E5C30CCCA9AD975A7419909ED32B1221AC08E18994E84A696B938A8F9E8B1D530C1A56D34F29BF0A093DABECB4D38FB25CC98B63880EAACCC39B0880BCC384BF0FF9CF855611978D4B5808BBA372AABCF5FF371A4046749C3C3D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:0a:bc:bc:2a:a0:44:a3:71:42:cf:a9:7c:4a:
                    94:ce:8a:f8:ba:80:18:ee:33:a7:29:e8:49:bc:86:
                    6a:e2:7c:63:85:e3:cd:d8:11:22:fc:b0:76:ad:af:
                    f2:8e:43:75:77:93:7b:72:ca:be:75:d5:47:ee:90:
                    8e:42:41:9e:9d:f0:d7:7d:a3:11:0d:ce:6b:3f:55:
                    0d:14:35:ef:ce:73:8a:bd:1e:66:42:d2:c5:5b:3b:
                    ad:5b:39:1d:2f:92:15:57:4d:37:54:30:84:52:63:
                    5e:83:39:ca:53:5a:22:f0:3a:14:47:01:e9:7b:67:
                    17:4e:b4:b0:a5:e0:7f:d7:2f:0d:d5:cf:78:48:9e:
                    79:b3:17:9e:ff:6a:a7:7b:ae:74:24:62:b1:31:81:
                    79:51:93:a1:8a:e3:de:34:d1:08:48:f0:62:22:da:
                    de:03:e5:c3:0c:cc:a9:ad:97:5a:74:19:90:9e:d3:
                    2b:12:21:ac:08:e1:89:94:e8:4a:69:6b:93:8a:8f:
                    9e:8b:1d:53:0c:1a:56:d3:4f:29:bf:0a:09:3d:ab:
                    ec:b4:d3:8f:b2:5c:c9:8b:63:88:0e:aa:cc:c3:9b:
                    08:80:bc:c3:84:bf:0f:f9:cf:85:56:11:97:8d:4b:
                    58:08:bb:a3:72:aa:bc:f5:ff:37:1a:40:46:74:9c:
                    3c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:6D:65:5E:18:A8:74:8A:C0:4E:D0:17:22:7D:A5:28:F2:0C:7F:06
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e38342e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:24:e3:68:35:a0:3b:00:c9:f9:88:df:2e:f7:8a:2b:e4:99:
         02:ac:83:aa:c8:29:17:7c:85:8c:e5:d2:44:6d:ba:f5:9b:2d:
         97:1c:8d:eb:83:72:d9:a9:ea:2d:0c:f8:1b:1d:4b:55:9f:8e:
         61:0e:c7:a5:f0:eb:aa:b1:25:70:61:9c:05:5a:eb:ab:91:19:
         e8:07:a9:44:43:52:43:a1:5e:a8:e6:4e:7e:8a:db:fe:b4:2c:
         e9:a0:c2:a5:98:d3:b3:dc:ba:60:66:31:f7:c7:10:6e:f4:e6:
         15:42:bb:8e:46:ee:c9:c7:62:90:09:5b:f2:01:04:dd:d3:76:
         79:3f:d1:bc:6a:8b:3b:ea:07:ed:28:7d:65:f4:78:5a:48:4a:
         ef:27:12:2f:8a:68:df:c0:b3:d3:cc:a3:09:26:31:bc:a3:4d:
         b2:75:ce:be:1b:62:50:3b:2f:3e:74:b3:2f:02:ee:d8:b7:8f:
         7d:c5:a2:52:69:ee:03:0f:db:03:a3:e7:84:76:f6:73:19:a9:
         23:4d:ec:88:e6:b9:41:00:10:d8:93:11:90:17:4e:44:ca:2b:
         1d:85:1f:98:d5:e8:1a:6e:67:23:9b:07:81:dc:58:f2:9a:19:
         6f:71:43:a7:86:78:dc:8e:56:21:01:68:38:7a:1a:48:88:57:
         53:09:ab:59
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUATovSZnAbuxKV1uYO315/ocmrjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjVaFw0yMjA5MzAwMDAwMjVaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzIwQUJDQkMyQUEwNDRBMzcx
NDJDRkE5N0M0QTk0Q0U4QUY4QkE4MDE4RUUzM0E3MjlFODQ5QkM4NjZBRTI3QzYz
ODVFM0NERDgxMTIyRkNCMDc2QURBRkYyOEU0Mzc1Nzc5MzdCNzJDQUJFNzVENTQ3
RUU5MDhFNDI0MTlFOURGMEQ3N0RBMzExMERDRTZCM0Y1NTBEMTQzNUVGQ0U3MzhB
QkQxRTY2NDJEMkM1NUIzQkFENUIzOTFEMkY5MjE1NTc0RDM3NTQzMDg0NTI2MzVF
ODMzOUNBNTM1QTIyRjAzQTE0NDcwMUU5N0I2NzE3NEVCNEIwQTVFMDdGRDcyRjBE
RDVDRjc4NDg5RTc5QjMxNzlFRkY2QUE3N0JBRTc0MjQ2MkIxMzE4MTc5NTE5M0Ex
OEFFM0RFMzREMTA4NDhGMDYyMjJEQURFMDNFNUMzMENDQ0E5QUQ5NzVBNzQxOTkw
OUVEMzJCMTIyMUFDMDhFMTg5OTRFODRBNjk2QjkzOEE4RjlFOEIxRDUzMEMxQTU2
RDM0RjI5QkYwQTA5M0RBQkVDQjREMzhGQjI1Q0M5OEI2Mzg4MEVBQUNDQzM5QjA4
ODBCQ0MzODRCRjBGRjlDRjg1NTYxMTk3OEQ0QjU4MDhCQkEzNzJBQUJDRjVGRjM3
MUE0MDQ2NzQ5QzNDM0QwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwgq8vCqgRKNxQs+pfEqUzor4uoAY7jOnKehJvIZq4nxjhePN2BEi
/LB2ra/yjkN1d5N7csq+ddVH7pCOQkGenfDXfaMRDc5rP1UNFDXvznOKvR5mQtLF
WzutWzkdL5IVV003VDCEUmNegznKU1oi8DoURwHpe2cXTrSwpeB/1y8N1c94SJ55
sxee/2qne650JGKxMYF5UZOhiuPeNNEISPBiItreA+XDDMyprZdadBmQntMrEiGs
COGJlOhKaWuTio+eix1TDBpW008pvwoJPavstNOPslzJi2OIDqrMw5sIgLzDhL8P
+c+FVhGXjUtYCLujcqq89f83GkBGdJw8PQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FEptZV4YqHSKwE7QFyJ9pSjyDH8GMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzgzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAC2/VQwDQYJKoZIhvcNAQELBQADggEBAJYk42g1oDsA
yfmI3y73iivkmQKsg6rIKRd8hYzl0kRtuvWbLZccjeuDctmp6i0M+BsdS1WfjmEO
x6Xw66qxJXBhnAVa66uRGegHqURDUkOhXqjmTn6K2/60LOmgwqWY07PcumBmMffH
EG705hVCu45G7snHYpAJW/IBBN3Tdnk/0bxqizvqB+0ofWX0eFpISu8nEi+KaN/A
s9PMowkmMbyjTbJ1zr4bYlA7Lz50sy8C7ti3j33FolJp7gMP2wOj54R29nMZqSNN
7IjmuUEAENiTEZAXTkTKKx2FH5jV6BpuZyObB4HcWPKaGW9xQ6eGeNyOViEBaDh6
GkiIV1MJq1k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:45 2023 by rpki-client on console-fra.rpki-client.org