Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3230332e3134322e37352e302f32342d3234203d3e203137343531.roa
File:                     3230332e3134322e37352e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          H02BxtFyy3UiFFrT+HSyxkmMA2q9KPLqWB+2bsOjdqQ=
Subject key identifier:   D8:85:90:82:62:19:06:B3:40:51:33:1A:DF:37:D8:4A:FF:0F:42:92
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       043DEDAF5BF49E7487D0D63958A21B1CEC652A98
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3230332e3134322e37352e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:02 +0000
ROA not before:           Wed 29 Sep 2021 23:56:02 +0000
ROA not after:            Fri 30 Sep 2022 00:01:02 +0000
asID:                     17451
IP address blocks:        203.142.75.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:3d:ed:af:5b:f4:9e:74:87:d0:d6:39:58:a2:1b:1c:ec:65:2a:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:02 2021 GMT
            Not After : Sep 30 00:01:02 2022 GMT
        Subject: CN=3082010A0282010100E4D676CFE2F931F95C743A6A3F763E0723E18BB46133AF66E571692955A5086F7C3978E473FC4AAD95CC5802BB39E6CF335CF0381B0894C158451EE60ADAEBA5B5AFDA34E4E74EB78463CFBCB680A14ACCE95BEC9A0D6D60E644D37CB3669CC8FE6820653EAB7856D78ABB63776B5FE5320E8D8B34219ECF5F49EC6CC2FECE103E6BDB91006B4BC6C2554740B305776234C6226EA904C973FFAEE68198DE18FFEC3F86A13A92BC5F53DB1E33E235307296FA466550B1B421F8C68929AAB3BAA358E79A00E1251C86CB58EFE4DC3E6AD7360309B3E3F795EC17410601179C9BEC74D5481678563BF3285A581A1AC60CDB96A49EC4D88C994D0A317B815F3FDDF50203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:d6:76:cf:e2:f9:31:f9:5c:74:3a:6a:3f:76:
                    3e:07:23:e1:8b:b4:61:33:af:66:e5:71:69:29:55:
                    a5:08:6f:7c:39:78:e4:73:fc:4a:ad:95:cc:58:02:
                    bb:39:e6:cf:33:5c:f0:38:1b:08:94:c1:58:45:1e:
                    e6:0a:da:eb:a5:b5:af:da:34:e4:e7:4e:b7:84:63:
                    cf:bc:b6:80:a1:4a:cc:e9:5b:ec:9a:0d:6d:60:e6:
                    44:d3:7c:b3:66:9c:c8:fe:68:20:65:3e:ab:78:56:
                    d7:8a:bb:63:77:6b:5f:e5:32:0e:8d:8b:34:21:9e:
                    cf:5f:49:ec:6c:c2:fe:ce:10:3e:6b:db:91:00:6b:
                    4b:c6:c2:55:47:40:b3:05:77:62:34:c6:22:6e:a9:
                    04:c9:73:ff:ae:e6:81:98:de:18:ff:ec:3f:86:a1:
                    3a:92:bc:5f:53:db:1e:33:e2:35:30:72:96:fa:46:
                    65:50:b1:b4:21:f8:c6:89:29:aa:b3:ba:a3:58:e7:
                    9a:00:e1:25:1c:86:cb:58:ef:e4:dc:3e:6a:d7:36:
                    03:09:b3:e3:f7:95:ec:17:41:06:01:17:9c:9b:ec:
                    74:d5:48:16:78:56:3b:f3:28:5a:58:1a:1a:c6:0c:
                    db:96:a4:9e:c4:d8:8c:99:4d:0a:31:7b:81:5f:3f:
                    dd:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:85:90:82:62:19:06:B3:40:51:33:1A:DF:37:D8:4A:FF:0F:42:92
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3230332e3134322e37352e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.142.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:76:9f:36:43:dc:8d:3f:a6:95:c1:f7:9b:4f:b9:0e:b4:8a:
         41:15:28:f9:1d:c2:e5:4e:2d:43:d3:f4:8e:fa:54:94:81:33:
         e2:bd:43:d6:8f:f7:fa:98:95:c2:15:ee:ed:a1:a3:fc:52:b5:
         8f:a7:02:af:19:39:a7:81:0d:ca:c8:1e:94:e2:4c:67:fb:01:
         cb:6a:91:d5:03:b6:81:30:fa:09:ed:ea:48:13:dd:82:0b:1b:
         3b:f5:67:9a:94:92:4c:e0:a5:46:22:1e:f1:71:e9:6a:51:82:
         81:63:37:ae:19:88:c9:54:70:98:df:1f:26:b5:b4:ea:34:5b:
         72:62:eb:4e:1b:8d:37:ca:c1:53:5b:3f:ef:da:48:dd:3c:4d:
         ad:6c:ce:f8:b7:14:af:0b:2b:fd:a5:b1:bd:98:b2:35:33:27:
         95:fa:82:f5:19:d9:ea:17:51:dd:f8:19:88:22:e0:8c:74:13:
         25:a7:ea:32:89:47:7c:73:6b:28:21:11:8c:ad:de:34:4f:e3:
         cd:13:f0:5f:21:0d:9c:56:c9:66:af:36:4d:9e:21:bd:12:8a:
         03:4a:25:e0:7b:04:12:14:c7:0d:7f:08:b4:fc:25:a2:e6:c8:
         d5:29:2f:18:2f:e3:26:f1:8a:25:4f:bd:db:36:95:f8:48:e9:
         b0:c1:3a:5b
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUBD3tr1v0nnSH0NY5WKIbHOxlKpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MDJaFw0yMjA5MzAwMDAxMDJaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRTRENjc2Q0ZFMkY5MzFGOTVD
NzQzQTZBM0Y3NjNFMDcyM0UxOEJCNDYxMzNBRjY2RTU3MTY5Mjk1NUE1MDg2RjdD
Mzk3OEU0NzNGQzRBQUQ5NUNDNTgwMkJCMzlFNkNGMzM1Q0YwMzgxQjA4OTRDMTU4
NDUxRUU2MEFEQUVCQTVCNUFGREEzNEU0RTc0RUI3ODQ2M0NGQkNCNjgwQTE0QUND
RTk1QkVDOUEwRDZENjBFNjQ0RDM3Q0IzNjY5Q0M4RkU2ODIwNjUzRUFCNzg1NkQ3
OEFCQjYzNzc2QjVGRTUzMjBFOEQ4QjM0MjE5RUNGNUY0OUVDNkNDMkZFQ0UxMDNF
NkJEQjkxMDA2QjRCQzZDMjU1NDc0MEIzMDU3NzYyMzRDNjIyNkVBOTA0Qzk3M0ZG
QUVFNjgxOThERTE4RkZFQzNGODZBMTNBOTJCQzVGNTNEQjFFMzNFMjM1MzA3Mjk2
RkE0NjY1NTBCMUI0MjFGOEM2ODkyOUFBQjNCQUEzNThFNzlBMDBFMTI1MUM4NkNC
NThFRkU0REMzRTZBRDczNjAzMDlCM0UzRjc5NUVDMTc0MTA2MDExNzlDOUJFQzc0
RDU0ODE2Nzg1NjNCRjMyODVBNTgxQTFBQzYwQ0RCOTZBNDlFQzREODhDOTk0RDBB
MzE3QjgxNUYzRkRERjUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA5NZ2z+L5MflcdDpqP3Y+ByPhi7RhM69m5XFpKVWlCG98OXjkc/xK
rZXMWAK7OebPM1zwOBsIlMFYRR7mCtrrpbWv2jTk5063hGPPvLaAoUrM6Vvsmg1t
YOZE03yzZpzI/mggZT6reFbXirtjd2tf5TIOjYs0IZ7PX0nsbML+zhA+a9uRAGtL
xsJVR0CzBXdiNMYibqkEyXP/ruaBmN4Y/+w/hqE6krxfU9seM+I1MHKW+kZlULG0
IfjGiSmqs7qjWOeaAOElHIbLWO/k3D5q1zYDCbPj95XsF0EGARecm+x01UgWeFY7
8yhaWBoaxgzblqSexNiMmU0KMXuBXz/d9QIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FNiFkIJiGQazQFEzGt832Er/D0KSMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjMwMzMyZTMxMzQzMjJlMzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBADLjkswDQYJKoZIhvcNAQELBQADggEBAEl2nzZD3I0/
ppXB95tPuQ60ikEVKPkdwuVOLUPT9I76VJSBM+K9Q9aP9/qYlcIV7u2ho/xStY+n
Aq8ZOaeBDcrIHpTiTGf7ActqkdUDtoEw+gnt6kgT3YILGzv1Z5qUkkzgpUYiHvFx
6WpRgoFjN64ZiMlUcJjfHya1tOo0W3Ji604bjTfKwVNbP+/aSN08Ta1szvi3FK8L
K/2lsb2YsjUzJ5X6gvUZ2eoXUd34GYgi4Ix0EyWn6jKJR3xzayghEYyt3jRP480T
8F8hDZxWyWavNk2eIb0SigNKJeB7BBIUxw1/CLT8JaLmyNUpLxgv4ybxiiVPvds2
lfhI6bDBOls=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:46 2023 by rpki-client on console-fra.rpki-client.org