Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030303a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313030303a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          WbgT4Ero38GnyUwPk9V+6gJdpSH6+NOcyiBY+8VrXWE=
Subject key identifier:   54:75:C0:EE:C0:66:D9:ED:CD:73:92:5F:38:B3:F6:10:05:E6:F4:C5
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       12A9885AEFB9CF990040F13E81816C0A34A6299A
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030303a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:56 +0000
ROA not before:           Wed 29 Sep 2021 23:55:56 +0000
ROA not after:            Fri 30 Sep 2022 00:00:56 +0000
asID:                     17451
IP address blocks:        2404:8000:1000::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:a9:88:5a:ef:b9:cf:99:00:40:f1:3e:81:81:6c:0a:34:a6:29:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:56 2021 GMT
            Not After : Sep 30 00:00:56 2022 GMT
        Subject: CN=3082010A0282010100D0E4C67C5A4BB1816166806B6ACC217682C0A74BE2BF5D638852BA5D9DF738E0A2CE4D351C9F93ACB831E584C99ECDE431C66A001EE748E8F7B07629ECBFAB1108479AC0D54CC6AEBE1F3F3BFA64F8C82B5BC0BCB068BC17EB28404D82D29440F714A37D8B55B31823F70097B39FA11B14A8CF5E460C73DFE0BC46D43B3248DE833764A49C161F8E05C4DB43E76315F3088A937EB2AF22BAC86E2CA178F45D28D510E1F76451C22D299C3A37F97535D4A4CC5306A735786BDAED8675043F4962567F2F4CC5265D6D19597417F29F89E50714D941E7A8A4C001790BD7CD428487B31D9FBFA33E37A003C84AD596595616656755800EC8A62096AAA5CDCFADE5090203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e4:c6:7c:5a:4b:b1:81:61:66:80:6b:6a:cc:
                    21:76:82:c0:a7:4b:e2:bf:5d:63:88:52:ba:5d:9d:
                    f7:38:e0:a2:ce:4d:35:1c:9f:93:ac:b8:31:e5:84:
                    c9:9e:cd:e4:31:c6:6a:00:1e:e7:48:e8:f7:b0:76:
                    29:ec:bf:ab:11:08:47:9a:c0:d5:4c:c6:ae:be:1f:
                    3f:3b:fa:64:f8:c8:2b:5b:c0:bc:b0:68:bc:17:eb:
                    28:40:4d:82:d2:94:40:f7:14:a3:7d:8b:55:b3:18:
                    23:f7:00:97:b3:9f:a1:1b:14:a8:cf:5e:46:0c:73:
                    df:e0:bc:46:d4:3b:32:48:de:83:37:64:a4:9c:16:
                    1f:8e:05:c4:db:43:e7:63:15:f3:08:8a:93:7e:b2:
                    af:22:ba:c8:6e:2c:a1:78:f4:5d:28:d5:10:e1:f7:
                    64:51:c2:2d:29:9c:3a:37:f9:75:35:d4:a4:cc:53:
                    06:a7:35:78:6b:da:ed:86:75:04:3f:49:62:56:7f:
                    2f:4c:c5:26:5d:6d:19:59:74:17:f2:9f:89:e5:07:
                    14:d9:41:e7:a8:a4:c0:01:79:0b:d7:cd:42:84:87:
                    b3:1d:9f:bf:a3:3e:37:a0:03:c8:4a:d5:96:59:56:
                    16:65:67:55:80:0e:c8:a6:20:96:aa:a5:cd:cf:ad:
                    e5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:75:C0:EE:C0:66:D9:ED:CD:73:92:5F:38:B3:F6:10:05:E6:F4:C5
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030303a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:1000::/48

    Signature Algorithm: sha256WithRSAEncryption
         6b:47:f3:f9:71:ce:60:ae:73:fd:5f:40:6a:5f:d9:3e:c2:bb:
         87:3a:a0:ed:60:da:85:b6:ad:ae:e0:f8:eb:27:5a:cf:02:e0:
         7e:07:07:88:8c:ec:55:2f:f4:d6:94:27:b9:87:49:2e:76:61:
         35:26:ba:6b:1e:ea:fb:ab:1d:f8:2d:60:a1:87:5a:39:e3:0e:
         b3:94:d7:1e:87:e9:4d:a0:0e:85:d8:b2:06:e0:97:4c:d0:e6:
         2a:c1:e4:1f:3d:7f:44:5e:7b:73:f5:e8:ff:ee:25:cf:4d:59:
         fc:3d:bf:df:bd:ed:42:a6:24:41:43:c2:8a:1f:60:fe:6f:66:
         6a:c4:e9:04:cb:5c:c0:01:5f:11:c5:8d:ce:49:14:73:a1:1b:
         7a:73:00:d5:ea:1b:1a:c7:63:e9:dd:5c:ef:4d:e7:ed:7c:b8:
         36:89:96:10:15:3c:54:ba:b5:98:9f:92:d1:22:3e:1e:09:e5:
         47:09:9a:7f:ed:02:aa:be:7c:33:72:19:9b:96:22:9a:f5:25:
         4f:a1:bc:ad:e7:91:23:0c:5a:c3:8a:2f:ac:28:2c:88:ad:91:
         ee:0f:12:a8:ac:82:d5:e0:ee:44:81:60:85:1d:9f:b2:83:50:
         1e:fb:21:5e:b0:89:a2:bc:70:6d:ae:14:53:a7:1c:2f:b2:99:
         38:78:81:ed
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUEqmIWu+5z5kAQPE+gYFsCjSmKZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NTZaFw0yMjA5MzAwMDAwNTZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDBFNEM2N0M1QTRCQjE4MTYx
NjY4MDZCNkFDQzIxNzY4MkMwQTc0QkUyQkY1RDYzODg1MkJBNUQ5REY3MzhFMEEy
Q0U0RDM1MUM5RjkzQUNCODMxRTU4NEM5OUVDREU0MzFDNjZBMDAxRUU3NDhFOEY3
QjA3NjI5RUNCRkFCMTEwODQ3OUFDMEQ1NENDNkFFQkUxRjNGM0JGQTY0RjhDODJC
NUJDMEJDQjA2OEJDMTdFQjI4NDA0RDgyRDI5NDQwRjcxNEEzN0Q4QjU1QjMxODIz
RjcwMDk3QjM5RkExMUIxNEE4Q0Y1RTQ2MEM3M0RGRTBCQzQ2RDQzQjMyNDhERTgz
Mzc2NEE0OUMxNjFGOEUwNUM0REI0M0U3NjMxNUYzMDg4QTkzN0VCMkFGMjJCQUM4
NkUyQ0ExNzhGNDVEMjhENTEwRTFGNzY0NTFDMjJEMjk5QzNBMzdGOTc1MzVENEE0
Q0M1MzA2QTczNTc4NkJEQUVEODY3NTA0M0Y0OTYyNTY3RjJGNENDNTI2NUQ2RDE5
NTk3NDE3RjI5Rjg5RTUwNzE0RDk0MUU3QThBNEMwMDE3OTBCRDdDRDQyODQ4N0Iz
MUQ5RkJGQTMzRTM3QTAwM0M4NEFENTk2NTk1NjE2NjU2NzU1ODAwRUM4QTYyMDk2
QUFBNUNEQ0ZBREU1MDkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0OTGfFpLsYFhZoBraswhdoLAp0viv11jiFK6XZ33OOCizk01HJ+T
rLgx5YTJns3kMcZqAB7nSOj3sHYp7L+rEQhHmsDVTMauvh8/O/pk+MgrW8C8sGi8
F+soQE2C0pRA9xSjfYtVsxgj9wCXs5+hGxSoz15GDHPf4LxG1DsySN6DN2SknBYf
jgXE20PnYxXzCIqTfrKvIrrIbiyhePRdKNUQ4fdkUcItKZw6N/l1NdSkzFMGpzV4
a9rthnUEP0liVn8vTMUmXW0ZWXQX8p+J5QcU2UHnqKTAAXkL181ChIezHZ+/oz43
oAPIStWWWVYWZWdVgA7IpiCWqqXNz63lCQIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FFR1wO7AZtntzXOSXziz9hAF5vTFMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMDMwM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQADANBgkqhkiG9w0BAQsFAAOC
AQEAa0fz+XHOYK5z/V9Aal/ZPsK7hzqg7WDahbatruD46ydazwLgfgcHiIzsVS/0
1pQnuYdJLnZhNSa6ax7q+6sd+C1goYdaOeMOs5TXHofpTaAOhdiyBuCXTNDmKsHk
Hz1/RF57c/Xo/+4lz01Z/D2/373tQqYkQUPCih9g/m9masTpBMtcwAFfEcWNzkkU
c6EbenMA1eobGsdj6d1c703n7Xy4NomWEBU8VLq1mJ+S0SI+HgnlRwmaf+0Cqr58
M3IZm5YimvUlT6G8reeRIwxaw4ovrCgsiK2R7g8SqKyC1eDuRIFghR2fsoNQHvsh
XrCJorxwba4UU6ccL7KZOHiB7Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:46 2023 by rpki-client on console-fra.rpki-client.org