Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030643a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313030643a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          c2nnmVtfUm4Q15k004IU66JWXYvLm6Fllz9y8Zfynvc=
Subject key identifier:   D1:B7:33:1D:E5:53:2C:6E:96:2E:C6:7C:53:81:53:D7:71:3C:89:2C
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       56D4884BBCC33801C49CECD74739B174C0595F87
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030643a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:48 +0000
ROA not before:           Wed 29 Sep 2021 23:55:48 +0000
ROA not after:            Fri 30 Sep 2022 00:00:48 +0000
asID:                     17451
IP address blocks:        2404:8000:100d::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:d4:88:4b:bc:c3:38:01:c4:9c:ec:d7:47:39:b1:74:c0:59:5f:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:48 2021 GMT
            Not After : Sep 30 00:00:48 2022 GMT
        Subject: CN=3082010A0282010100CC12774835BC0D46F8B9C8EE2284AD407015B962C46058A5D80C391BFBE404258716FECEAA0E4ADF850ABFC7F0572690461A6AD84C6CDE69A1841CA7AB751736590D195A83C0F0C708119B3A1DB48A860B212B1955CF251E93C7B7BCC22E02CAC035E227ABD15C40950FC31C8461169D2AFE8669E87B34B4F61863418F8565DAB4768935BD5276EC57DD733F9651DFCD3ABE7948CB492467FA910F440EFD9B2814AD8F8CA26F5016825FA6F83FABBE21550A89BE4B3960E7518A02811E73A096C961F9F0C825CD9A242BDA3D3B71791E0D88557BBE8D83A6E5B2332C6A080680F6E6DA1680837B0CBFC41B07CA0C150C839D2EBB9E86267F4692D17030E1EC370203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:12:77:48:35:bc:0d:46:f8:b9:c8:ee:22:84:
                    ad:40:70:15:b9:62:c4:60:58:a5:d8:0c:39:1b:fb:
                    e4:04:25:87:16:fe:ce:aa:0e:4a:df:85:0a:bf:c7:
                    f0:57:26:90:46:1a:6a:d8:4c:6c:de:69:a1:84:1c:
                    a7:ab:75:17:36:59:0d:19:5a:83:c0:f0:c7:08:11:
                    9b:3a:1d:b4:8a:86:0b:21:2b:19:55:cf:25:1e:93:
                    c7:b7:bc:c2:2e:02:ca:c0:35:e2:27:ab:d1:5c:40:
                    95:0f:c3:1c:84:61:16:9d:2a:fe:86:69:e8:7b:34:
                    b4:f6:18:63:41:8f:85:65:da:b4:76:89:35:bd:52:
                    76:ec:57:dd:73:3f:96:51:df:cd:3a:be:79:48:cb:
                    49:24:67:fa:91:0f:44:0e:fd:9b:28:14:ad:8f:8c:
                    a2:6f:50:16:82:5f:a6:f8:3f:ab:be:21:55:0a:89:
                    be:4b:39:60:e7:51:8a:02:81:1e:73:a0:96:c9:61:
                    f9:f0:c8:25:cd:9a:24:2b:da:3d:3b:71:79:1e:0d:
                    88:55:7b:be:8d:83:a6:e5:b2:33:2c:6a:08:06:80:
                    f6:e6:da:16:80:83:7b:0c:bf:c4:1b:07:ca:0c:15:
                    0c:83:9d:2e:bb:9e:86:26:7f:46:92:d1:70:30:e1:
                    ec:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:B7:33:1D:E5:53:2C:6E:96:2E:C6:7C:53:81:53:D7:71:3C:89:2C
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030643a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:100d::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:48:b4:50:c1:68:30:db:64:42:1b:fa:2b:cf:b8:75:2f:4a:
         87:c7:ee:5c:3c:22:53:0a:81:5d:b5:de:81:81:38:55:01:a1:
         e9:14:16:c0:90:08:13:ec:a8:ff:b8:44:38:79:2e:17:1d:5b:
         9d:ea:bf:7c:18:6d:4e:98:d4:b6:2f:93:1d:e4:07:f9:2c:eb:
         f2:17:03:7b:43:8f:17:72:ff:0d:7d:b7:46:22:e9:d2:96:59:
         4e:af:83:80:fc:d8:83:66:54:e0:a6:06:07:c7:60:03:bd:d7:
         75:48:e6:8a:b4:94:fc:bd:65:85:5c:b2:73:d7:8f:af:73:5a:
         af:b7:3e:ee:50:a3:9e:b7:3b:d4:2b:2f:af:7d:f4:6a:c4:c5:
         de:f2:52:a9:c1:89:36:46:44:ca:31:af:2c:96:9e:a1:48:e0:
         60:c9:3a:fe:1e:68:30:df:7c:3a:be:59:92:48:d0:e5:f8:b9:
         56:82:7d:e2:4b:42:c6:3c:a0:2f:86:98:d7:8e:95:10:9e:87:
         b0:bd:53:e8:92:1e:c8:e9:a3:18:61:25:de:dc:fa:f2:85:f4:
         c9:60:e4:aa:dc:53:20:44:79:e7:cd:ba:50:2d:f4:f7:84:04:
         5d:1a:6b:7c:83:4a:e6:ec:e0:c0:04:57:d8:e3:2d:c9:48:03:
         17:82:5c:fc
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUVtSIS7zDOAHEnOzXRzmxdMBZX4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDhaFw0yMjA5MzAwMDAwNDhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQ0MxMjc3NDgzNUJDMEQ0NkY4
QjlDOEVFMjI4NEFENDA3MDE1Qjk2MkM0NjA1OEE1RDgwQzM5MUJGQkU0MDQyNTg3
MTZGRUNFQUEwRTRBREY4NTBBQkZDN0YwNTcyNjkwNDYxQTZBRDg0QzZDREU2OUEx
ODQxQ0E3QUI3NTE3MzY1OTBEMTk1QTgzQzBGMEM3MDgxMTlCM0ExREI0OEE4NjBC
MjEyQjE5NTVDRjI1MUU5M0M3QjdCQ0MyMkUwMkNBQzAzNUUyMjdBQkQxNUM0MDk1
MEZDMzFDODQ2MTE2OUQyQUZFODY2OUU4N0IzNEI0RjYxODYzNDE4Rjg1NjVEQUI0
NzY4OTM1QkQ1Mjc2RUM1N0RENzMzRjk2NTFERkNEM0FCRTc5NDhDQjQ5MjQ2N0ZB
OTEwRjQ0MEVGRDlCMjgxNEFEOEY4Q0EyNkY1MDE2ODI1RkE2RjgzRkFCQkUyMTU1
MEE4OUJFNEIzOTYwRTc1MThBMDI4MTFFNzNBMDk2Qzk2MUY5RjBDODI1Q0Q5QTI0
MkJEQTNEM0I3MTc5MUUwRDg4NTU3QkJFOEQ4M0E2RTVCMjMzMkM2QTA4MDY4MEY2
RTZEQTE2ODA4MzdCMENCRkM0MUIwN0NBMEMxNTBDODM5RDJFQkI5RTg2MjY3RjQ2
OTJEMTcwMzBFMUVDMzcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAzBJ3SDW8DUb4ucjuIoStQHAVuWLEYFil2Aw5G/vkBCWHFv7Oqg5K
34UKv8fwVyaQRhpq2Exs3mmhhBynq3UXNlkNGVqDwPDHCBGbOh20ioYLISsZVc8l
HpPHt7zCLgLKwDXiJ6vRXECVD8MchGEWnSr+hmnoezS09hhjQY+FZdq0dok1vVJ2
7Ffdcz+WUd/NOr55SMtJJGf6kQ9EDv2bKBStj4yib1AWgl+m+D+rviFVCom+Szlg
51GKAoEec6CWyWH58MglzZokK9o9O3F5Hg2IVXu+jYOm5bIzLGoIBoD25toWgIN7
DL/EGwfKDBUMg50uu56GJn9GktFwMOHsNwIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FNG3Mx3lUyxuli7GfFOBU9dxPIksMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMDY0M2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQDTANBgkqhkiG9w0BAQsFAAOC
AQEAfEi0UMFoMNtkQhv6K8+4dS9Kh8fuXDwiUwqBXbXegYE4VQGh6RQWwJAIE+yo
/7hEOHkuFx1bneq/fBhtTpjUti+THeQH+Szr8hcDe0OPF3L/DX23RiLp0pZZTq+D
gPzYg2ZU4KYGB8dgA73XdUjmirSU/L1lhVyyc9ePr3Nar7c+7lCjnrc71Csvr330
asTF3vJSqcGJNkZEyjGvLJaeoUjgYMk6/h5oMN98Or5ZkkjQ5fi5VoJ94ktCxjyg
L4aY146VEJ6HsL1T6JIeyOmjGGEl3tz68oX0yWDkqtxTIER55826UC3094QEXRpr
fINK5uzgwARX2OMtyUgDF4Jc/A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:46 2023 by rpki-client on console-fra.rpki-client.org