Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313032303a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313032303a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          uP10qTj13hPBsa8Zbmom7Y1v5wMFXj7NjZqIhU6bPwk=
Subject key identifier:   DF:32:A3:E0:BB:CA:C7:CD:96:0D:D0:59:5F:C1:19:71:11:AA:4B:E6
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       4EF1AB5CBC783FEB818DB384FBE92417163275F3
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313032303a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:38 +0000
ROA not before:           Wed 29 Sep 2021 23:55:38 +0000
ROA not after:            Fri 30 Sep 2022 00:00:38 +0000
asID:                     17451
IP address blocks:        2404:8000:1020::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:f1:ab:5c:bc:78:3f:eb:81:8d:b3:84:fb:e9:24:17:16:32:75:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:38 2021 GMT
            Not After : Sep 30 00:00:38 2022 GMT
        Subject: CN=3082010A0282010100C8FEBD61E82846FE9701E79F4DA445FB9973EB59053D2C32DC2D7B0945F4B4441356BF4880AF519E0E5EFAC48E99D55CFA1401609B0F8644B8D9C01C93E39456FAB3A916EA4C25D46671E54AE5B08089D338F40CA13140D26BBE6B86D7DDB3E3FAD7F17521FB26B563FFF422DB6645865F0B4790F982F417276154D885DCF122AE388D1BF79E266BD2220D3B987B8E10AF9F6C011F65E67F7E25E6FBEA655988634A17F6D3E2A0C369885FB721531F32BB2D628CBCDA7CE9DF5ABCEFA41FF0B1CC4A428EFB83B135E9D152253BDD785FD168C0F9A9474295967D5FAA8793B62DD787772A5666814DC7BD48876C2BE4C2F99289CF7E6C92F0CEDE8C5ABC6F89110203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fe:bd:61:e8:28:46:fe:97:01:e7:9f:4d:a4:
                    45:fb:99:73:eb:59:05:3d:2c:32:dc:2d:7b:09:45:
                    f4:b4:44:13:56:bf:48:80:af:51:9e:0e:5e:fa:c4:
                    8e:99:d5:5c:fa:14:01:60:9b:0f:86:44:b8:d9:c0:
                    1c:93:e3:94:56:fa:b3:a9:16:ea:4c:25:d4:66:71:
                    e5:4a:e5:b0:80:89:d3:38:f4:0c:a1:31:40:d2:6b:
                    be:6b:86:d7:dd:b3:e3:fa:d7:f1:75:21:fb:26:b5:
                    63:ff:f4:22:db:66:45:86:5f:0b:47:90:f9:82:f4:
                    17:27:61:54:d8:85:dc:f1:22:ae:38:8d:1b:f7:9e:
                    26:6b:d2:22:0d:3b:98:7b:8e:10:af:9f:6c:01:1f:
                    65:e6:7f:7e:25:e6:fb:ea:65:59:88:63:4a:17:f6:
                    d3:e2:a0:c3:69:88:5f:b7:21:53:1f:32:bb:2d:62:
                    8c:bc:da:7c:e9:df:5a:bc:ef:a4:1f:f0:b1:cc:4a:
                    42:8e:fb:83:b1:35:e9:d1:52:25:3b:dd:78:5f:d1:
                    68:c0:f9:a9:47:42:95:96:7d:5f:aa:87:93:b6:2d:
                    d7:87:77:2a:56:66:81:4d:c7:bd:48:87:6c:2b:e4:
                    c2:f9:92:89:cf:7e:6c:92:f0:ce:de:8c:5a:bc:6f:
                    89:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:32:A3:E0:BB:CA:C7:CD:96:0D:D0:59:5F:C1:19:71:11:AA:4B:E6
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313032303a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:1020::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:5b:87:cb:1e:eb:f2:fe:8a:c6:02:bb:d5:6f:c1:5f:d2:3d:
         20:8f:29:90:4d:f1:07:59:78:2d:ab:1e:7a:8c:06:22:cf:cf:
         11:ec:d3:bf:ae:17:9b:1b:20:19:bc:7e:22:5b:b2:75:c0:bd:
         f3:d3:00:55:66:4b:01:88:5c:dc:4a:60:02:6a:bf:a3:c2:e4:
         8c:7e:38:99:d6:a5:c1:1c:d5:07:2b:d2:99:f2:93:2f:50:ba:
         05:16:9f:d1:5f:7f:a0:5c:19:d1:4a:63:d0:68:9f:2e:4f:b4:
         43:de:db:61:32:ea:b9:6e:c2:f8:c4:39:26:7e:7b:95:bf:ac:
         27:cb:53:47:77:2c:b3:c4:72:3e:34:dc:7b:f7:03:df:32:79:
         84:7a:52:41:48:59:10:0f:2c:3d:4d:71:dd:1f:4b:03:cd:19:
         ea:31:17:41:93:b8:e2:09:25:1d:7e:3c:ad:39:a3:cb:3b:51:
         cc:f3:f3:01:22:f5:61:a3:f4:74:42:80:a7:5d:1e:49:f8:dd:
         9b:31:b5:57:8d:13:97:1b:62:4f:f8:7c:ec:65:a6:69:eb:b7:
         9c:6d:28:53:26:57:70:b8:ca:f2:14:cf:0f:47:6d:a6:13:b9:
         56:c9:21:49:b0:8a:4e:15:66:92:3b:35:84:92:bc:e0:47:6d:
         1f:53:ce:f4
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUTvGrXLx4P+uBjbOE++kkFxYydfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzhaFw0yMjA5MzAwMDAwMzhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzhGRUJENjFFODI4NDZGRTk3
MDFFNzlGNERBNDQ1RkI5OTczRUI1OTA1M0QyQzMyREMyRDdCMDk0NUY0QjQ0NDEz
NTZCRjQ4ODBBRjUxOUUwRTVFRkFDNDhFOTlENTVDRkExNDAxNjA5QjBGODY0NEI4
RDlDMDFDOTNFMzk0NTZGQUIzQTkxNkVBNEMyNUQ0NjY3MUU1NEFFNUIwODA4OUQz
MzhGNDBDQTEzMTQwRDI2QkJFNkI4NkQ3RERCM0UzRkFEN0YxNzUyMUZCMjZCNTYz
RkZGNDIyREI2NjQ1ODY1RjBCNDc5MEY5ODJGNDE3Mjc2MTU0RDg4NURDRjEyMkFF
Mzg4RDFCRjc5RTI2NkJEMjIyMEQzQjk4N0I4RTEwQUY5RjZDMDExRjY1RTY3RjdF
MjVFNkZCRUE2NTU5ODg2MzRBMTdGNkQzRTJBMEMzNjk4ODVGQjcyMTUzMUYzMkJC
MkQ2MjhDQkNEQTdDRTlERjVBQkNFRkE0MUZGMEIxQ0M0QTQyOEVGQjgzQjEzNUU5
RDE1MjI1M0JERDc4NUZEMTY4QzBGOUE5NDc0Mjk1OTY3RDVGQUE4NzkzQjYyREQ3
ODc3NzJBNTY2NjgxNERDN0JENDg4NzZDMkJFNEMyRjk5Mjg5Q0Y3RTZDOTJGMENF
REU4QzVBQkM2Rjg5MTEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAyP69YegoRv6XAeefTaRF+5lz61kFPSwy3C17CUX0tEQTVr9IgK9R
ng5e+sSOmdVc+hQBYJsPhkS42cAck+OUVvqzqRbqTCXUZnHlSuWwgInTOPQMoTFA
0mu+a4bX3bPj+tfxdSH7JrVj//Qi22ZFhl8LR5D5gvQXJ2FU2IXc8SKuOI0b954m
a9IiDTuYe44Qr59sAR9l5n9+Jeb76mVZiGNKF/bT4qDDaYhftyFTHzK7LWKMvNp8
6d9avO+kH/CxzEpCjvuDsTXp0VIlO914X9FowPmpR0KVln1fqoeTti3Xh3cqVmaB
Tce9SIdsK+TC+ZKJz35skvDO3oxavG+JEQIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FN8yo+C7ysfNlg3QWV/BGXERqkvmMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMjMwM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQIDANBgkqhkiG9w0BAQsFAAOC
AQEAqluHyx7r8v6KxgK71W/BX9I9II8pkE3xB1l4LaseeowGIs/PEezTv64Xmxsg
Gbx+IluydcC989MAVWZLAYhc3EpgAmq/o8LkjH44mdalwRzVByvSmfKTL1C6BRaf
0V9/oFwZ0Upj0GifLk+0Q97bYTLquW7C+MQ5Jn57lb+sJ8tTR3css8RyPjTce/cD
3zJ5hHpSQUhZEA8sPU1x3R9LA80Z6jEXQZO44gklHX48rTmjyztRzPPzASL1YaP0
dEKAp10eSfjdmzG1V40TlxtiT/h87GWmaeu3nG0oUyZXcLjK8hTPD0dtphO5Vskh
SbCKThVmkjs1hJK84EdtH1PO9A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:46 2023 by rpki-client on console-fra.rpki-client.org