Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61373a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a61373a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          KElPDp/IzdgCfzbf5fzAtIIcM4H4XuF0OZ8omcMyY7U=
Subject key identifier:   A5:51:96:CC:A7:A2:FC:CF:A7:30:64:FC:C3:A8:A9:99:C6:14:FA:DA
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       456F30C2B1D811AE72CE330E857B933223EDB8D5
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61373a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:04 +0000
ROA not before:           Wed 29 Sep 2021 23:55:04 +0000
ROA not after:            Fri 30 Sep 2022 00:00:04 +0000
asID:                     17451
IP address blocks:        2404:8000:a7::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:6f:30:c2:b1:d8:11:ae:72:ce:33:0e:85:7b:93:32:23:ed:b8:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:04 2021 GMT
            Not After : Sep 30 00:00:04 2022 GMT
        Subject: CN=3082010A0282010100B77CA7AE59096380A0161C43604A2FBA143F0457DED08B4BFF20AEDCFB09E89DBB6EBEE1E864CB5493C890C5440C16679CDCD696AD7644474D8B9B986DFF46026CA1A95539ABFA20B8E9BE9211FF9697DBBA40D9FF60FFE0A5E9E3CDFF18DF6CDC181C41AC7A4EFB1A2D794FC02519E1CD25CD3BD61F35C402BCCF435034252E467B82E981A5F523C6D28AE4B12CDE14414766E13662A8874410074684C3571C70F874F9B72EA068C0FD7FE426A9B163E84FFE0E5E238D7EBB3A0DCA9BE2E084968E8478A9735B05DA2D7758D2680E98B687E059E41C75402AA09167B90A1BE0C1714E8957DA1252CFB8D9A01A387120DB776F3527A792159B11EA73C62A8FE70203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7c:a7:ae:59:09:63:80:a0:16:1c:43:60:4a:
                    2f:ba:14:3f:04:57:de:d0:8b:4b:ff:20:ae:dc:fb:
                    09:e8:9d:bb:6e:be:e1:e8:64:cb:54:93:c8:90:c5:
                    44:0c:16:67:9c:dc:d6:96:ad:76:44:47:4d:8b:9b:
                    98:6d:ff:46:02:6c:a1:a9:55:39:ab:fa:20:b8:e9:
                    be:92:11:ff:96:97:db:ba:40:d9:ff:60:ff:e0:a5:
                    e9:e3:cd:ff:18:df:6c:dc:18:1c:41:ac:7a:4e:fb:
                    1a:2d:79:4f:c0:25:19:e1:cd:25:cd:3b:d6:1f:35:
                    c4:02:bc:cf:43:50:34:25:2e:46:7b:82:e9:81:a5:
                    f5:23:c6:d2:8a:e4:b1:2c:de:14:41:47:66:e1:36:
                    62:a8:87:44:10:07:46:84:c3:57:1c:70:f8:74:f9:
                    b7:2e:a0:68:c0:fd:7f:e4:26:a9:b1:63:e8:4f:fe:
                    0e:5e:23:8d:7e:bb:3a:0d:ca:9b:e2:e0:84:96:8e:
                    84:78:a9:73:5b:05:da:2d:77:58:d2:68:0e:98:b6:
                    87:e0:59:e4:1c:75:40:2a:a0:91:67:b9:0a:1b:e0:
                    c1:71:4e:89:57:da:12:52:cf:b8:d9:a0:1a:38:71:
                    20:db:77:6f:35:27:a7:92:15:9b:11:ea:73:c6:2a:
                    8f:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:51:96:CC:A7:A2:FC:CF:A7:30:64:FC:C3:A8:A9:99:C6:14:FA:DA
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61373a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:a7::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:11:00:06:f0:56:b7:a8:89:99:02:de:4f:36:aa:34:b7:1a:
         6c:58:f7:a0:12:d2:09:d2:ec:2b:06:41:65:bd:8e:1d:17:c9:
         af:b9:6b:13:4b:ae:a1:16:ec:d3:f1:0d:9c:e1:be:73:99:e5:
         3d:f4:b0:d9:ac:18:1b:95:d8:db:53:92:e5:b2:bd:1e:ed:09:
         b9:08:8a:27:b8:b3:9b:7b:a2:49:80:1e:f0:0b:a8:b2:70:ac:
         dc:db:c3:c6:a8:50:ec:5a:2c:67:b4:fc:75:b0:4f:a9:5a:13:
         9e:2f:17:9a:16:c2:e3:7b:31:a1:d8:61:40:ae:ee:69:03:24:
         e6:82:8c:c6:b8:cc:12:47:a6:33:6a:e0:79:d3:27:66:9d:69:
         eb:d5:66:64:19:6d:24:55:36:00:b8:a7:da:0f:00:0f:12:fe:
         6d:b7:6e:22:1d:91:79:4c:3e:7a:27:07:8f:fc:20:54:9d:f3:
         dc:ae:22:e8:1b:01:cb:02:f9:5c:c2:87:93:55:ba:64:e9:10:
         8e:86:b6:33:a0:0a:76:b8:52:a5:02:ee:ed:db:aa:41:26:94:
         90:ac:64:ef:59:86:b4:c3:4e:e4:2c:fb:59:58:55:b9:49:bf:
         d6:68:a7:f8:a8:96:d7:6a:82:1e:ae:45:22:a5:22:73:7b:e6:
         b9:45:a4:98
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIURW8wwrHYEa5yzjMOhXuTMiPtuNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MDRaFw0yMjA5MzAwMDAwMDRaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjc3Q0E3QUU1OTA5NjM4MEEw
MTYxQzQzNjA0QTJGQkExNDNGMDQ1N0RFRDA4QjRCRkYyMEFFRENGQjA5RTg5REJC
NkVCRUUxRTg2NENCNTQ5M0M4OTBDNTQ0MEMxNjY3OUNEQ0Q2OTZBRDc2NDQ0NzRE
OEI5Qjk4NkRGRjQ2MDI2Q0ExQTk1NTM5QUJGQTIwQjhFOUJFOTIxMUZGOTY5N0RC
QkE0MEQ5RkY2MEZGRTBBNUU5RTNDREZGMThERjZDREMxODFDNDFBQzdBNEVGQjFB
MkQ3OTRGQzAyNTE5RTFDRDI1Q0QzQkQ2MUYzNUM0MDJCQ0NGNDM1MDM0MjUyRTQ2
N0I4MkU5ODFBNUY1MjNDNkQyOEFFNEIxMkNERTE0NDE0NzY2RTEzNjYyQTg4NzQ0
MTAwNzQ2ODRDMzU3MUM3MEY4NzRGOUI3MkVBMDY4QzBGRDdGRTQyNkE5QjE2M0U4
NEZGRTBFNUUyMzhEN0VCQjNBMERDQTlCRTJFMDg0OTY4RTg0NzhBOTczNUIwNURB
MkQ3NzU4RDI2ODBFOThCNjg3RTA1OUU0MUM3NTQwMkFBMDkxNjdCOTBBMUJFMEMx
NzE0RTg5NTdEQTEyNTJDRkI4RDlBMDFBMzg3MTIwREI3NzZGMzUyN0E3OTIxNTlC
MTFFQTczQzYyQThGRTcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAt3ynrlkJY4CgFhxDYEovuhQ/BFfe0ItL/yCu3PsJ6J27br7h6GTL
VJPIkMVEDBZnnNzWlq12REdNi5uYbf9GAmyhqVU5q/oguOm+khH/lpfbukDZ/2D/
4KXp483/GN9s3BgcQax6TvsaLXlPwCUZ4c0lzTvWHzXEArzPQ1A0JS5Ge4LpgaX1
I8bSiuSxLN4UQUdm4TZiqIdEEAdGhMNXHHD4dPm3LqBowP1/5CapsWPoT/4OXiON
frs6Dcqb4uCElo6EeKlzWwXaLXdY0mgOmLaH4FnkHHVAKqCRZ7kKG+DBcU6JV9oS
Us+42aAaOHEg23dvNSenkhWbEepzxiqP5wIDAQABo4ICOTCCAjUwHQYDVR0OBBYE
FKVRlsynovzPpzBk/MOoqZnGFPraMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTYxMzczYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAz
MTM3MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAJASAAACnMA0GCSqGSIb3DQEBCwUAA4IBAQCG
EQAG8Fa3qImZAt5PNqo0txpsWPegEtIJ0uwrBkFlvY4dF8mvuWsTS66hFuzT8Q2c
4b5zmeU99LDZrBgbldjbU5Llsr0e7Qm5CIonuLObe6JJgB7wC6iycKzc28PGqFDs
WixntPx1sE+pWhOeLxeaFsLjezGh2GFAru5pAyTmgozGuMwSR6YzauB50ydmnWnr
1WZkGW0kVTYAuKfaDwAPEv5tt24iHZF5TD56JweP/CBUnfPcriLoGwHLAvlcwoeT
Vbpk6RCOhrYzoAp2uFKlAu7t26pBJpSQrGTvWYa0w07kLPtZWFW5Sb/WaKf4qJbX
aoIerkUipSJze+a5RaSY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:01 2023 by rpki-client on console-ams.rpki-client.org