Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a64323a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a64323a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          cV/KSZCq7XqXhgqoAr8dSNPpeIEqyh+Zk7HvSnwK/q0=
Subject key identifier:   E4:77:ED:FD:13:B0:51:C9:B9:01:00:44:9B:5E:37:8C:F8:A4:33:DA
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       14554BDBB9A76771FF5735ECFFB8A49633956DA0
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a64323a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:29 +0000
ROA not before:           Wed 29 Sep 2021 23:55:29 +0000
ROA not after:            Fri 30 Sep 2022 00:00:29 +0000
asID:                     17451
IP address blocks:        2404:8000:d2::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:55:4b:db:b9:a7:67:71:ff:57:35:ec:ff:b8:a4:96:33:95:6d:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:29 2021 GMT
            Not After : Sep 30 00:00:29 2022 GMT
        Subject: CN=3082010A0282010100BB750318705A524A401FA75F16D435ABBDD1AC0CDDF469D368952D5394C1D3A0B9E515264ED36C902203D6E2725DDC55FE0BDBDCEF58E718A696143EEB0481A63804592CCB720668818768F08C7A79B12619F9594B1D656B3F743EDF528B4AE5488B19B5F39FED80415DF8ECDDD1EC9F24A740BD8C82815D049A8D83414E6F4535E50FED1E1DEF7EC745FA25DBC962B4BD71BB0A4A2FC20E8104CD5F47FCCF607D3CB2468D97415A36B6F82F8F82CD1FE529F083B393270F39DA0F0C02DE03574B0B3EDD0FE5515D7C48C2E0F0240E5288EE9A1C3E2006BD4E52B7099A26237867900F870A8B4E751B46E6B9A67D5E45296DC16ACBD98C5839CDC3595F1EF9210203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:75:03:18:70:5a:52:4a:40:1f:a7:5f:16:d4:
                    35:ab:bd:d1:ac:0c:dd:f4:69:d3:68:95:2d:53:94:
                    c1:d3:a0:b9:e5:15:26:4e:d3:6c:90:22:03:d6:e2:
                    72:5d:dc:55:fe:0b:db:dc:ef:58:e7:18:a6:96:14:
                    3e:eb:04:81:a6:38:04:59:2c:cb:72:06:68:81:87:
                    68:f0:8c:7a:79:b1:26:19:f9:59:4b:1d:65:6b:3f:
                    74:3e:df:52:8b:4a:e5:48:8b:19:b5:f3:9f:ed:80:
                    41:5d:f8:ec:dd:d1:ec:9f:24:a7:40:bd:8c:82:81:
                    5d:04:9a:8d:83:41:4e:6f:45:35:e5:0f:ed:1e:1d:
                    ef:7e:c7:45:fa:25:db:c9:62:b4:bd:71:bb:0a:4a:
                    2f:c2:0e:81:04:cd:5f:47:fc:cf:60:7d:3c:b2:46:
                    8d:97:41:5a:36:b6:f8:2f:8f:82:cd:1f:e5:29:f0:
                    83:b3:93:27:0f:39:da:0f:0c:02:de:03:57:4b:0b:
                    3e:dd:0f:e5:51:5d:7c:48:c2:e0:f0:24:0e:52:88:
                    ee:9a:1c:3e:20:06:bd:4e:52:b7:09:9a:26:23:78:
                    67:90:0f:87:0a:8b:4e:75:1b:46:e6:b9:a6:7d:5e:
                    45:29:6d:c1:6a:cb:d9:8c:58:39:cd:c3:59:5f:1e:
                    f9:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:77:ED:FD:13:B0:51:C9:B9:01:00:44:9B:5E:37:8C:F8:A4:33:DA
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a64323a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:d2::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:18:e7:0d:4d:1d:69:77:5b:90:c9:37:e1:9f:c4:e9:1a:eb:
         4c:a2:7a:ef:17:73:5f:63:96:dc:3a:8e:96:81:ff:64:8d:60:
         56:a1:26:f7:2a:15:f2:0e:e2:9b:1a:78:a3:92:bb:4c:21:97:
         c1:1e:83:97:12:77:0f:17:4d:fb:a3:94:4c:64:e6:74:07:bf:
         85:16:cf:19:e9:3a:1b:43:a0:94:81:e2:fb:19:be:e8:4d:45:
         20:c3:53:2a:80:b9:30:26:1c:d0:80:30:9a:68:2a:67:b5:ca:
         15:85:40:5d:00:a7:e9:4e:88:12:8b:eb:87:e4:6a:7c:09:80:
         1d:a6:fe:6b:e8:09:db:73:ba:34:52:8c:c9:ba:38:93:35:e8:
         01:24:39:cf:f0:4d:3b:6a:1a:c7:15:b8:73:64:66:8c:da:7a:
         34:1d:cc:28:6f:8f:02:36:ef:16:65:ed:e9:c7:ab:90:5f:b5:
         81:17:a3:5c:1c:2d:4d:e6:81:0a:04:cc:99:dd:09:16:2f:2a:
         88:8f:e7:b2:28:19:15:09:d5:aa:b1:44:b7:62:cc:5e:88:1b:
         41:d9:3b:b7:b4:40:55:f8:60:7d:0e:ee:cc:c0:a0:7a:54:61:
         3f:e4:15:9f:cb:69:6b:ea:b9:dd:8c:98:e2:3d:10:f7:fa:b6:
         67:8a:d6:a2
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIUFFVL27mnZ3H/VzXs/7ikljOVbaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjlaFw0yMjA5MzAwMDAwMjlaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkI3NTAzMTg3MDVBNTI0QTQw
MUZBNzVGMTZENDM1QUJCREQxQUMwQ0RERjQ2OUQzNjg5NTJENTM5NEMxRDNBMEI5
RTUxNTI2NEVEMzZDOTAyMjAzRDZFMjcyNUREQzU1RkUwQkRCRENFRjU4RTcxOEE2
OTYxNDNFRUIwNDgxQTYzODA0NTkyQ0NCNzIwNjY4ODE4NzY4RjA4QzdBNzlCMTI2
MTlGOTU5NEIxRDY1NkIzRjc0M0VERjUyOEI0QUU1NDg4QjE5QjVGMzlGRUQ4MDQx
NURGOEVDREREMUVDOUYyNEE3NDBCRDhDODI4MTVEMDQ5QThEODM0MTRFNkY0NTM1
RTUwRkVEMUUxREVGN0VDNzQ1RkEyNURCQzk2MkI0QkQ3MUJCMEE0QTJGQzIwRTgx
MDRDRDVGNDdGQ0NGNjA3RDNDQjI0NjhEOTc0MTVBMzZCNkY4MkY4RjgyQ0QxRkU1
MjlGMDgzQjM5MzI3MEYzOURBMEYwQzAyREUwMzU3NEIwQjNFREQwRkU1NTE1RDdD
NDhDMkUwRjAyNDBFNTI4OEVFOUExQzNFMjAwNkJENEU1MkI3MDk5QTI2MjM3ODY3
OTAwRjg3MEE4QjRFNzUxQjQ2RTZCOUE2N0Q1RTQ1Mjk2REMxNkFDQkQ5OEM1ODM5
Q0RDMzU5NUYxRUY5MjEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAu3UDGHBaUkpAH6dfFtQ1q73RrAzd9GnTaJUtU5TB06C55RUmTtNs
kCID1uJyXdxV/gvb3O9Y5ximlhQ+6wSBpjgEWSzLcgZogYdo8Ix6ebEmGflZSx1l
az90Pt9Si0rlSIsZtfOf7YBBXfjs3dHsnySnQL2MgoFdBJqNg0FOb0U15Q/tHh3v
fsdF+iXbyWK0vXG7Ckovwg6BBM1fR/zPYH08skaNl0FaNrb4L4+CzR/lKfCDs5Mn
DznaDwwC3gNXSws+3Q/lUV18SMLg8CQOUojumhw+IAa9TlK3CZomI3hnkA+HCotO
dRtG5rmmfV5FKW3BasvZjFg5zcNZXx75IQIDAQABo4ICOTCCAjUwHQYDVR0OBBYE
FOR37f0TsFHJuQEARJteN4z4pDPaMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTY0MzIzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAz
MTM3MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAJASAAADSMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
GOcNTR1pd1uQyTfhn8TpGutMonrvF3NfY5bcOo6Wgf9kjWBWoSb3KhXyDuKbGnij
krtMIZfBHoOXEncPF037o5RMZOZ0B7+FFs8Z6TobQ6CUgeL7Gb7oTUUgw1MqgLkw
JhzQgDCaaCpntcoVhUBdAKfpTogSi+uH5Gp8CYAdpv5r6Anbc7o0UozJujiTNegB
JDnP8E07ahrHFbhzZGaM2no0Hcwob48CNu8WZe3px6uQX7WBF6NcHC1N5oEKBMyZ
3QkWLyqIj+eyKBkVCdWqsUS3YsxeiBtB2Tu3tEBV+GB9Du7MwKB6VGE/5BWfy2lr
6rndjJjiPRD3+rZnitai
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:01 2023 by rpki-client on console-ams.rpki-client.org