Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3134372e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3134372e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          L6RRBtwYCbTkpF7+qmXYAbywIRVu60P9d4b5Tr751lU=
Subject key identifier:   BC:B1:95:7D:26:54:13:1D:5A:ED:E0:D8:53:39:75:6E:EF:0D:05:EE
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       6B384B7883BC40C36A1432C30432390826FEE39A
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3134372e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:03 +0000
ROA not before:           Wed 29 Sep 2021 23:56:03 +0000
ROA not after:            Fri 30 Sep 2022 00:01:03 +0000
asID:                     17451
IP address blocks:        112.78.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:38:4b:78:83:bc:40:c3:6a:14:32:c3:04:32:39:08:26:fe:e3:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:03 2021 GMT
            Not After : Sep 30 00:01:03 2022 GMT
        Subject: CN=3082010A0282010100F775858783CD484F6130E02D35AA6C4CE3D76B568EBD3DA4C71F30C8656D1C77E1D7A625B9A9FA5FBF1F0E394BA7B85F61A48D0338612A0D609D999BA2ADB18F04152D1935FD0699D37AAC5F4A94E27446CA7AD61C88A9AA1C54541471607FF8F1B7607315F1E1E38F6B0BAB70A606FD206FC6A9799A275B3996F3C86C530626072196B903F4555357E5F68612AEAAF78F6ED662A513283E14D0614363851365EF9B6084EFCB079B1AA36C06A007E73D762452AEF023E5091C165F90D9FD9973F5D7A274A7B454893C432FE96ED6C6CF6C2D4AF7382387B482BAD64256ED1B2A9F7BD5035FEA238A9E708F7E4571DD0797784C33909BC8C571259F96413AC93F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:75:85:87:83:cd:48:4f:61:30:e0:2d:35:aa:
                    6c:4c:e3:d7:6b:56:8e:bd:3d:a4:c7:1f:30:c8:65:
                    6d:1c:77:e1:d7:a6:25:b9:a9:fa:5f:bf:1f:0e:39:
                    4b:a7:b8:5f:61:a4:8d:03:38:61:2a:0d:60:9d:99:
                    9b:a2:ad:b1:8f:04:15:2d:19:35:fd:06:99:d3:7a:
                    ac:5f:4a:94:e2:74:46:ca:7a:d6:1c:88:a9:aa:1c:
                    54:54:14:71:60:7f:f8:f1:b7:60:73:15:f1:e1:e3:
                    8f:6b:0b:ab:70:a6:06:fd:20:6f:c6:a9:79:9a:27:
                    5b:39:96:f3:c8:6c:53:06:26:07:21:96:b9:03:f4:
                    55:53:57:e5:f6:86:12:ae:aa:f7:8f:6e:d6:62:a5:
                    13:28:3e:14:d0:61:43:63:85:13:65:ef:9b:60:84:
                    ef:cb:07:9b:1a:a3:6c:06:a0:07:e7:3d:76:24:52:
                    ae:f0:23:e5:09:1c:16:5f:90:d9:fd:99:73:f5:d7:
                    a2:74:a7:b4:54:89:3c:43:2f:e9:6e:d6:c6:cf:6c:
                    2d:4a:f7:38:23:87:b4:82:ba:d6:42:56:ed:1b:2a:
                    9f:7b:d5:03:5f:ea:23:8a:9e:70:8f:7e:45:71:dd:
                    07:97:78:4c:33:90:9b:c8:c5:71:25:9f:96:41:3a:
                    c9:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:B1:95:7D:26:54:13:1D:5A:ED:E0:D8:53:39:75:6E:EF:0D:05:EE
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3134372e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:92:3d:7b:90:19:c1:80:38:3e:42:1a:62:29:02:4c:74:a1:
         97:92:73:2f:92:2c:88:32:1b:e6:01:8c:95:3d:f4:96:89:dd:
         46:6e:30:8f:e3:31:24:13:a2:f3:48:98:18:cc:ff:6c:6a:3d:
         fa:60:2a:b7:15:b2:02:d9:77:42:2d:ac:52:a4:86:ce:71:31:
         6b:3d:b7:38:82:65:97:27:ca:48:e6:97:a3:86:27:79:74:43:
         d8:da:af:19:a5:8c:e3:b9:15:01:59:46:ae:35:54:43:21:63:
         21:47:6b:bd:fc:37:17:a0:b3:b6:64:12:af:aa:66:75:b7:ec:
         9a:6e:23:ca:63:5b:03:98:a6:52:a6:83:19:e4:8c:05:71:d1:
         e3:df:98:f0:55:8b:94:02:ff:84:ec:35:4c:8c:2f:fc:6a:82:
         41:c5:ff:6c:79:17:68:8b:15:7f:9a:c0:c4:28:47:4f:98:c2:
         38:e8:de:26:fa:02:60:f0:8f:da:04:c7:f8:0f:b9:a3:ed:e1:
         46:d7:8b:07:10:39:49:ad:ab:f5:af:2c:39:66:eb:d5:59:5d:
         4f:ac:7f:f3:22:c2:51:2b:7a:b5:ee:ac:d7:47:ad:5b:3d:d0:
         68:44:ca:eb:f5:e5:70:f3:ea:d9:24:1d:db:20:4a:65:35:b5:
         da:23:ae:79
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUazhLeIO8QMNqFDLDBDI5CCb+45owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MDNaFw0yMjA5MzAwMDAxMDNaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRjc3NTg1ODc4M0NENDg0RjYx
MzBFMDJEMzVBQTZDNENFM0Q3NkI1NjhFQkQzREE0QzcxRjMwQzg2NTZEMUM3N0Ux
RDdBNjI1QjlBOUZBNUZCRjFGMEUzOTRCQTdCODVGNjFBNDhEMDMzODYxMkEwRDYw
OUQ5OTlCQTJBREIxOEYwNDE1MkQxOTM1RkQwNjk5RDM3QUFDNUY0QTk0RTI3NDQ2
Q0E3QUQ2MUM4OEE5QUExQzU0NTQxNDcxNjA3RkY4RjFCNzYwNzMxNUYxRTFFMzhG
NkIwQkFCNzBBNjA2RkQyMDZGQzZBOTc5OUEyNzVCMzk5NkYzQzg2QzUzMDYyNjA3
MjE5NkI5MDNGNDU1NTM1N0U1RjY4NjEyQUVBQUY3OEY2RUQ2NjJBNTEzMjgzRTE0
RDA2MTQzNjM4NTEzNjVFRjlCNjA4NEVGQ0IwNzlCMUFBMzZDMDZBMDA3RTczRDc2
MjQ1MkFFRjAyM0U1MDkxQzE2NUY5MEQ5RkQ5OTczRjVEN0EyNzRBN0I0NTQ4OTND
NDMyRkU5NkVENkM2Q0Y2QzJENEFGNzM4MjM4N0I0ODJCQUQ2NDI1NkVEMUIyQTlG
N0JENTAzNUZFQTIzOEE5RTcwOEY3RTQ1NzFERDA3OTc3ODRDMzM5MDlCQzhDNTcx
MjU5Rjk2NDEzQUM5M0YwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA93WFh4PNSE9hMOAtNapsTOPXa1aOvT2kxx8wyGVtHHfh16Yluan6
X78fDjlLp7hfYaSNAzhhKg1gnZmboq2xjwQVLRk1/QaZ03qsX0qU4nRGynrWHIip
qhxUVBRxYH/48bdgcxXx4eOPawurcKYG/SBvxql5midbOZbzyGxTBiYHIZa5A/RV
U1fl9oYSrqr3j27WYqUTKD4U0GFDY4UTZe+bYITvywebGqNsBqAH5z12JFKu8CPl
CRwWX5DZ/Zlz9deidKe0VIk8Qy/pbtbGz2wtSvc4I4e0grrWQlbtGyqfe9UDX+oj
ip5wj35Fcd0Hl3hMM5CbyMVxJZ+WQTrJPwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FLyxlX0mVBMdWu3g2FM5dW7vDQXuMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABwTpMwDQYJKoZIhvcNAQELBQADggEBAIeSPXuQGcGA
OD5CGmIpAkx0oZeScy+SLIgyG+YBjJU99JaJ3UZuMI/jMSQTovNImBjM/2xqPfpg
KrcVsgLZd0ItrFKkhs5xMWs9tziCZZcnykjml6OGJ3l0Q9jarxmljOO5FQFZRq41
VEMhYyFHa738Nxegs7ZkEq+qZnW37JpuI8pjWwOYplKmgxnkjAVx0ePfmPBVi5QC
/4TsNUyML/xqgkHF/2x5F2iLFX+awMQoR0+Ywjjo3ib6AmDwj9oEx/gPuaPt4UbX
iwcQOUmtq/WvLDlm69VZXU+sf/MiwlErerXurNdHrVs90GhEyuv15XDz6tkkHdsg
SmU1tdojrnk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:59 2023 by rpki-client on console-ams.rpki-client.org