Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3136382e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3136382e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          ++CX8sdp1GKQmJTrW9M8HIHQhv4zCoVwOZaVIgCp6pg=
Subject key identifier:   D3:17:45:F4:E8:B4:FA:AE:4D:D5:27:48:C3:FB:02:A1:83:26:4C:DB
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       343F44949600E7709DC11832216F4BB0BC27F7E5
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3136382e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:01 +0000
ROA not before:           Wed 29 Sep 2021 23:56:01 +0000
ROA not after:            Fri 30 Sep 2022 00:01:01 +0000
asID:                     17451
IP address blocks:        112.78.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:3f:44:94:96:00:e7:70:9d:c1:18:32:21:6f:4b:b0:bc:27:f7:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:01 2021 GMT
            Not After : Sep 30 00:01:01 2022 GMT
        Subject: CN=3082010A0282010100FB3A90AF9CC6332E12C44DED507BCDEF24BF5787BFE62ECA1EB2C5B81CE33CFAC05EE798C25E12EF847A93FE530CA3D71FAAE5EF12D4C5A649D60C06B330AE567874ACDE7E3D8F1CC35921B1ABF5C709B1E273E630C946C1BC9F7543AA47C7F75A79A3AD5DF6C1A4380B12921900E7153B74FDDC375E790EF6F3ABF3B4D8C207E18C862E1A8B9BE1822FCF721BEAC35A228D1FA1A4584505B531FAEE6B9494EDB5BE0C6299998D2CA2BA4CD2F1D6AA3492F7AF470F1881D6B69C083F26830CD29E3CE3F959FAE6879E29686537E929A1CECF79D321EA5A109A07AF42B9164BA3A9CC5D6F0013BF2A1AA9FBDF15ACD4FDEB25FD90AA9CFE8FB0780E010FA320A70203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:3a:90:af:9c:c6:33:2e:12:c4:4d:ed:50:7b:
                    cd:ef:24:bf:57:87:bf:e6:2e:ca:1e:b2:c5:b8:1c:
                    e3:3c:fa:c0:5e:e7:98:c2:5e:12:ef:84:7a:93:fe:
                    53:0c:a3:d7:1f:aa:e5:ef:12:d4:c5:a6:49:d6:0c:
                    06:b3:30:ae:56:78:74:ac:de:7e:3d:8f:1c:c3:59:
                    21:b1:ab:f5:c7:09:b1:e2:73:e6:30:c9:46:c1:bc:
                    9f:75:43:aa:47:c7:f7:5a:79:a3:ad:5d:f6:c1:a4:
                    38:0b:12:92:19:00:e7:15:3b:74:fd:dc:37:5e:79:
                    0e:f6:f3:ab:f3:b4:d8:c2:07:e1:8c:86:2e:1a:8b:
                    9b:e1:82:2f:cf:72:1b:ea:c3:5a:22:8d:1f:a1:a4:
                    58:45:05:b5:31:fa:ee:6b:94:94:ed:b5:be:0c:62:
                    99:99:8d:2c:a2:ba:4c:d2:f1:d6:aa:34:92:f7:af:
                    47:0f:18:81:d6:b6:9c:08:3f:26:83:0c:d2:9e:3c:
                    e3:f9:59:fa:e6:87:9e:29:68:65:37:e9:29:a1:ce:
                    cf:79:d3:21:ea:5a:10:9a:07:af:42:b9:16:4b:a3:
                    a9:cc:5d:6f:00:13:bf:2a:1a:a9:fb:df:15:ac:d4:
                    fd:eb:25:fd:90:aa:9c:fe:8f:b0:78:0e:01:0f:a3:
                    20:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:17:45:F4:E8:B4:FA:AE:4D:D5:27:48:C3:FB:02:A1:83:26:4C:DB
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3136382e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:e9:1e:71:1d:1b:78:63:76:9f:99:0c:23:2a:5a:3f:0c:35:
         0e:e9:6e:65:fa:a6:eb:23:2c:f5:96:92:6f:0e:93:88:cb:19:
         9e:94:96:7c:d4:d5:41:ed:2a:85:37:eb:b0:6a:9d:e5:be:21:
         95:46:27:29:f5:20:de:c2:8e:b5:d6:df:56:ec:b0:9a:e1:0d:
         69:1d:83:08:01:0e:99:2a:d8:87:54:c9:f5:06:66:c4:4b:74:
         a6:46:4e:7b:59:4e:3d:79:0a:da:7d:b2:73:d6:22:d4:52:8d:
         3b:66:d5:c8:30:1c:46:df:56:e0:59:f9:d8:39:10:54:97:71:
         d4:34:88:75:63:75:b9:bc:47:2a:84:95:23:39:b8:6f:b5:df:
         e7:66:ea:01:c0:17:86:7e:25:16:2b:92:89:14:7f:fd:21:de:
         48:e5:63:65:32:fc:7c:64:59:b4:b5:22:83:f1:6f:05:ad:57:
         f5:fb:56:d3:dd:30:10:67:19:c1:d6:f2:86:5b:79:b9:0e:24:
         bb:de:4d:a9:d1:cf:d4:83:bb:52:87:71:d3:26:4c:02:21:fe:
         cb:b9:63:c4:c3:29:39:c1:d7:bb:14:12:ab:d4:1c:b8:1d:8e:
         29:74:3a:ae:99:dd:8f:9f:f4:c9:59:65:9d:dd:d9:66:43:74:
         79:38:a6:cc
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUND9ElJYA53CdwRgyIW9LsLwn9+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MDFaFw0yMjA5MzAwMDAxMDFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRkIzQTkwQUY5Q0M2MzMyRTEy
QzQ0REVENTA3QkNERUYyNEJGNTc4N0JGRTYyRUNBMUVCMkM1QjgxQ0UzM0NGQUMw
NUVFNzk4QzI1RTEyRUY4NDdBOTNGRTUzMENBM0Q3MUZBQUU1RUYxMkQ0QzVBNjQ5
RDYwQzA2QjMzMEFFNTY3ODc0QUNERTdFM0Q4RjFDQzM1OTIxQjFBQkY1QzcwOUIx
RTI3M0U2MzBDOTQ2QzFCQzlGNzU0M0FBNDdDN0Y3NUE3OUEzQUQ1REY2QzFBNDM4
MEIxMjkyMTkwMEU3MTUzQjc0RkREQzM3NUU3OTBFRjZGM0FCRjNCNEQ4QzIwN0Ux
OEM4NjJFMUE4QjlCRTE4MjJGQ0Y3MjFCRUFDMzVBMjI4RDFGQTFBNDU4NDUwNUI1
MzFGQUVFNkI5NDk0RURCNUJFMEM2Mjk5OTk4RDJDQTJCQTRDRDJGMUQ2QUEzNDky
RjdBRjQ3MEYxODgxRDZCNjlDMDgzRjI2ODMwQ0QyOUUzQ0UzRjk1OUZBRTY4NzlF
Mjk2ODY1MzdFOTI5QTFDRUNGNzlEMzIxRUE1QTEwOUEwN0FGNDJCOTE2NEJBM0E5
Q0M1RDZGMDAxM0JGMkExQUE5RkJERjE1QUNENEZERUIyNUZEOTBBQTlDRkU4RkIw
NzgwRTAxMEZBMzIwQTcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA+zqQr5zGMy4SxE3tUHvN7yS/V4e/5i7KHrLFuBzjPPrAXueYwl4S
74R6k/5TDKPXH6rl7xLUxaZJ1gwGszCuVnh0rN5+PY8cw1khsav1xwmx4nPmMMlG
wbyfdUOqR8f3WnmjrV32waQ4CxKSGQDnFTt0/dw3XnkO9vOr87TYwgfhjIYuGoub
4YIvz3Ib6sNaIo0foaRYRQW1Mfrua5SU7bW+DGKZmY0sorpM0vHWqjSS969HDxiB
1racCD8mgwzSnjzj+Vn65oeeKWhlN+kpoc7PedMh6loQmgevQrkWS6OpzF1vABO/
Khqp+98VrNT96yX9kKqc/o+weA4BD6MgpwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FNMXRfTotPquTdUnSMP7AqGDJkzbMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABwTqgwDQYJKoZIhvcNAQELBQADggEBAELpHnEdG3hj
dp+ZDCMqWj8MNQ7pbmX6pusjLPWWkm8Ok4jLGZ6UlnzU1UHtKoU367BqneW+IZVG
Jyn1IN7CjrXW31bssJrhDWkdgwgBDpkq2IdUyfUGZsRLdKZGTntZTj15Ctp9snPW
ItRSjTtm1cgwHEbfVuBZ+dg5EFSXcdQ0iHVjdbm8RyqElSM5uG+13+dm6gHAF4Z+
JRYrkokUf/0h3kjlY2Uy/HxkWbS1IoPxbwWtV/X7VtPdMBBnGcHW8oZbebkOJLve
TanRz9SDu1KHcdMmTAIh/su5Y8TDKTnB17sUEqvUHLgdjil0Oq6Z3Y+f9MlZZZ3d
2WZDdHk4psw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org