Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3137312e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3137312e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          NATwdVzN0AdYonnx+waYeyZiFOOKA9f9LBv/cDQS6w4=
Subject key identifier:   69:F5:51:4E:02:A1:1E:90:91:F7:B8:33:C9:4A:F3:5B:EE:99:9B:64
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       064518EF1FB8B737A7985186C794CD4FB0378A17
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3137312e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:21 +0000
ROA not before:           Wed 29 Sep 2021 23:56:21 +0000
ROA not after:            Fri 30 Sep 2022 00:01:21 +0000
asID:                     17451
IP address blocks:        112.78.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:45:18:ef:1f:b8:b7:37:a7:98:51:86:c7:94:cd:4f:b0:37:8a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:21 2021 GMT
            Not After : Sep 30 00:01:21 2022 GMT
        Subject: CN=3082010A0282010100C464A12A26137FC85FA37E51A5052314995A9F0BAEAB43DDF96FD584DB2D6ECFDD4E56BA9888D889385B586241C02BF6490432CB6187E146B05D490D6520381195B78F1934CB2FF96D186B6394169D4274B011993962DFD977DB9000E26A5CC81ADC69B00E87C6E153CC808289608303BC4D58BB497AC9D491C343FC069CA40A8B039903A076CB5254553FC16B615642CCC81A555D73E769D363FD5F51404CAD546D88650FEF87DE0EC7BA9AF07F866B2F3701C9E9DFFDC0FD7A7D4A9FA17A88EDD2DFD1CA84181EF89F771213A05D61E10D24010DC2B32A0DE6C2465BA2C2943BDB63C1C9BFA2D6DFFB813448459E4C59B67C02C0B04FAC245287FE6E439DCB0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:64:a1:2a:26:13:7f:c8:5f:a3:7e:51:a5:05:
                    23:14:99:5a:9f:0b:ae:ab:43:dd:f9:6f:d5:84:db:
                    2d:6e:cf:dd:4e:56:ba:98:88:d8:89:38:5b:58:62:
                    41:c0:2b:f6:49:04:32:cb:61:87:e1:46:b0:5d:49:
                    0d:65:20:38:11:95:b7:8f:19:34:cb:2f:f9:6d:18:
                    6b:63:94:16:9d:42:74:b0:11:99:39:62:df:d9:77:
                    db:90:00:e2:6a:5c:c8:1a:dc:69:b0:0e:87:c6:e1:
                    53:cc:80:82:89:60:83:03:bc:4d:58:bb:49:7a:c9:
                    d4:91:c3:43:fc:06:9c:a4:0a:8b:03:99:03:a0:76:
                    cb:52:54:55:3f:c1:6b:61:56:42:cc:c8:1a:55:5d:
                    73:e7:69:d3:63:fd:5f:51:40:4c:ad:54:6d:88:65:
                    0f:ef:87:de:0e:c7:ba:9a:f0:7f:86:6b:2f:37:01:
                    c9:e9:df:fd:c0:fd:7a:7d:4a:9f:a1:7a:88:ed:d2:
                    df:d1:ca:84:18:1e:f8:9f:77:12:13:a0:5d:61:e1:
                    0d:24:01:0d:c2:b3:2a:0d:e6:c2:46:5b:a2:c2:94:
                    3b:db:63:c1:c9:bf:a2:d6:df:fb:81:34:48:45:9e:
                    4c:59:b6:7c:02:c0:b0:4f:ac:24:52:87:fe:6e:43:
                    9d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:F5:51:4E:02:A1:1E:90:91:F7:B8:33:C9:4A:F3:5B:EE:99:9B:64
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3137312e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:57:66:a9:b2:29:e7:cb:19:e4:45:ef:83:3b:99:a8:cd:99:
         3e:aa:04:54:d7:57:f3:2f:a4:68:40:0b:b1:ee:7b:f7:d3:dd:
         1b:13:b7:d9:58:f7:35:bb:95:81:f8:e1:09:bf:58:1b:5f:82:
         80:28:64:f9:0f:29:56:c1:63:3d:77:3b:90:1d:d5:ca:c0:71:
         4d:73:c1:ba:e3:f0:70:34:4e:9c:6f:86:b2:20:16:2f:54:8b:
         52:7c:3f:2f:df:92:84:58:63:1c:b4:96:dd:80:3c:59:0f:e2:
         1a:a2:4e:b1:bb:f6:9c:a4:de:da:fe:14:10:75:42:d2:32:99:
         d3:b6:70:f0:e5:75:f5:37:b1:95:2f:f3:48:8c:98:77:e1:05:
         4f:13:db:cf:32:4c:3b:5e:55:8b:5a:86:37:31:ef:5a:da:60:
         91:96:52:09:b6:15:dc:53:e3:7a:89:cd:42:56:da:fe:ec:b0:
         2a:49:57:6c:e3:ff:cd:70:9f:33:c4:26:17:e6:02:45:d7:73:
         93:d3:32:91:2a:a7:7d:3d:4f:67:12:25:24:19:d7:2b:4c:1c:
         99:b5:59:f8:35:85:7e:76:b6:52:25:b5:df:54:41:bc:8b:f0:
         a0:d7:56:54:41:1e:c0:dc:ef:c1:3f:a7:22:2b:fe:09:93:1c:
         bc:d0:33:12
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUBkUY7x+4tzenmFGGx5TNT7A3ihcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MjFaFw0yMjA5MzAwMDAxMjFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzQ2NEExMkEyNjEzN0ZDODVG
QTM3RTUxQTUwNTIzMTQ5OTVBOUYwQkFFQUI0M0RERjk2RkQ1ODREQjJENkVDRkRE
NEU1NkJBOTg4OEQ4ODkzODVCNTg2MjQxQzAyQkY2NDkwNDMyQ0I2MTg3RTE0NkIw
NUQ0OTBENjUyMDM4MTE5NUI3OEYxOTM0Q0IyRkY5NkQxODZCNjM5NDE2OUQ0Mjc0
QjAxMTk5Mzk2MkRGRDk3N0RCOTAwMEUyNkE1Q0M4MUFEQzY5QjAwRTg3QzZFMTUz
Q0M4MDgyODk2MDgzMDNCQzRENThCQjQ5N0FDOUQ0OTFDMzQzRkMwNjlDQTQwQThC
MDM5OTAzQTA3NkNCNTI1NDU1M0ZDMTZCNjE1NjQyQ0NDODFBNTU1RDczRTc2OUQz
NjNGRDVGNTE0MDRDQUQ1NDZEODg2NTBGRUY4N0RFMEVDN0JBOUFGMDdGODY2QjJG
MzcwMUM5RTlERkZEQzBGRDdBN0Q0QTlGQTE3QTg4RUREMkRGRDFDQTg0MTgxRUY4
OUY3NzEyMTNBMDVENjFFMTBEMjQwMTBEQzJCMzJBMERFNkMyNDY1QkEyQzI5NDNC
REI2M0MxQzlCRkEyRDZERkZCODEzNDQ4NDU5RTRDNTlCNjdDMDJDMEIwNEZBQzI0
NTI4N0ZFNkU0MzlEQ0IwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxGShKiYTf8hfo35RpQUjFJlanwuuq0Pd+W/VhNstbs/dTla6mIjY
iThbWGJBwCv2SQQyy2GH4UawXUkNZSA4EZW3jxk0yy/5bRhrY5QWnUJ0sBGZOWLf
2XfbkADialzIGtxpsA6HxuFTzICCiWCDA7xNWLtJesnUkcND/AacpAqLA5kDoHbL
UlRVP8FrYVZCzMgaVV1z52nTY/1fUUBMrVRtiGUP74feDse6mvB/hmsvNwHJ6d/9
wP16fUqfoXqI7dLf0cqEGB74n3cSE6BdYeENJAENwrMqDebCRluiwpQ722PByb+i
1t/7gTRIRZ5MWbZ8AsCwT6wkUof+bkOdywIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FGn1UU4CoR6Qkfe4M8lK81vumZtkMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzczMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABwTqswDQYJKoZIhvcNAQELBQADggEBAJFXZqmyKefL
GeRF74M7majNmT6qBFTXV/MvpGhAC7Hue/fT3RsTt9lY9zW7lYH44Qm/WBtfgoAo
ZPkPKVbBYz13O5Ad1crAcU1zwbrj8HA0TpxvhrIgFi9Ui1J8Py/fkoRYYxy0lt2A
PFkP4hqiTrG79pyk3tr+FBB1QtIymdO2cPDldfU3sZUv80iMmHfhBU8T288yTDte
VYtahjcx71raYJGWUgm2FdxT43qJzUJW2v7ssCpJV2zj/81wnzPEJhfmAkXXc5PT
MpEqp309T2cSJSQZ1ytMHJm1Wfg1hX52tlIltd9UQbyL8KDXVlRBHsDc78E/pyIr
/gmTHLzQMxI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:59 2023 by rpki-client on console-ams.rpki-client.org