Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3137372e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3137372e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          XqDEzU44LdsH8sNFDpaB2EdToW/Mgll/UP/1yVAlotc=
Subject key identifier:   41:3A:42:24:CF:77:08:A8:12:18:14:21:1E:57:10:3C:95:03:CC:56
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       18B695A67E76831BA0507BD97EEDA55873662EAC
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3137372e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:06 +0000
ROA not before:           Wed 29 Sep 2021 23:56:06 +0000
ROA not after:            Fri 30 Sep 2022 00:01:06 +0000
asID:                     17451
IP address blocks:        112.78.177.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:b6:95:a6:7e:76:83:1b:a0:50:7b:d9:7e:ed:a5:58:73:66:2e:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:06 2021 GMT
            Not After : Sep 30 00:01:06 2022 GMT
        Subject: CN=3082010A0282010100CBDCB626EB068C4DAA522D54C7AD1585071413757D4B51E6338CD73451336B1A6416F4871503799F1C18BA35B63BA3730597F73857B11B8CDC8635BC8F7B29EF2EB37B1D4D62F2B1DAACF747FC2BBDBDFD6066971B44012C9016697402436B529E59CDB863CB970424A4C37D9F6520B4094323A05ED13811733BB9782D886FF9FEF754BF6A0D4640F919D53EE584656CA1C1771F15F483EA8B3B8DE66BAEC9DAD43EF534DE288392EA139BCDA616740E71B3A56414C94D9625EA14CA06BE4CC1D24F48F1A553329DEDACE29CFA00AB5766BDF2EC244B4925814042125CBF12DD04AE2C1CB64D20F7597374B6B672B68881F529F35CA83EF7136EF723041B70C70203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:dc:b6:26:eb:06:8c:4d:aa:52:2d:54:c7:ad:
                    15:85:07:14:13:75:7d:4b:51:e6:33:8c:d7:34:51:
                    33:6b:1a:64:16:f4:87:15:03:79:9f:1c:18:ba:35:
                    b6:3b:a3:73:05:97:f7:38:57:b1:1b:8c:dc:86:35:
                    bc:8f:7b:29:ef:2e:b3:7b:1d:4d:62:f2:b1:da:ac:
                    f7:47:fc:2b:bd:bd:fd:60:66:97:1b:44:01:2c:90:
                    16:69:74:02:43:6b:52:9e:59:cd:b8:63:cb:97:04:
                    24:a4:c3:7d:9f:65:20:b4:09:43:23:a0:5e:d1:38:
                    11:73:3b:b9:78:2d:88:6f:f9:fe:f7:54:bf:6a:0d:
                    46:40:f9:19:d5:3e:e5:84:65:6c:a1:c1:77:1f:15:
                    f4:83:ea:8b:3b:8d:e6:6b:ae:c9:da:d4:3e:f5:34:
                    de:28:83:92:ea:13:9b:cd:a6:16:74:0e:71:b3:a5:
                    64:14:c9:4d:96:25:ea:14:ca:06:be:4c:c1:d2:4f:
                    48:f1:a5:53:32:9d:ed:ac:e2:9c:fa:00:ab:57:66:
                    bd:f2:ec:24:4b:49:25:81:40:42:12:5c:bf:12:dd:
                    04:ae:2c:1c:b6:4d:20:f7:59:73:74:b6:b6:72:b6:
                    88:81:f5:29:f3:5c:a8:3e:f7:13:6e:f7:23:04:1b:
                    70:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:3A:42:24:CF:77:08:A8:12:18:14:21:1E:57:10:3C:95:03:CC:56
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3137372e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:10:84:0c:bf:a1:2e:e7:7e:17:36:61:22:21:eb:c3:c9:53:
         c8:dc:04:fd:54:ed:4e:a8:47:3b:2d:40:07:56:6c:47:f1:06:
         5d:fa:fb:e4:03:a4:15:a0:82:d5:ae:a1:14:e4:97:10:1d:9b:
         17:4e:22:0c:c0:c0:88:2d:4c:92:4e:b9:c2:48:ed:76:c5:26:
         7e:d1:f1:26:d6:9c:7d:6f:05:c9:37:bf:7a:cd:d5:69:e2:aa:
         52:37:e1:b5:2b:33:bb:f1:e6:18:79:1f:af:0c:83:4c:62:f0:
         d4:00:0f:77:43:79:1f:5b:73:6f:18:c2:f6:c2:81:37:d6:15:
         60:d0:c6:f2:fc:f4:22:fc:8e:30:d8:93:5b:dc:26:c3:06:ce:
         f1:57:ba:09:bd:08:36:61:d8:b6:1d:f8:b5:68:7e:b8:5e:c5:
         12:5a:ff:1f:0a:c2:eb:ad:4c:c7:2f:9d:0f:f0:ca:f6:f0:bb:
         a7:d1:db:b7:b2:e5:bc:cf:ac:c0:54:58:32:03:b0:a6:fe:9a:
         71:a9:60:11:b7:e0:98:51:6b:d8:0b:71:d1:84:30:35:72:8e:
         40:2b:73:67:c4:5a:32:17:be:fa:15:5b:1a:01:22:ee:92:5c:
         90:7c:06:66:01:38:bb:5c:4b:85:fc:9b:c0:77:2c:31:56:36:
         4a:ea:81:04
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUGLaVpn52gxugUHvZfu2lWHNmLqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MDZaFw0yMjA5MzAwMDAxMDZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQ0JEQ0I2MjZFQjA2OEM0REFB
NTIyRDU0QzdBRDE1ODUwNzE0MTM3NTdENEI1MUU2MzM4Q0Q3MzQ1MTMzNkIxQTY0
MTZGNDg3MTUwMzc5OUYxQzE4QkEzNUI2M0JBMzczMDU5N0Y3Mzg1N0IxMUI4Q0RD
ODYzNUJDOEY3QjI5RUYyRUIzN0IxRDRENjJGMkIxREFBQ0Y3NDdGQzJCQkRCREZE
NjA2Njk3MUI0NDAxMkM5MDE2Njk3NDAyNDM2QjUyOUU1OUNEQjg2M0NCOTcwNDI0
QTRDMzdEOUY2NTIwQjQwOTQzMjNBMDVFRDEzODExNzMzQkI5NzgyRDg4NkZGOUZF
Rjc1NEJGNkEwRDQ2NDBGOTE5RDUzRUU1ODQ2NTZDQTFDMTc3MUYxNUY0ODNFQThC
M0I4REU2NkJBRUM5REFENDNFRjUzNERFMjg4MzkyRUExMzlCQ0RBNjE2NzQwRTcx
QjNBNTY0MTRDOTREOTYyNUVBMTRDQTA2QkU0Q0MxRDI0RjQ4RjFBNTUzMzI5REVE
QUNFMjlDRkEwMEFCNTc2NkJERjJFQzI0NEI0OTI1ODE0MDQyMTI1Q0JGMTJERDA0
QUUyQzFDQjY0RDIwRjc1OTczNzRCNkI2NzJCNjg4ODFGNTI5RjM1Q0E4M0VGNzEz
NkVGNzIzMDQxQjcwQzcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAy9y2JusGjE2qUi1Ux60VhQcUE3V9S1HmM4zXNFEzaxpkFvSHFQN5
nxwYujW2O6NzBZf3OFexG4zchjW8j3sp7y6zex1NYvKx2qz3R/wrvb39YGaXG0QB
LJAWaXQCQ2tSnlnNuGPLlwQkpMN9n2UgtAlDI6Be0TgRczu5eC2Ib/n+91S/ag1G
QPkZ1T7lhGVsocF3HxX0g+qLO43ma67J2tQ+9TTeKIOS6hObzaYWdA5xs6VkFMlN
liXqFMoGvkzB0k9I8aVTMp3trOKc+gCrV2a98uwkS0klgUBCEly/Et0Eriwctk0g
91lzdLa2craIgfUp81yoPvcTbvcjBBtwxwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FEE6QiTPdwioEhgUIR5XEDyVA8xWMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzczNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABwTrEwDQYJKoZIhvcNAQELBQADggEBAIAQhAy/oS7n
fhc2YSIh68PJU8jcBP1U7U6oRzstQAdWbEfxBl36++QDpBWggtWuoRTklxAdmxdO
IgzAwIgtTJJOucJI7XbFJn7R8SbWnH1vBck3v3rN1WniqlI34bUrM7vx5hh5H68M
g0xi8NQAD3dDeR9bc28YwvbCgTfWFWDQxvL89CL8jjDYk1vcJsMGzvFXugm9CDZh
2LYd+LVofrhexRJa/x8KwuutTMcvnQ/wyvbwu6fR27ey5bzPrMBUWDIDsKb+mnGp
YBG34JhRa9gLcdGEMDVyjkArc2fEWjIXvvoVWxoBIu6SXJB8BmYBOLtcS4X8m8B3
LDFWNkrqgQQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:59 2023 by rpki-client on console-ams.rpki-client.org