Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3138392e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3138392e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          6QNo2xEnyfOlIG3QJy5s6mTRvxd0ivodkh8hYN7OTIA=
Subject key identifier:   49:0D:D3:BB:02:74:45:16:71:0C:F6:B0:01:71:22:25:1D:E4:4A:46
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       4B477EDC67FAEB99032AD4FF0EC8A858DC2D15
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3138392e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:14 +0000
ROA not before:           Wed 29 Sep 2021 23:55:14 +0000
ROA not after:            Fri 30 Sep 2022 00:00:14 +0000
asID:                     17451
IP address blocks:        112.78.189.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:47:7e:dc:67:fa:eb:99:03:2a:d4:ff:0e:c8:a8:58:dc:2d:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:14 2021 GMT
            Not After : Sep 30 00:00:14 2022 GMT
        Subject: CN=3082010A0282010100E2E070D227AE8EFD71B63BB09316FE10BEC1C741CA0BF0F0F75CEB21825700DC0A939970248DCE6C45F2C85DC042D91EDEECAF5063E13633B6D0FB56BB0F775D6ED5B8D8DDCD4A77C953F3B189DF9E7FFDDC518D352D12B3ED0BC930BB015CD92EE05D2E36D34AD98CF069E4112CA41477EA9954DED28D416054A1DBA2447000BA3B810F933EB1E659016D9753982A276B2FD980508A400888C0DF7DE146F2BBA43BBA2C795F2882C657D3F4FF97ADD26E85D0F3C4D2B847D6C80DF4880EEAA7647574E59510AB815327068D544493F54E6D0960C4EA51A231E30392A62BE262FA76022D5E7D69C7AF174D444E4D6B766ABFD4F3770C611E4AD66A192261F6370203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e0:70:d2:27:ae:8e:fd:71:b6:3b:b0:93:16:
                    fe:10:be:c1:c7:41:ca:0b:f0:f0:f7:5c:eb:21:82:
                    57:00:dc:0a:93:99:70:24:8d:ce:6c:45:f2:c8:5d:
                    c0:42:d9:1e:de:ec:af:50:63:e1:36:33:b6:d0:fb:
                    56:bb:0f:77:5d:6e:d5:b8:d8:dd:cd:4a:77:c9:53:
                    f3:b1:89:df:9e:7f:fd:dc:51:8d:35:2d:12:b3:ed:
                    0b:c9:30:bb:01:5c:d9:2e:e0:5d:2e:36:d3:4a:d9:
                    8c:f0:69:e4:11:2c:a4:14:77:ea:99:54:de:d2:8d:
                    41:60:54:a1:db:a2:44:70:00:ba:3b:81:0f:93:3e:
                    b1:e6:59:01:6d:97:53:98:2a:27:6b:2f:d9:80:50:
                    8a:40:08:88:c0:df:7d:e1:46:f2:bb:a4:3b:ba:2c:
                    79:5f:28:82:c6:57:d3:f4:ff:97:ad:d2:6e:85:d0:
                    f3:c4:d2:b8:47:d6:c8:0d:f4:88:0e:ea:a7:64:75:
                    74:e5:95:10:ab:81:53:27:06:8d:54:44:93:f5:4e:
                    6d:09:60:c4:ea:51:a2:31:e3:03:92:a6:2b:e2:62:
                    fa:76:02:2d:5e:7d:69:c7:af:17:4d:44:4e:4d:6b:
                    76:6a:bf:d4:f3:77:0c:61:1e:4a:d6:6a:19:22:61:
                    f6:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:0D:D3:BB:02:74:45:16:71:0C:F6:B0:01:71:22:25:1D:E4:4A:46
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3138392e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:8d:3c:41:40:f9:8d:32:6a:18:13:91:1c:88:20:92:27:76:
         14:1b:b5:94:5c:2e:cb:44:88:27:72:4e:6a:01:3a:bd:0e:55:
         e0:20:a9:b5:dd:41:3a:5b:a0:84:31:b5:62:24:80:42:2c:8c:
         bd:f9:4b:8c:9f:d6:ac:2e:22:1b:4e:a1:37:a1:dc:1f:43:f5:
         c1:00:0b:d0:1f:86:97:3e:9a:d1:e9:d6:66:4e:6c:52:2a:9c:
         fe:ab:be:be:23:89:2a:84:44:5e:1e:46:eb:82:5f:0f:24:49:
         45:05:76:f7:f1:ee:e5:86:fa:12:51:95:24:d8:8f:08:e2:83:
         b8:da:4c:7b:38:ca:08:5e:dd:9d:91:63:2c:27:58:4a:ad:1d:
         5b:e0:aa:71:72:72:fb:fe:de:05:be:18:ba:8e:73:3b:11:37:
         b7:4d:29:c7:ca:5b:d9:89:9c:a9:db:ad:b1:b5:dd:78:5f:9d:
         0c:0b:12:4b:e6:1d:5d:7b:6a:19:94:e4:d4:8c:12:f4:e8:6e:
         9b:62:26:a8:9d:e4:e3:9e:b9:74:b4:7f:13:b7:1d:c5:1c:81:
         ec:03:18:35:02:9f:5b:06:bb:ac:94:35:38:d2:d8:8d:a5:33:
         1a:f7:2d:63:7a:a8:8f:6c:69:bf:cd:50:25:c5:8a:86:1f:f5:
         2b:75:64:ee
-----BEGIN CERTIFICATE-----
MIIHIzCCBgugAwIBAgITS0d+3Gf665kDKtT/DsioWNwtFTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhBQzU1NTQ0N0JBNjJDMzkxMDdGMTZCRjU3MkY4MkE0MTdG
NzI4REJGMB4XDTIxMDkyOTIzNTUxNFoXDTIyMDkzMDAwMDAxNFowggItMYICKTCC
AiUGA1UEAxOCAhwzMDgyMDEwQTAyODIwMTAxMDBFMkUwNzBEMjI3QUU4RUZENzFC
NjNCQjA5MzE2RkUxMEJFQzFDNzQxQ0EwQkYwRjBGNzVDRUIyMTgyNTcwMERDMEE5
Mzk5NzAyNDhEQ0U2QzQ1RjJDODVEQzA0MkQ5MUVERUVDQUY1MDYzRTEzNjMzQjZE
MEZCNTZCQjBGNzc1RDZFRDVCOEQ4RERDRDRBNzdDOTUzRjNCMTg5REY5RTdGRkRE
QzUxOEQzNTJEMTJCM0VEMEJDOTMwQkIwMTVDRDkyRUUwNUQyRTM2RDM0QUQ5OENG
MDY5RTQxMTJDQTQxNDc3RUE5OTU0REVEMjhENDE2MDU0QTFEQkEyNDQ3MDAwQkEz
QjgxMEY5MzNFQjFFNjU5MDE2RDk3NTM5ODJBMjc2QjJGRDk4MDUwOEE0MDA4ODhD
MERGN0RFMTQ2RjJCQkE0M0JCQTJDNzk1RjI4ODJDNjU3RDNGNEZGOTdBREQyNkU4
NUQwRjNDNEQyQjg0N0Q2QzgwREY0ODgwRUVBQTc2NDc1NzRFNTk1MTBBQjgxNTMy
NzA2OEQ1NDQ0OTNGNTRFNkQwOTYwQzRFQTUxQTIzMUUzMDM5MkE2MkJFMjYyRkE3
NjAyMkQ1RTdENjlDN0FGMTc0RDQ0NEU0RDZCNzY2QUJGRDRGMzc3MEM2MTFFNEFE
NjZBMTkyMjYxRjYzNzAyMDMwMTAwMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDi4HDSJ66O/XG2O7CTFv4QvsHHQcoL8PD3XOshglcA3AqTmXAkjc5s
RfLIXcBC2R7e7K9QY+E2M7bQ+1a7D3ddbtW42N3NSnfJU/Oxid+ef/3cUY01LRKz
7QvJMLsBXNku4F0uNtNK2YzwaeQRLKQUd+qZVN7SjUFgVKHbokRwALo7gQ+TPrHm
WQFtl1OYKidrL9mAUIpACIjA333hRvK7pDu6LHlfKILGV9P0/5et0m6F0PPE0rhH
1sgN9IgO6qdkdXTllRCrgVMnBo1URJP1Tm0JYMTqUaIx4wOSpiviYvp2Ai1efWnH
rxdNRE5Na3Zqv9TzdwxhHkrWahkiYfY3AgMBAAGjggIyMIICLjAdBgNVHQ4EFgQU
SQ3TuwJ0RRZxDPawAXEiJR3kSkYwHwYDVR0jBBgwFoAUrFVUR7piw5EH8Wv1cvgq
QX9yjb8wDgYDVR0PAQH/BAQDAgeAMIGFBgNVHR8EfjB8MHqgeKB2hnRyc3luYzov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4
NC00ODRmMDI1ZGZmY2MvMC9BQzU1NTQ0N0JBNjJDMzkxMDdGMTZCRjU3MkY4MkE0
MTdGNzI4REJGLmNybDB0BggrBgEFBQcBAQRoMGYwZAYIKwYBBQUHMAKGWHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzIvQUM1NTU0NDdC
QTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3RjcyOERCRi5jZXIwgaIGCCsGAQUFBwEL
BIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5l
dC9yZXBvLzM5OTNmMzUwLWI3NTYtNDkxNi04ZDg0LTQ4NGYwMjVkZmZjYy8wLzMx
MzEzMjJlMzczODJlMzEzODM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNzM0
MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAHBOvTANBgkqhkiG9w0BAQsFAAOCAQEAj408QUD5jTJq
GBORHIggkid2FBu1lFwuy0SIJ3JOagE6vQ5V4CCptd1BOlughDG1YiSAQiyMvflL
jJ/WrC4iG06hN6HcH0P1wQAL0B+Glz6a0enWZk5sUiqc/qu+viOJKoREXh5G64Jf
DyRJRQV29/Hu5Yb6ElGVJNiPCOKDuNpMezjKCF7dnZFjLCdYSq0dW+CqcXJy+/7e
Bb4Yuo5zOxE3t00px8pb2YmcqdutsbXdeF+dDAsSS+YdXXtqGZTk1IwS9Ohum2Im
qJ3k4565dLR/E7cdxRyB7AMYNQKfWwa7rJQ1ONLYjaUzGvctY3qoj2xpv81QJcWK
hh/1K3Vk7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org