Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e38322e302f32342d3234203d3e203137343531.roa
File:                     3131372e3130322e38322e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          Hq2NsvaHWCqIP/D0+5TbNqLOeHRnBtvOY2sWxTfU3lM=
Subject key identifier:   50:91:01:40:A3:B0:72:97:01:18:39:66:CF:9B:00:0E:D1:9E:D9:84
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       5F8AE70BE4E1A0420752B90A7CA2C36E4B6B5848
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e38322e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:24 +0000
ROA not before:           Wed 29 Sep 2021 23:55:24 +0000
ROA not after:            Fri 30 Sep 2022 00:00:24 +0000
asID:                     17451
IP address blocks:        117.102.82.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:8a:e7:0b:e4:e1:a0:42:07:52:b9:0a:7c:a2:c3:6e:4b:6b:58:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:24 2021 GMT
            Not After : Sep 30 00:00:24 2022 GMT
        Subject: CN=3082010A0282010100DA19BFE877E26CE00EA579DE9104BC6599D8296216113A464117D9D402EC9BD9CB24CCA4B8FAC298F101ADB598E7D9F56A4EACFF0045144255BE0C6FDB7BA8B9CADBE738F0BE16CB2EDE92E8571E01D1BF4AEEB273E3790CAA37BD15189515C65C36AE0D747D48D719416BD82735276BCEC7D6E6AFED3D1424F3FDFC66B4281D752F2CB886B52513D769AE2A2415250AE6BA6BD445DA9F875E0B75F7208A434B14D3545E84C50AB4A632C7457F833AE54CD68C6946D5B0C1B99C2529AB14B4FAD4B7F32B3522ABC9E22D5A09523FE36E2782BE5EA12FE675DE28715CB393719B4F1E2961293FE9FDC635761D24BA0517A22CC4035222413CCCF5D703861B0FFF0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:19:bf:e8:77:e2:6c:e0:0e:a5:79:de:91:04:
                    bc:65:99:d8:29:62:16:11:3a:46:41:17:d9:d4:02:
                    ec:9b:d9:cb:24:cc:a4:b8:fa:c2:98:f1:01:ad:b5:
                    98:e7:d9:f5:6a:4e:ac:ff:00:45:14:42:55:be:0c:
                    6f:db:7b:a8:b9:ca:db:e7:38:f0:be:16:cb:2e:de:
                    92:e8:57:1e:01:d1:bf:4a:ee:b2:73:e3:79:0c:aa:
                    37:bd:15:18:95:15:c6:5c:36:ae:0d:74:7d:48:d7:
                    19:41:6b:d8:27:35:27:6b:ce:c7:d6:e6:af:ed:3d:
                    14:24:f3:fd:fc:66:b4:28:1d:75:2f:2c:b8:86:b5:
                    25:13:d7:69:ae:2a:24:15:25:0a:e6:ba:6b:d4:45:
                    da:9f:87:5e:0b:75:f7:20:8a:43:4b:14:d3:54:5e:
                    84:c5:0a:b4:a6:32:c7:45:7f:83:3a:e5:4c:d6:8c:
                    69:46:d5:b0:c1:b9:9c:25:29:ab:14:b4:fa:d4:b7:
                    f3:2b:35:22:ab:c9:e2:2d:5a:09:52:3f:e3:6e:27:
                    82:be:5e:a1:2f:e6:75:de:28:71:5c:b3:93:71:9b:
                    4f:1e:29:61:29:3f:e9:fd:c6:35:76:1d:24:ba:05:
                    17:a2:2c:c4:03:52:22:41:3c:cc:f5:d7:03:86:1b:
                    0f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:91:01:40:A3:B0:72:97:01:18:39:66:CF:9B:00:0E:D1:9E:D9:84
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e38322e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.102.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:bd:a1:a8:aa:dd:ba:40:cf:ed:00:48:ad:92:50:c1:87:60:
         13:c5:4f:e2:28:ab:3f:c9:90:42:82:f9:b3:79:7a:14:5c:7c:
         21:e0:2f:92:63:42:c8:79:b3:1e:13:d2:db:2b:c6:25:46:a1:
         53:ad:c5:2f:6b:c9:cc:19:d5:33:f0:2c:49:99:11:39:cc:50:
         74:d6:14:1c:b3:eb:59:c1:03:ce:0b:c1:ed:d2:42:af:3c:77:
         6f:cf:9a:6b:8d:e5:ba:49:74:9c:43:8d:9d:8c:9e:77:1f:f4:
         4a:95:d7:39:66:e6:c5:a2:d8:17:1c:38:44:c5:ba:8d:4f:86:
         95:fe:fc:52:01:90:dc:3e:f6:ed:af:8a:05:17:b6:9d:0e:b0:
         05:14:51:65:3d:d7:e1:e0:62:f5:7b:55:cd:6b:23:eb:94:f2:
         5e:b3:6f:77:cb:38:f4:67:62:eb:e6:94:19:24:9f:ea:06:83:
         50:a6:99:08:26:e1:b2:10:a2:8e:c2:85:0f:99:a2:80:b7:03:
         8e:37:28:ec:a3:46:cc:54:4b:7b:85:73:95:34:22:ba:18:d5:
         d4:b0:2e:a0:bc:bd:ab:94:db:ff:f8:d2:65:2c:f1:ab:b5:fc:
         c4:95:e3:ba:63:37:65:fb:ee:51:24:83:fc:f8:c6:95:dc:5a:
         03:3f:d1:d7
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUX4rnC+ThoEIHUrkKfKLDbktrWEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjRaFw0yMjA5MzAwMDAwMjRaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwREExOUJGRTg3N0UyNkNFMDBF
QTU3OURFOTEwNEJDNjU5OUQ4Mjk2MjE2MTEzQTQ2NDExN0Q5RDQwMkVDOUJEOUNC
MjRDQ0E0QjhGQUMyOThGMTAxQURCNTk4RTdEOUY1NkE0RUFDRkYwMDQ1MTQ0MjU1
QkUwQzZGREI3QkE4QjlDQURCRTczOEYwQkUxNkNCMkVERTkyRTg1NzFFMDFEMUJG
NEFFRUIyNzNFMzc5MENBQTM3QkQxNTE4OTUxNUM2NUMzNkFFMEQ3NDdENDhENzE5
NDE2QkQ4MjczNTI3NkJDRUM3RDZFNkFGRUQzRDE0MjRGM0ZERkM2NkI0MjgxRDc1
MkYyQ0I4ODZCNTI1MTNENzY5QUUyQTI0MTUyNTBBRTZCQTZCRDQ0NURBOUY4NzVF
MEI3NUY3MjA4QTQzNEIxNEQzNTQ1RTg0QzUwQUI0QTYzMkM3NDU3RjgzM0FFNTRD
RDY4QzY5NDZENUIwQzFCOTlDMjUyOUFCMTRCNEZBRDRCN0YzMkIzNTIyQUJDOUUy
MkQ1QTA5NTIzRkUzNkUyNzgyQkU1RUExMkZFNjc1REUyODcxNUNCMzkzNzE5QjRG
MUUyOTYxMjkzRkU5RkRDNjM1NzYxRDI0QkEwNTE3QTIyQ0M0MDM1MjIyNDEzQ0ND
RjVENzAzODYxQjBGRkYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2hm/6HfibOAOpXnekQS8ZZnYKWIWETpGQRfZ1ALsm9nLJMykuPrC
mPEBrbWY59n1ak6s/wBFFEJVvgxv23uoucrb5zjwvhbLLt6S6FceAdG/Su6yc+N5
DKo3vRUYlRXGXDauDXR9SNcZQWvYJzUna87H1uav7T0UJPP9/Ga0KB11Lyy4hrUl
E9dpriokFSUK5rpr1EXan4deC3X3IIpDSxTTVF6ExQq0pjLHRX+DOuVM1oxpRtWw
wbmcJSmrFLT61LfzKzUiq8niLVoJUj/jbieCvl6hL+Z13ihxXLOTcZtPHilhKT/p
/cY1dh0kugUXoizEA1IiQTzM9dcDhhsP/wIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FFCRAUCjsHKXARg5Zs+bAA7RntmEMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzcyZTMxMzAzMjJlMzgzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAB1ZlIwDQYJKoZIhvcNAQELBQADggEBAJi9oaiq3bpA
z+0ASK2SUMGHYBPFT+Ioqz/JkEKC+bN5ehRcfCHgL5JjQsh5sx4T0tsrxiVGoVOt
xS9rycwZ1TPwLEmZETnMUHTWFByz61nBA84Lwe3SQq88d2/PmmuN5bpJdJxDjZ2M
nncf9EqV1zlm5sWi2BccOETFuo1PhpX+/FIBkNw+9u2vigUXtp0OsAUUUWU91+Hg
YvV7Vc1rI+uU8l6zb3fLOPRnYuvmlBkkn+oGg1CmmQgm4bIQoo7ChQ+ZooC3A443
KOyjRsxUS3uFc5U0IroY1dSwLqC8vauU2//40mUs8au1/MSV47pjN2X77lEkg/z4
xpXcWgM/0dc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org