Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e38372e302f32342d3234203d3e203137343531.roa
File:                     3131372e3130322e38372e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          dYBXWr3eCgpWahb/o+6uOn7Jlql/o6XLkv1MIZFM5kM=
Subject key identifier:   B0:5F:49:61:FD:01:93:22:8B:EA:F9:55:D4:A2:D9:FB:49:DA:82:05
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       5A48019B7F372FBD7B3F8BBD73152799CDCF0324
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e38372e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:16 +0000
ROA not before:           Wed 29 Sep 2021 23:56:16 +0000
ROA not after:            Fri 30 Sep 2022 00:01:16 +0000
asID:                     17451
IP address blocks:        117.102.87.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:48:01:9b:7f:37:2f:bd:7b:3f:8b:bd:73:15:27:99:cd:cf:03:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:16 2021 GMT
            Not After : Sep 30 00:01:16 2022 GMT
        Subject: CN=3082010A0282010100C65ED5156009A40F568A68AB22DA36374095737F15B52E50455CF9D720FA56FDDD7D83B9FD7992FEA2336900E73968CB9C5874CD0F81D213B9BD07C3342ED6F41F632D5CAE04F4C2F24D247798ECBC8FCD4F0ED53EDC07F7FA854561E30441C664F227175310A5A575A14955BFA08CC30B863048BCAE6C10FC8143A7E3DE4140AA832AF2AA487A450FD9531F78839810CA7483BE86F3D2EB0A26B87C0EF855E69BA1EC1F2B4CEA72673230674A5122EAFD7514EDCD47BE1B524250301E035B78DE978EF41CFBBFAEC40CBB47C3C9FCE219F4C6FDA189AA4903CB691EADCF8560A0463EBBC40998ED02693D36E1F00208DCD9D850BAD62E49692EC46D71BE5EC50203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:5e:d5:15:60:09:a4:0f:56:8a:68:ab:22:da:
                    36:37:40:95:73:7f:15:b5:2e:50:45:5c:f9:d7:20:
                    fa:56:fd:dd:7d:83:b9:fd:79:92:fe:a2:33:69:00:
                    e7:39:68:cb:9c:58:74:cd:0f:81:d2:13:b9:bd:07:
                    c3:34:2e:d6:f4:1f:63:2d:5c:ae:04:f4:c2:f2:4d:
                    24:77:98:ec:bc:8f:cd:4f:0e:d5:3e:dc:07:f7:fa:
                    85:45:61:e3:04:41:c6:64:f2:27:17:53:10:a5:a5:
                    75:a1:49:55:bf:a0:8c:c3:0b:86:30:48:bc:ae:6c:
                    10:fc:81:43:a7:e3:de:41:40:aa:83:2a:f2:aa:48:
                    7a:45:0f:d9:53:1f:78:83:98:10:ca:74:83:be:86:
                    f3:d2:eb:0a:26:b8:7c:0e:f8:55:e6:9b:a1:ec:1f:
                    2b:4c:ea:72:67:32:30:67:4a:51:22:ea:fd:75:14:
                    ed:cd:47:be:1b:52:42:50:30:1e:03:5b:78:de:97:
                    8e:f4:1c:fb:bf:ae:c4:0c:bb:47:c3:c9:fc:e2:19:
                    f4:c6:fd:a1:89:aa:49:03:cb:69:1e:ad:cf:85:60:
                    a0:46:3e:bb:c4:09:98:ed:02:69:3d:36:e1:f0:02:
                    08:dc:d9:d8:50:ba:d6:2e:49:69:2e:c4:6d:71:be:
                    5e:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:5F:49:61:FD:01:93:22:8B:EA:F9:55:D4:A2:D9:FB:49:DA:82:05
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e38372e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.102.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:02:99:db:8d:6b:ee:22:85:f6:b5:3d:4d:63:7b:b2:a6:63:
         54:d0:cd:1b:11:c8:59:d8:d8:12:77:49:a1:d6:43:ba:7c:a1:
         fa:5c:42:dc:e2:a2:50:7a:2d:d1:4f:59:6e:df:ef:e3:95:b6:
         de:d6:a9:ee:a4:3c:31:4e:0c:d5:d6:d1:e0:c7:f5:3e:32:8c:
         25:2a:14:1d:54:74:8b:29:c7:b4:31:0d:d9:23:7b:21:5f:35:
         be:a2:4f:b9:17:f8:7a:96:42:f0:30:88:23:e5:19:c8:93:41:
         b4:5f:f9:e9:7d:b6:15:3d:cd:f7:ef:47:79:c5:51:d9:f5:47:
         c3:2e:b7:e9:1f:8a:e0:b9:17:8c:70:fd:d0:ee:5e:26:14:49:
         0c:c8:fb:67:34:30:fe:08:51:2a:7d:31:3f:cb:03:19:d5:ad:
         f8:27:48:21:1b:e9:48:29:52:c3:59:ff:12:6c:21:5c:8a:26:
         54:8c:9e:eb:3c:a2:53:35:39:51:4a:57:66:f7:8f:ee:19:f1:
         a8:6e:41:4f:64:df:78:a2:7f:73:88:36:62:a4:0e:9b:db:0a:
         7b:4b:5a:dc:ff:7c:d1:bd:6a:ed:3f:1d:66:ef:d8:d3:16:1d:
         5e:0c:1a:16:14:4c:14:0a:65:a5:b4:3b:24:e0:c9:c4:29:35:
         d1:ee:ba:0b
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUWkgBm383L717P4u9cxUnmc3PAyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MTZaFw0yMjA5MzAwMDAxMTZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzY1RUQ1MTU2MDA5QTQwRjU2
OEE2OEFCMjJEQTM2Mzc0MDk1NzM3RjE1QjUyRTUwNDU1Q0Y5RDcyMEZBNTZGRERE
N0Q4M0I5RkQ3OTkyRkVBMjMzNjkwMEU3Mzk2OENCOUM1ODc0Q0QwRjgxRDIxM0I5
QkQwN0MzMzQyRUQ2RjQxRjYzMkQ1Q0FFMDRGNEMyRjI0RDI0Nzc5OEVDQkM4RkNE
NEYwRUQ1M0VEQzA3RjdGQTg1NDU2MUUzMDQ0MUM2NjRGMjI3MTc1MzEwQTVBNTc1
QTE0OTU1QkZBMDhDQzMwQjg2MzA0OEJDQUU2QzEwRkM4MTQzQTdFM0RFNDE0MEFB
ODMyQUYyQUE0ODdBNDUwRkQ5NTMxRjc4ODM5ODEwQ0E3NDgzQkU4NkYzRDJFQjBB
MjZCODdDMEVGODU1RTY5QkExRUMxRjJCNENFQTcyNjczMjMwNjc0QTUxMjJFQUZE
NzUxNEVEQ0Q0N0JFMUI1MjQyNTAzMDFFMDM1Qjc4REU5NzhFRjQxQ0ZCQkZBRUM0
MENCQjQ3QzNDOUZDRTIxOUY0QzZGREExODlBQTQ5MDNDQjY5MUVBRENGODU2MEEw
NDYzRUJCQzQwOTk4RUQwMjY5M0QzNkUxRjAwMjA4RENEOUQ4NTBCQUQ2MkU0OTY5
MkVDNDZENzFCRTVFQzUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxl7VFWAJpA9WimirIto2N0CVc38VtS5QRVz51yD6Vv3dfYO5/XmS
/qIzaQDnOWjLnFh0zQ+B0hO5vQfDNC7W9B9jLVyuBPTC8k0kd5jsvI/NTw7VPtwH
9/qFRWHjBEHGZPInF1MQpaV1oUlVv6CMwwuGMEi8rmwQ/IFDp+PeQUCqgyryqkh6
RQ/ZUx94g5gQynSDvobz0usKJrh8DvhV5puh7B8rTOpyZzIwZ0pRIur9dRTtzUe+
G1JCUDAeA1t43peO9Bz7v67EDLtHw8n84hn0xv2hiapJA8tpHq3PhWCgRj67xAmY
7QJpPTbh8AII3NnYULrWLklpLsRtcb5exQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FLBfSWH9AZMii+r5VdSi2ftJ2oIFMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzcyZTMxMzAzMjJlMzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAB1ZlcwDQYJKoZIhvcNAQELBQADggEBAHICmduNa+4i
hfa1PU1je7KmY1TQzRsRyFnY2BJ3SaHWQ7p8ofpcQtziolB6LdFPWW7f7+OVtt7W
qe6kPDFODNXW0eDH9T4yjCUqFB1UdIspx7QxDdkjeyFfNb6iT7kX+HqWQvAwiCPl
GciTQbRf+el9thU9zffvR3nFUdn1R8Mut+kfiuC5F4xw/dDuXiYUSQzI+2c0MP4I
USp9MT/LAxnVrfgnSCEb6UgpUsNZ/xJsIVyKJlSMnus8olM1OVFKV2b3j+4Z8ahu
QU9k33iif3OINmKkDpvbCntLWtz/fNG9au0/HWbv2NMWHV4MGhYUTBQKZaW0OyTg
ycQpNdHuugs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org