Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e39302e302f32342d3234203d3e203137343531.roa
File:                     3131372e3130322e39302e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          gNghjYltwkpPfUDH8ojw6jtG8dliUQYoUnzFKOAPZDw=
Subject key identifier:   48:D8:25:4C:C7:60:6A:18:AF:4B:52:7B:A9:16:33:97:01:BB:BA:48
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       748F683618EBD886F802EACB66BB89F1345D1AF9
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e39302e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:43 +0000
ROA not before:           Wed 29 Sep 2021 23:55:43 +0000
ROA not after:            Fri 30 Sep 2022 00:00:43 +0000
asID:                     17451
IP address blocks:        117.102.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:8f:68:36:18:eb:d8:86:f8:02:ea:cb:66:bb:89:f1:34:5d:1a:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:43 2021 GMT
            Not After : Sep 30 00:00:43 2022 GMT
        Subject: CN=3082010A0282010100C4D26B53FEB62367E975F5271BD555BBDF2D0E9191698A26DECCCFF9467CB04A3459DEE2C182D0C6FCEEDCB3639374895CD1F44CDAFA8AA1FF4D2DA664B8068F838833B45D09DDDCD96FAF223CAFFE3930F0CE1D5C1A70CD2CEB2B1C2800C4AF13A11E6ED860B35ED7929943E40D36AA545C362F8A36FA044B6006FB63949AA7ADC4CAE6ADB1195E2A3D02DC93066E883DF01D959816584B0D52825FD8B7456687D684B9CCD109BDAC1B78D1F3D36E9C30CDAD4DDF8A0461898E4E4607E760619252D2C52AEFF334071B94C1370C9953D9E5B39E43206127D99FFF1971F708B51647C5EA2C9006A3A09504A3CAA0ADBCD309401B1B348CE5801AE3F8B9860F510203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d2:6b:53:fe:b6:23:67:e9:75:f5:27:1b:d5:
                    55:bb:df:2d:0e:91:91:69:8a:26:de:cc:cf:f9:46:
                    7c:b0:4a:34:59:de:e2:c1:82:d0:c6:fc:ee:dc:b3:
                    63:93:74:89:5c:d1:f4:4c:da:fa:8a:a1:ff:4d:2d:
                    a6:64:b8:06:8f:83:88:33:b4:5d:09:dd:dc:d9:6f:
                    af:22:3c:af:fe:39:30:f0:ce:1d:5c:1a:70:cd:2c:
                    eb:2b:1c:28:00:c4:af:13:a1:1e:6e:d8:60:b3:5e:
                    d7:92:99:43:e4:0d:36:aa:54:5c:36:2f:8a:36:fa:
                    04:4b:60:06:fb:63:94:9a:a7:ad:c4:ca:e6:ad:b1:
                    19:5e:2a:3d:02:dc:93:06:6e:88:3d:f0:1d:95:98:
                    16:58:4b:0d:52:82:5f:d8:b7:45:66:87:d6:84:b9:
                    cc:d1:09:bd:ac:1b:78:d1:f3:d3:6e:9c:30:cd:ad:
                    4d:df:8a:04:61:89:8e:4e:46:07:e7:60:61:92:52:
                    d2:c5:2a:ef:f3:34:07:1b:94:c1:37:0c:99:53:d9:
                    e5:b3:9e:43:20:61:27:d9:9f:ff:19:71:f7:08:b5:
                    16:47:c5:ea:2c:90:06:a3:a0:95:04:a3:ca:a0:ad:
                    bc:d3:09:40:1b:1b:34:8c:e5:80:1a:e3:f8:b9:86:
                    0f:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:D8:25:4C:C7:60:6A:18:AF:4B:52:7B:A9:16:33:97:01:BB:BA:48
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e39302e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.102.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:93:4d:c7:87:4b:b2:b1:96:7c:fb:2a:77:6b:cc:f1:4f:18:
         44:dd:a1:ab:af:e1:63:7e:69:fb:af:84:49:81:ea:e0:dc:ea:
         89:6f:02:4c:1f:92:b3:1e:22:01:43:ab:f5:f7:a3:8d:b1:24:
         22:05:29:b0:7b:d7:be:bc:d1:1c:1f:77:50:76:8f:10:db:e6:
         49:15:01:a2:4a:63:5e:30:a3:0f:79:65:60:bf:3a:05:04:06:
         95:12:84:58:ef:1b:ec:e3:87:53:3b:c1:c3:d6:27:75:65:44:
         56:f6:3d:da:ef:5d:99:6a:01:a0:f3:fc:44:bd:4c:5c:74:8d:
         df:b5:5b:93:dd:ae:13:1d:dc:6a:88:80:a9:65:8e:71:7c:a3:
         c5:93:ff:17:ee:7b:c3:78:ea:47:cc:dc:69:20:0a:67:23:8c:
         16:0e:b3:11:fb:90:9b:0f:c5:83:71:ac:22:f8:4a:96:e5:83:
         6f:43:96:7b:a0:d3:e1:e9:59:a0:06:e9:fe:21:60:bf:b1:38:
         30:cd:2d:c4:66:8c:78:8c:39:6d:9e:8d:80:78:fb:b8:8b:7a:
         d0:f6:6d:65:18:3c:9c:da:50:8d:e0:c4:3f:80:01:e2:f3:ce:
         59:89:93:ba:0e:c2:d1:24:83:22:18:19:e5:36:5e:a8:60:d2:
         ff:36:33:41
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUdI9oNhjr2Ib4AurLZruJ8TRdGvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDNaFw0yMjA5MzAwMDAwNDNaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzREMjZCNTNGRUI2MjM2N0U5
NzVGNTI3MUJENTU1QkJERjJEMEU5MTkxNjk4QTI2REVDQ0NGRjk0NjdDQjA0QTM0
NTlERUUyQzE4MkQwQzZGQ0VFRENCMzYzOTM3NDg5NUNEMUY0NENEQUZBOEFBMUZG
NEQyREE2NjRCODA2OEY4Mzg4MzNCNDVEMDlERERDRDk2RkFGMjIzQ0FGRkUzOTMw
RjBDRTFENUMxQTcwQ0QyQ0VCMkIxQzI4MDBDNEFGMTNBMTFFNkVEODYwQjM1RUQ3
OTI5OTQzRTQwRDM2QUE1NDVDMzYyRjhBMzZGQTA0NEI2MDA2RkI2Mzk0OUFBN0FE
QzRDQUU2QURCMTE5NUUyQTNEMDJEQzkzMDY2RTg4M0RGMDFEOTU5ODE2NTg0QjBE
NTI4MjVGRDhCNzQ1NjY4N0Q2ODRCOUNDRDEwOUJEQUMxQjc4RDFGM0QzNkU5QzMw
Q0RBRDREREY4QTA0NjE4OThFNEU0NjA3RTc2MDYxOTI1MkQyQzUyQUVGRjMzNDA3
MUI5NEMxMzcwQzk5NTNEOUU1QjM5RTQzMjA2MTI3RDk5RkZGMTk3MUY3MDhCNTE2
NDdDNUVBMkM5MDA2QTNBMDk1MDRBM0NBQTBBREJDRDMwOTQwMUIxQjM0OENFNTgw
MUFFM0Y4Qjk4NjBGNTEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxNJrU/62I2fpdfUnG9VVu98tDpGRaYom3szP+UZ8sEo0Wd7iwYLQ
xvzu3LNjk3SJXNH0TNr6iqH/TS2mZLgGj4OIM7RdCd3c2W+vIjyv/jkw8M4dXBpw
zSzrKxwoAMSvE6Eebthgs17XkplD5A02qlRcNi+KNvoES2AG+2OUmqetxMrmrbEZ
Xio9AtyTBm6IPfAdlZgWWEsNUoJf2LdFZofWhLnM0Qm9rBt40fPTbpwwza1N34oE
YYmOTkYH52BhklLSxSrv8zQHG5TBNwyZU9nls55DIGEn2Z//GXH3CLUWR8XqLJAG
o6CVBKPKoK280wlAGxs0jOWAGuP4uYYPUQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FEjYJUzHYGoYr0tSe6kWM5cBu7pIMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzcyZTMxMzAzMjJlMzkzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAB1ZlowDQYJKoZIhvcNAQELBQADggEBAJ2TTceHS7Kx
lnz7KndrzPFPGETdoauv4WN+afuvhEmB6uDc6olvAkwfkrMeIgFDq/X3o42xJCIF
KbB717680Rwfd1B2jxDb5kkVAaJKY14wow95ZWC/OgUEBpUShFjvG+zjh1M7wcPW
J3VlRFb2PdrvXZlqAaDz/ES9TFx0jd+1W5PdrhMd3GqIgKlljnF8o8WT/xfue8N4
6kfM3GkgCmcjjBYOsxH7kJsPxYNxrCL4Spblg29Dlnug0+HpWaAG6f4hYL+xODDN
LcRmjHiMOW2ejYB4+7iLetD2bWUYPJzaUI3gxD+AAeLzzlmJk7oOwtEkgyIYGeU2
Xqhg0v82M0E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org