Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e39342e302f32342d3234203d3e203137343531.roa
File:                     3131372e3130322e39342e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          3rf06SLd/skSxkoM2NtgA345mL9EScJstdy8cH9Zcqs=
Subject key identifier:   6A:35:92:8F:75:B4:9D:1C:D8:AF:EE:9D:2B:DA:14:22:B6:29:41:A6
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       55EDB4B9E19E99BBE84C0B99D300733C0917AA81
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e39342e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:08 +0000
ROA not before:           Wed 29 Sep 2021 23:56:08 +0000
ROA not after:            Fri 30 Sep 2022 00:01:08 +0000
asID:                     17451
IP address blocks:        117.102.94.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:ed:b4:b9:e1:9e:99:bb:e8:4c:0b:99:d3:00:73:3c:09:17:aa:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:08 2021 GMT
            Not After : Sep 30 00:01:08 2022 GMT
        Subject: CN=3082010A0282010100D7D750259C48988D8FE4285298126B1F6F573428E34514B66C0DD82DA6922E8046B4E4B0AE487D3739672FD53358F57035C97A24609160B80C5E42C7F5CCB5E6AEAED60470FE312A03E937AC9CC9B102CD79E5A7633617343A1A9212C6771B98AE236C70CB4FCEFA5ED62BE73CF199DA360CDAF23EF3C020790C15DE85072A234417F2178987E36F9A635035C6B5986EC12349C8658035988D68C915849D73BE7E1F53D749075EDE00E075002A62E0EBA84E5C70B9A7FE1C79A577A39C95FCE7405FFB5671BCFEF95BE720FC6D99D43578799372F365397C79F45B20BB7B99A228D98530D4F08B3676D87F6C587E8F72CCD914738C255A1066ECDCFD04BF36DD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:d7:50:25:9c:48:98:8d:8f:e4:28:52:98:12:
                    6b:1f:6f:57:34:28:e3:45:14:b6:6c:0d:d8:2d:a6:
                    92:2e:80:46:b4:e4:b0:ae:48:7d:37:39:67:2f:d5:
                    33:58:f5:70:35:c9:7a:24:60:91:60:b8:0c:5e:42:
                    c7:f5:cc:b5:e6:ae:ae:d6:04:70:fe:31:2a:03:e9:
                    37:ac:9c:c9:b1:02:cd:79:e5:a7:63:36:17:34:3a:
                    1a:92:12:c6:77:1b:98:ae:23:6c:70:cb:4f:ce:fa:
                    5e:d6:2b:e7:3c:f1:99:da:36:0c:da:f2:3e:f3:c0:
                    20:79:0c:15:de:85:07:2a:23:44:17:f2:17:89:87:
                    e3:6f:9a:63:50:35:c6:b5:98:6e:c1:23:49:c8:65:
                    80:35:98:8d:68:c9:15:84:9d:73:be:7e:1f:53:d7:
                    49:07:5e:de:00:e0:75:00:2a:62:e0:eb:a8:4e:5c:
                    70:b9:a7:fe:1c:79:a5:77:a3:9c:95:fc:e7:40:5f:
                    fb:56:71:bc:fe:f9:5b:e7:20:fc:6d:99:d4:35:78:
                    79:93:72:f3:65:39:7c:79:f4:5b:20:bb:7b:99:a2:
                    28:d9:85:30:d4:f0:8b:36:76:d8:7f:6c:58:7e:8f:
                    72:cc:d9:14:73:8c:25:5a:10:66:ec:dc:fd:04:bf:
                    36:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:35:92:8F:75:B4:9D:1C:D8:AF:EE:9D:2B:DA:14:22:B6:29:41:A6
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e39342e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.102.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:e5:7c:dc:14:d0:13:91:71:8f:21:c5:ec:b7:1b:38:f0:ea:
         73:13:b8:ad:bc:0e:ab:77:b8:70:3c:df:02:b3:a6:8e:c7:f7:
         5e:47:87:0c:6e:2f:3d:06:82:dd:e8:6d:a0:38:08:fd:35:ea:
         c7:8f:60:39:23:6b:88:da:53:9b:76:88:4a:7e:d5:c7:b9:47:
         49:47:53:cf:40:09:2b:b6:2f:8c:2c:98:04:b3:f7:7c:13:2d:
         7b:a0:68:7c:07:a4:f5:a5:0e:ec:84:12:69:7d:73:27:3f:18:
         0c:fa:b9:ee:17:0e:d4:04:21:c0:27:63:ee:23:36:98:a6:bf:
         b7:10:07:0b:ef:3b:da:df:24:43:d9:35:a5:bb:9b:ed:9b:69:
         53:ba:56:7b:25:65:85:3b:c2:48:cd:a8:df:0f:2a:b4:f6:16:
         10:08:51:6e:3d:7e:63:94:97:e6:69:fc:eb:2b:66:37:82:2e:
         40:21:50:32:28:5e:af:6d:fc:f8:f1:a9:24:61:9f:b9:bc:3d:
         45:94:72:1d:b6:9e:83:0e:68:b2:0b:dd:b5:d2:a7:4e:4e:18:
         9a:b7:a2:0c:d8:cf:83:83:e3:db:73:61:08:c9:62:02:2d:3f:
         8f:99:90:3f:00:6d:aa:67:3e:60:eb:bd:13:70:ed:ed:20:bd:
         78:4a:ac:88
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUVe20ueGembvoTAuZ0wBzPAkXqoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MDhaFw0yMjA5MzAwMDAxMDhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDdENzUwMjU5QzQ4OTg4RDhG
RTQyODUyOTgxMjZCMUY2RjU3MzQyOEUzNDUxNEI2NkMwREQ4MkRBNjkyMkU4MDQ2
QjRFNEIwQUU0ODdEMzczOTY3MkZENTMzNThGNTcwMzVDOTdBMjQ2MDkxNjBCODBD
NUU0MkM3RjVDQ0I1RTZBRUFFRDYwNDcwRkUzMTJBMDNFOTM3QUM5Q0M5QjEwMkNE
NzlFNUE3NjMzNjE3MzQzQTFBOTIxMkM2NzcxQjk4QUUyMzZDNzBDQjRGQ0VGQTVF
RDYyQkU3M0NGMTk5REEzNjBDREFGMjNFRjNDMDIwNzkwQzE1REU4NTA3MkEyMzQ0
MTdGMjE3ODk4N0UzNkY5QTYzNTAzNUM2QjU5ODZFQzEyMzQ5Qzg2NTgwMzU5ODhE
NjhDOTE1ODQ5RDczQkU3RTFGNTNENzQ5MDc1RURFMDBFMDc1MDAyQTYyRTBFQkE4
NEU1QzcwQjlBN0ZFMUM3OUE1NzdBMzlDOTVGQ0U3NDA1RkZCNTY3MUJDRkVGOTVC
RTcyMEZDNkQ5OUQ0MzU3ODc5OTM3MkYzNjUzOTdDNzlGNDVCMjBCQjdCOTlBMjI4
RDk4NTMwRDRGMDhCMzY3NkQ4N0Y2QzU4N0U4RjcyQ0NEOTE0NzM4QzI1NUExMDY2
RUNEQ0ZEMDRCRjM2REQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA19dQJZxImI2P5ChSmBJrH29XNCjjRRS2bA3YLaaSLoBGtOSwrkh9
NzlnL9UzWPVwNcl6JGCRYLgMXkLH9cy15q6u1gRw/jEqA+k3rJzJsQLNeeWnYzYX
NDoakhLGdxuYriNscMtPzvpe1ivnPPGZ2jYM2vI+88AgeQwV3oUHKiNEF/IXiYfj
b5pjUDXGtZhuwSNJyGWANZiNaMkVhJ1zvn4fU9dJB17eAOB1ACpi4OuoTlxwuaf+
HHmld6OclfznQF/7VnG8/vlb5yD8bZnUNXh5k3LzZTl8efRbILt7maIo2YUw1PCL
NnbYf2xYfo9yzNkUc4wlWhBm7Nz9BL823QIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FGo1ko91tJ0c2K/unSvaFCK2KUGmMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzcyZTMxMzAzMjJlMzkzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAB1Zl4wDQYJKoZIhvcNAQELBQADggEBAIHlfNwU0BOR
cY8hxey3Gzjw6nMTuK28Dqt3uHA83wKzpo7H915HhwxuLz0Ggt3obaA4CP016seP
YDkja4jaU5t2iEp+1ce5R0lHU89ACSu2L4wsmASz93wTLXugaHwHpPWlDuyEEml9
cyc/GAz6ue4XDtQEIcAnY+4jNpimv7cQBwvvO9rfJEPZNaW7m+2baVO6VnslZYU7
wkjNqN8PKrT2FhAIUW49fmOUl+Zp/OsrZjeCLkAhUDIoXq9t/PjxqSRhn7m8PUWU
ch22noMOaLIL3bXSp05OGJq3ogzYz4OD49tzYQjJYgItP4+ZkD8AbapnPmDrvRNw
7e0gvXhKrIg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org