Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e3131372e302f32342d3234203d3e203137343531.roa
File:                     3131382e39392e3131372e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          X+w1fJc2b4kIemKEtsSz2ZuRIJXXFHJ7FQqlzh9T1Yw=
Subject key identifier:   2E:DF:61:F8:86:A8:01:84:61:2A:82:91:1B:18:2F:1D:13:C9:CA:17
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       34ED31AB321BAA39D71BA903993A14C6A31DD5E0
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e3131372e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:19 +0000
ROA not before:           Wed 29 Sep 2021 23:55:19 +0000
ROA not after:            Fri 30 Sep 2022 00:00:19 +0000
asID:                     17451
IP address blocks:        118.99.117.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:ed:31:ab:32:1b:aa:39:d7:1b:a9:03:99:3a:14:c6:a3:1d:d5:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:19 2021 GMT
            Not After : Sep 30 00:00:19 2022 GMT
        Subject: CN=3082010A0282010100CB019BA083D8CDB099642E9D1E202A1DFD2CAFAC361A4C56A926389283E0157E0F4D957943FDC7560559339C91C796A1157E4F69B7A024C0E583417CBC177F34A8DDC59F103F4453DB7EB19C08E1ED050A442FC8B0F8C8896BBA3D5887CEF5A2434C6CCBB20B69E87503719FD77C0BDB928A0612E848FA6A5FD740CF812457CD108CB2A1796911C6FE66F1BD581523AED3421555BF5B36D2EFF44B97C1B59D987A3D0DF4B8CAA79E951AFC93AE243333592E521655F9014D0FC0D24B191BB78427A0038CABA88E5280F319F16F51F2C80C937888EFF431CC2FC14BE44155A6B26CBAE6C0C132442E8B888BB3BDC84DC44F9F86E69B8A707BC0402D8E0A6312170203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:01:9b:a0:83:d8:cd:b0:99:64:2e:9d:1e:20:
                    2a:1d:fd:2c:af:ac:36:1a:4c:56:a9:26:38:92:83:
                    e0:15:7e:0f:4d:95:79:43:fd:c7:56:05:59:33:9c:
                    91:c7:96:a1:15:7e:4f:69:b7:a0:24:c0:e5:83:41:
                    7c:bc:17:7f:34:a8:dd:c5:9f:10:3f:44:53:db:7e:
                    b1:9c:08:e1:ed:05:0a:44:2f:c8:b0:f8:c8:89:6b:
                    ba:3d:58:87:ce:f5:a2:43:4c:6c:cb:b2:0b:69:e8:
                    75:03:71:9f:d7:7c:0b:db:92:8a:06:12:e8:48:fa:
                    6a:5f:d7:40:cf:81:24:57:cd:10:8c:b2:a1:79:69:
                    11:c6:fe:66:f1:bd:58:15:23:ae:d3:42:15:55:bf:
                    5b:36:d2:ef:f4:4b:97:c1:b5:9d:98:7a:3d:0d:f4:
                    b8:ca:a7:9e:95:1a:fc:93:ae:24:33:33:59:2e:52:
                    16:55:f9:01:4d:0f:c0:d2:4b:19:1b:b7:84:27:a0:
                    03:8c:ab:a8:8e:52:80:f3:19:f1:6f:51:f2:c8:0c:
                    93:78:88:ef:f4:31:cc:2f:c1:4b:e4:41:55:a6:b2:
                    6c:ba:e6:c0:c1:32:44:2e:8b:88:8b:b3:bd:c8:4d:
                    c4:4f:9f:86:e6:9b:8a:70:7b:c0:40:2d:8e:0a:63:
                    12:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:DF:61:F8:86:A8:01:84:61:2A:82:91:1B:18:2F:1D:13:C9:CA:17
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e3131372e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.99.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:5f:4d:cd:99:89:31:89:d4:e5:e9:18:9a:e0:28:58:83:11:
         a5:01:80:e5:ea:d3:74:d3:1a:d5:90:9e:b5:d5:f8:41:34:f2:
         59:75:48:b1:70:d5:8c:6d:f3:f8:aa:aa:d7:65:c4:e6:c8:00:
         e9:3b:0d:87:39:00:aa:10:8a:3e:07:51:16:96:1c:42:37:9e:
         18:e4:3c:04:63:0f:dd:fd:22:a0:96:c1:7f:c2:82:89:b3:01:
         ab:60:d2:ba:ac:96:29:85:dc:e2:b2:a7:1a:fe:c4:8d:90:08:
         84:e6:cd:19:84:d3:c9:e4:73:66:f0:ab:95:8f:21:52:5c:f8:
         1b:1f:5e:ed:6e:98:1e:1b:6f:9c:c6:09:f4:b2:ab:98:44:4b:
         04:b9:7c:42:3c:35:3d:77:dd:4b:65:f1:97:fb:d3:bb:e1:f0:
         6c:b5:3d:b3:16:c5:f8:93:17:60:3a:d3:8f:7c:b4:ab:6b:a3:
         41:19:6a:2d:b6:06:eb:0e:c6:b5:5a:72:b8:73:f2:29:af:ff:
         f8:d1:a4:ca:15:56:78:5a:ba:03:da:78:42:5a:02:fd:2d:b9:
         7f:c4:ee:b9:d3:f9:e4:5f:bf:31:f9:ed:3e:6d:68:bd:c5:a2:
         4b:66:5a:58:37:7a:88:1d:6e:41:47:a8:18:29:ab:b2:c7:69:
         22:99:bb:55
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUNO0xqzIbqjnXG6kDmToUxqMd1eAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MTlaFw0yMjA5MzAwMDAwMTlaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQ0IwMTlCQTA4M0Q4Q0RCMDk5
NjQyRTlEMUUyMDJBMURGRDJDQUZBQzM2MUE0QzU2QTkyNjM4OTI4M0UwMTU3RTBG
NEQ5NTc5NDNGREM3NTYwNTU5MzM5QzkxQzc5NkExMTU3RTRGNjlCN0EwMjRDMEU1
ODM0MTdDQkMxNzdGMzRBOEREQzU5RjEwM0Y0NDUzREI3RUIxOUMwOEUxRUQwNTBB
NDQyRkM4QjBGOEM4ODk2QkJBM0Q1ODg3Q0VGNUEyNDM0QzZDQ0JCMjBCNjlFODc1
MDM3MTlGRDc3QzBCREI5MjhBMDYxMkU4NDhGQTZBNUZENzQwQ0Y4MTI0NTdDRDEw
OENCMkExNzk2OTExQzZGRTY2RjFCRDU4MTUyM0FFRDM0MjE1NTVCRjVCMzZEMkVG
RjQ0Qjk3QzFCNTlEOTg3QTNEMERGNEI4Q0FBNzlFOTUxQUZDOTNBRTI0MzMzMzU5
MkU1MjE2NTVGOTAxNEQwRkMwRDI0QjE5MUJCNzg0MjdBMDAzOENBQkE4OEU1Mjgw
RjMxOUYxNkY1MUYyQzgwQzkzNzg4OEVGRjQzMUNDMkZDMTRCRTQ0MTU1QTZCMjZD
QkFFNkMwQzEzMjQ0MkU4Qjg4OEJCM0JEQzg0REM0NEY5Rjg2RTY5QjhBNzA3QkMw
NDAyRDhFMEE2MzEyMTcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAywGboIPYzbCZZC6dHiAqHf0sr6w2GkxWqSY4koPgFX4PTZV5Q/3H
VgVZM5yRx5ahFX5PabegJMDlg0F8vBd/NKjdxZ8QP0RT236xnAjh7QUKRC/IsPjI
iWu6PViHzvWiQ0xsy7ILaeh1A3Gf13wL25KKBhLoSPpqX9dAz4EkV80QjLKheWkR
xv5m8b1YFSOu00IVVb9bNtLv9EuXwbWdmHo9DfS4yqeelRr8k64kMzNZLlIWVfkB
TQ/A0ksZG7eEJ6ADjKuojlKA8xnxb1HyyAyTeIjv9DHML8FL5EFVprJsuubAwTJE
LouIi7O9yE3ET5+G5puKcHvAQC2OCmMSFwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FC7fYfiGqAGEYSqCkRsYLx0TycoXMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzgyZTM5MzkyZTMxMzEzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAB2Y3UwDQYJKoZIhvcNAQELBQADggEBAGFfTc2ZiTGJ
1OXpGJrgKFiDEaUBgOXq03TTGtWQnrXV+EE08ll1SLFw1Yxt8/iqqtdlxObIAOk7
DYc5AKoQij4HURaWHEI3nhjkPARjD939IqCWwX/CgomzAatg0rqslimF3OKypxr+
xI2QCITmzRmE08nkc2bwq5WPIVJc+BsfXu1umB4bb5zGCfSyq5hESwS5fEI8NT13
3Utl8Zf707vh8Gy1PbMWxfiTF2A60498tKtro0EZai22BusOxrVacrhz8imv//jR
pMoVVnhaugPaeEJaAv0tuX/E7rnT+eRfvzH57T5taL3FoktmWlg3eogdbkFHqBgp
q7LHaSKZu1U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org