Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37322e302f32342d3234203d3e203137343531.roa
File:                     3131382e39392e37322e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          tCzbNQXxZ+EENqchIng0+/39m3tbuSnmBgR0fbbrVXE=
Subject key identifier:   27:EB:DC:E8:C6:AE:1F:3B:ED:07:DB:CB:47:F4:28:65:BE:74:42:2A
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       071CD880675327069F509B3A45939E633EC15657
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37322e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:09 +0000
ROA not before:           Wed 29 Sep 2021 23:56:09 +0000
ROA not after:            Fri 30 Sep 2022 00:01:09 +0000
asID:                     17451
IP address blocks:        118.99.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:1c:d8:80:67:53:27:06:9f:50:9b:3a:45:93:9e:63:3e:c1:56:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:09 2021 GMT
            Not After : Sep 30 00:01:09 2022 GMT
        Subject: CN=3082010A0282010100D190487810B5678CAD0E9C98EF76F551DBB77B93089F26EEA875EA522E78F6BC1282605BD29FCF0D191646ABF53EE2C326D5E44916E29626425EA01DFD068FE1F79EB6AAAD27CDCC0B6A559E1559296705F6A01AC6B5D76E80EF145FECC0882DCB70FA46CE876008D0A79D4510C623BE49D67CF581137991E5A0C9431AB041DD1A2BEB5981D5BD32AA19CA7C1386B141FD4CA8944F89DC35E9718D5ABB5FF54A0E4ED019A256B068E7A8B1E9A43E48DEB1E499426B4D4A7543348BC9C6CB6ACC96B4FE418B8B5A8EF38414577FCBF3DE0B376E089C25EEC2CDB55D5AAAB8BBE197949630592C60AE8396DDC320AC93BCE2A19D9436B95E6C4DBB31513878059F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:90:48:78:10:b5:67:8c:ad:0e:9c:98:ef:76:
                    f5:51:db:b7:7b:93:08:9f:26:ee:a8:75:ea:52:2e:
                    78:f6:bc:12:82:60:5b:d2:9f:cf:0d:19:16:46:ab:
                    f5:3e:e2:c3:26:d5:e4:49:16:e2:96:26:42:5e:a0:
                    1d:fd:06:8f:e1:f7:9e:b6:aa:ad:27:cd:cc:0b:6a:
                    55:9e:15:59:29:67:05:f6:a0:1a:c6:b5:d7:6e:80:
                    ef:14:5f:ec:c0:88:2d:cb:70:fa:46:ce:87:60:08:
                    d0:a7:9d:45:10:c6:23:be:49:d6:7c:f5:81:13:79:
                    91:e5:a0:c9:43:1a:b0:41:dd:1a:2b:eb:59:81:d5:
                    bd:32:aa:19:ca:7c:13:86:b1:41:fd:4c:a8:94:4f:
                    89:dc:35:e9:71:8d:5a:bb:5f:f5:4a:0e:4e:d0:19:
                    a2:56:b0:68:e7:a8:b1:e9:a4:3e:48:de:b1:e4:99:
                    42:6b:4d:4a:75:43:34:8b:c9:c6:cb:6a:cc:96:b4:
                    fe:41:8b:8b:5a:8e:f3:84:14:57:7f:cb:f3:de:0b:
                    37:6e:08:9c:25:ee:c2:cd:b5:5d:5a:aa:b8:bb:e1:
                    97:94:96:30:59:2c:60:ae:83:96:dd:c3:20:ac:93:
                    bc:e2:a1:9d:94:36:b9:5e:6c:4d:bb:31:51:38:78:
                    05:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:EB:DC:E8:C6:AE:1F:3B:ED:07:DB:CB:47:F4:28:65:BE:74:42:2A
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37322e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.99.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:ba:00:94:03:8d:6b:f4:f7:0b:9f:e5:09:e4:24:b4:35:63:
         1f:7a:6b:50:ad:c8:80:93:26:52:19:10:ad:b5:6f:95:f3:de:
         07:ea:7e:09:d6:cf:33:85:59:c0:3f:73:05:aa:01:3b:64:1b:
         e5:28:12:e3:57:e3:55:d2:40:42:44:5a:01:b5:3d:75:12:17:
         43:df:b5:ec:81:95:00:e3:53:01:f5:03:b8:e4:16:b4:e0:e8:
         69:fa:9b:f3:09:4a:a2:1a:2f:bf:73:fc:36:bc:85:2f:82:f1:
         3c:ea:ee:02:43:61:d9:f5:4c:d3:36:43:9b:18:eb:57:fe:05:
         2c:5a:45:a9:47:66:7f:e5:f3:f0:43:ce:48:df:4b:6f:5f:5a:
         d6:f6:07:59:33:0b:d5:d3:77:15:b9:97:55:b7:b8:44:e0:6a:
         22:83:e7:f6:2e:e7:8e:db:0f:b7:52:dc:3a:26:47:14:98:27:
         0c:17:3b:97:09:c2:8c:f7:83:de:d7:98:65:67:12:bd:35:8b:
         b7:c7:b1:6c:f4:6a:7a:58:75:4b:eb:88:0f:a5:b6:36:63:11:
         d0:e1:71:72:21:77:63:3d:ea:03:7b:b2:e8:fb:16:75:d6:d8:
         77:e0:5a:97:bf:7d:d3:9c:95:42:53:29:4f:93:10:be:2c:21:
         e0:74:69:86
-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgIUBxzYgGdTJwafUJs6RZOeYz7BVlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MDlaFw0yMjA5MzAwMDAxMDlaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDE5MDQ4NzgxMEI1Njc4Q0FE
MEU5Qzk4RUY3NkY1NTFEQkI3N0I5MzA4OUYyNkVFQTg3NUVBNTIyRTc4RjZCQzEy
ODI2MDVCRDI5RkNGMEQxOTE2NDZBQkY1M0VFMkMzMjZENUU0NDkxNkUyOTYyNjQy
NUVBMDFERkQwNjhGRTFGNzlFQjZBQUFEMjdDRENDMEI2QTU1OUUxNTU5Mjk2NzA1
RjZBMDFBQzZCNUQ3NkU4MEVGMTQ1RkVDQzA4ODJEQ0I3MEZBNDZDRTg3NjAwOEQw
QTc5RDQ1MTBDNjIzQkU0OUQ2N0NGNTgxMTM3OTkxRTVBMEM5NDMxQUIwNDFERDFB
MkJFQjU5ODFENUJEMzJBQTE5Q0E3QzEzODZCMTQxRkQ0Q0E4OTQ0Rjg5REMzNUU5
NzE4RDVBQkI1RkY1NEEwRTRFRDAxOUEyNTZCMDY4RTdBOEIxRTlBNDNFNDhERUIx
RTQ5OTQyNkI0RDRBNzU0MzM0OEJDOUM2Q0I2QUNDOTZCNEZFNDE4QjhCNUE4RUYz
ODQxNDU3N0ZDQkYzREUwQjM3NkUwODlDMjVFRUMyQ0RCNTVENUFBQUI4QkJFMTk3
OTQ5NjMwNTkyQzYwQUU4Mzk2RERDMzIwQUM5M0JDRTJBMTlEOTQzNkI5NUU2QzRE
QkIzMTUxMzg3ODA1OUYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0ZBIeBC1Z4ytDpyY73b1Udu3e5MInybuqHXqUi549rwSgmBb0p/P
DRkWRqv1PuLDJtXkSRbiliZCXqAd/QaP4feetqqtJ83MC2pVnhVZKWcF9qAaxrXX
boDvFF/swIgty3D6Rs6HYAjQp51FEMYjvknWfPWBE3mR5aDJQxqwQd0aK+tZgdW9
MqoZynwThrFB/UyolE+J3DXpcY1au1/1Sg5O0BmiVrBo56ix6aQ+SN6x5JlCa01K
dUM0i8nGy2rMlrT+QYuLWo7zhBRXf8vz3gs3bgicJe7CzbVdWqq4u+GXlJYwWSxg
roOW3cMgrJO84qGdlDa5XmxNuzFROHgFnwIDAQABo4ICMDCCAiwwHQYDVR0OBBYE
FCfr3OjGrh877Qfby0f0KGW+dEIqMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGgBggrBgEFBQcB
CwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzgyZTM5MzkyZTM3MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM3MzQz
NTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAdmNIMA0GCSqGSIb3DQEBCwUAA4IBAQCZugCUA41r9PcL
n+UJ5CS0NWMfemtQrciAkyZSGRCttW+V894H6n4J1s8zhVnAP3MFqgE7ZBvlKBLj
V+NV0kBCRFoBtT11EhdD37XsgZUA41MB9QO45Ba04Ohp+pvzCUqiGi+/c/w2vIUv
gvE86u4CQ2HZ9UzTNkObGOtX/gUsWkWpR2Z/5fPwQ85I30tvX1rW9gdZMwvV03cV
uZdVt7hE4Goig+f2LueO2w+3Utw6JkcUmCcMFzuXCcKM94Pe15hlZxK9NYu3x7Fs
9Gp6WHVL64gPpbY2YxHQ4XFyIXdjPeoDe7Lo+xZ11th34FqXv33TnJVCUylPkxC+
LCHgdGmG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org