Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37392e302f32342d3234203d3e203137343531.roa
File:                     3131382e39392e37392e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          y4AhdEIu9MiyqkLGpkB6Wn4QcUKd6iLzcwgr5Ei+XVE=
Subject key identifier:   B4:A9:3E:7A:32:9A:0D:B4:AC:99:DC:82:19:BE:32:68:E0:66:B8:7C
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       4CFE91D060D878BC1C0B7A6AF01E30F307AB2A9D
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37392e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:11 +0000
ROA not before:           Wed 29 Sep 2021 23:55:11 +0000
ROA not after:            Fri 30 Sep 2022 00:00:11 +0000
asID:                     17451
IP address blocks:        118.99.79.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:fe:91:d0:60:d8:78:bc:1c:0b:7a:6a:f0:1e:30:f3:07:ab:2a:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:11 2021 GMT
            Not After : Sep 30 00:00:11 2022 GMT
        Subject: CN=3082010A0282010100BAB95A47693928D6D0D9EEC1F974339ADB22DA8E019C4DBB62056864745253D2BEF69B328F334289AD530630AB7B338AD1C3E3C3CC2ED8405185F3650D2C42507FFDD6F5EC525976FAE6D23C755D3A308D52653BCD4FE623F06075038243C61B57AFAF0E7E608932C587AA1A089F9979DF4480D405C1E8EE1C1D729D7BD1F936D869C8DE1D13CFBBE68DDFE2B06F6076D9817C4F252CDCAEB348D82ABD2F0EFB8B97654FDB02BD70D8630550087DCE6BC2376982C9F59620C14C4BE8712D4DEE092BB700C3C4B7805834ADACBD6FC1B7594ED5E6DC7BD54D1035630524D8C424F728460EEC734F597703F4698B00A9F6FBE5439ADB6D60436F0E8F6F9F5A952F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b9:5a:47:69:39:28:d6:d0:d9:ee:c1:f9:74:
                    33:9a:db:22:da:8e:01:9c:4d:bb:62:05:68:64:74:
                    52:53:d2:be:f6:9b:32:8f:33:42:89:ad:53:06:30:
                    ab:7b:33:8a:d1:c3:e3:c3:cc:2e:d8:40:51:85:f3:
                    65:0d:2c:42:50:7f:fd:d6:f5:ec:52:59:76:fa:e6:
                    d2:3c:75:5d:3a:30:8d:52:65:3b:cd:4f:e6:23:f0:
                    60:75:03:82:43:c6:1b:57:af:af:0e:7e:60:89:32:
                    c5:87:aa:1a:08:9f:99:79:df:44:80:d4:05:c1:e8:
                    ee:1c:1d:72:9d:7b:d1:f9:36:d8:69:c8:de:1d:13:
                    cf:bb:e6:8d:df:e2:b0:6f:60:76:d9:81:7c:4f:25:
                    2c:dc:ae:b3:48:d8:2a:bd:2f:0e:fb:8b:97:65:4f:
                    db:02:bd:70:d8:63:05:50:08:7d:ce:6b:c2:37:69:
                    82:c9:f5:96:20:c1:4c:4b:e8:71:2d:4d:ee:09:2b:
                    b7:00:c3:c4:b7:80:58:34:ad:ac:bd:6f:c1:b7:59:
                    4e:d5:e6:dc:7b:d5:4d:10:35:63:05:24:d8:c4:24:
                    f7:28:46:0e:ec:73:4f:59:77:03:f4:69:8b:00:a9:
                    f6:fb:e5:43:9a:db:6d:60:43:6f:0e:8f:6f:9f:5a:
                    95:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:A9:3E:7A:32:9A:0D:B4:AC:99:DC:82:19:BE:32:68:E0:66:B8:7C
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e37392e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.99.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:06:97:d6:9b:35:42:9d:7b:74:7b:9b:c2:a6:f1:7c:ee:69:
         1f:82:38:89:2c:2e:47:16:77:3d:38:68:30:a6:cd:7b:0a:e8:
         b6:67:0f:db:1b:44:7a:0c:cd:56:fd:f5:fa:60:04:c6:49:ef:
         ca:fb:47:52:f8:c6:80:a2:1b:6b:dc:4b:62:e7:0f:51:99:9b:
         f1:8f:26:e1:93:ea:b8:93:d4:c8:0a:79:b7:74:fb:60:e1:1b:
         34:3d:df:74:94:ce:99:ce:ae:73:3d:1a:77:3e:7e:2d:2c:17:
         e7:c5:49:82:f5:44:8c:4e:30:f2:e1:3a:f1:c3:4c:a2:42:33:
         e7:58:ba:14:ee:d6:bc:13:9a:04:42:23:8f:5e:b0:11:cd:f8:
         a3:83:6e:18:51:c2:59:2f:83:e8:ca:32:79:d4:ca:a7:55:fe:
         a6:0c:05:f1:7a:a1:5d:e2:b7:d8:00:7f:00:02:fe:d0:3c:19:
         18:c6:d0:81:65:08:bd:d3:aa:bc:73:3f:84:75:ab:54:9f:67:
         74:9f:ce:0b:f3:de:d2:6a:9e:fe:15:c6:d0:06:23:b2:9e:84:
         d0:41:36:e4:80:b4:67:7d:f4:30:be:3f:bf:cf:95:50:c7:d9:
         7e:3e:79:4e:33:8d:89:ed:5e:66:99:0e:27:1c:78:4b:d1:b7:
         19:c3:9a:1a
-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgIUTP6R0GDYeLwcC3pq8B4w8werKp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MTFaFw0yMjA5MzAwMDAwMTFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkFCOTVBNDc2OTM5MjhENkQw
RDlFRUMxRjk3NDMzOUFEQjIyREE4RTAxOUM0REJCNjIwNTY4NjQ3NDUyNTNEMkJF
RjY5QjMyOEYzMzQyODlBRDUzMDYzMEFCN0IzMzhBRDFDM0UzQzNDQzJFRDg0MDUx
ODVGMzY1MEQyQzQyNTA3RkZERDZGNUVDNTI1OTc2RkFFNkQyM0M3NTVEM0EzMDhE
NTI2NTNCQ0Q0RkU2MjNGMDYwNzUwMzgyNDNDNjFCNTdBRkFGMEU3RTYwODkzMkM1
ODdBQTFBMDg5Rjk5NzlERjQ0ODBENDA1QzFFOEVFMUMxRDcyOUQ3QkQxRjkzNkQ4
NjlDOERFMUQxM0NGQkJFNjhEREZFMkIwNkY2MDc2RDk4MTdDNEYyNTJDRENBRUIz
NDhEODJBQkQyRjBFRkI4Qjk3NjU0RkRCMDJCRDcwRDg2MzA1NTAwODdEQ0U2QkMy
Mzc2OTgyQzlGNTk2MjBDMTRDNEJFODcxMkQ0REVFMDkyQkI3MDBDM0M0Qjc4MDU4
MzRBREFDQkQ2RkMxQjc1OTRFRDVFNkRDN0JENTREMTAzNTYzMDUyNEQ4QzQyNEY3
Mjg0NjBFRUM3MzRGNTk3NzAzRjQ2OThCMDBBOUY2RkJFNTQzOUFEQjZENjA0MzZG
MEU4RjZGOUY1QTk1MkYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAurlaR2k5KNbQ2e7B+XQzmtsi2o4BnE27YgVoZHRSU9K+9psyjzNC
ia1TBjCrezOK0cPjw8wu2EBRhfNlDSxCUH/91vXsUll2+ubSPHVdOjCNUmU7zU/m
I/BgdQOCQ8YbV6+vDn5giTLFh6oaCJ+Zed9EgNQFwejuHB1ynXvR+TbYacjeHRPP
u+aN3+Kwb2B22YF8TyUs3K6zSNgqvS8O+4uXZU/bAr1w2GMFUAh9zmvCN2mCyfWW
IMFMS+hxLU3uCSu3AMPEt4BYNK2svW/Bt1lO1ebce9VNEDVjBSTYxCT3KEYO7HNP
WXcD9GmLAKn2++VDmtttYENvDo9vn1qVLwIDAQABo4ICMDCCAiwwHQYDVR0OBBYE
FLSpPnoymg20rJncghm+MmjgZrh8MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGgBggrBgEFBQcB
CwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzgyZTM5MzkyZTM3MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM3MzQz
NTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAdmNPMA0GCSqGSIb3DQEBCwUAA4IBAQAYBpfWmzVCnXt0
e5vCpvF87mkfgjiJLC5HFnc9OGgwps17Cui2Zw/bG0R6DM1W/fX6YATGSe/K+0dS
+MaAohtr3Eti5w9RmZvxjybhk+q4k9TICnm3dPtg4Rs0Pd90lM6Zzq5zPRp3Pn4t
LBfnxUmC9USMTjDy4Trxw0yiQjPnWLoU7ta8E5oEQiOPXrARzfijg24YUcJZL4Po
yjJ51MqnVf6mDAXxeqFd4rfYAH8AAv7QPBkYxtCBZQi906q8cz+EdatUn2d0n84L
897Sap7+FcbQBiOynoTQQTbkgLRnffQwvj+/z5VQx9l+PnlOM42J7V5mmQ4nHHhL
0bcZw5oa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org