Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e31302e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e31302e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          FXZKTbSUocHADOzd1UDWk35N4F8AOGIK3JNFON8YI48=
Subject key identifier:   35:7D:84:01:5C:61:75:24:36:E8:8C:A5:0C:8A:D1:58:5C:88:C3:30
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       539492C1F53E1F6BCCE3A2843ECD3406472C4C21
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e31302e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:13 +0000
ROA not before:           Wed 29 Sep 2021 23:55:13 +0000
ROA not after:            Fri 30 Sep 2022 00:00:13 +0000
asID:                     17451
IP address blocks:        182.253.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:94:92:c1:f5:3e:1f:6b:cc:e3:a2:84:3e:cd:34:06:47:2c:4c:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:13 2021 GMT
            Not After : Sep 30 00:00:13 2022 GMT
        Subject: CN=3082010A028201010099F1DB6D68AEABC370195A9DDD143BB64DE6BA55AD443159F660EB27B92FB9071B7936D4D70D802BD6F60E17889392F3D582A04321B65FA282236C8E1F7DA2B1CDFB0529DAFD55E7984ED14DB1E9C778316C00ECA8AD110BA846A02F1AEE5E356F49EE52BE07C1C9437CDD93CBBC8A1A9BD154C84E94ACADED6F069660FA0128484FB7261F7B12AC73D795A017A6AA824D4836C5C115395C6AC09FCA34D40DFBCEB893A5C39C12CCBC26D4C69297B2CB188B3F0037C9AA35CADBC847BF5EC0AB1ABD546A4B34FB4A24509D72D1E0901429F26EF176CF3A51210700355EB09A849F8D2CC1919EB23D5FC749B98B506A7DB20794DFB6D1A56047461A554EEC8C2F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:f1:db:6d:68:ae:ab:c3:70:19:5a:9d:dd:14:
                    3b:b6:4d:e6:ba:55:ad:44:31:59:f6:60:eb:27:b9:
                    2f:b9:07:1b:79:36:d4:d7:0d:80:2b:d6:f6:0e:17:
                    88:93:92:f3:d5:82:a0:43:21:b6:5f:a2:82:23:6c:
                    8e:1f:7d:a2:b1:cd:fb:05:29:da:fd:55:e7:98:4e:
                    d1:4d:b1:e9:c7:78:31:6c:00:ec:a8:ad:11:0b:a8:
                    46:a0:2f:1a:ee:5e:35:6f:49:ee:52:be:07:c1:c9:
                    43:7c:dd:93:cb:bc:8a:1a:9b:d1:54:c8:4e:94:ac:
                    ad:ed:6f:06:96:60:fa:01:28:48:4f:b7:26:1f:7b:
                    12:ac:73:d7:95:a0:17:a6:aa:82:4d:48:36:c5:c1:
                    15:39:5c:6a:c0:9f:ca:34:d4:0d:fb:ce:b8:93:a5:
                    c3:9c:12:cc:bc:26:d4:c6:92:97:b2:cb:18:8b:3f:
                    00:37:c9:aa:35:ca:db:c8:47:bf:5e:c0:ab:1a:bd:
                    54:6a:4b:34:fb:4a:24:50:9d:72:d1:e0:90:14:29:
                    f2:6e:f1:76:cf:3a:51:21:07:00:35:5e:b0:9a:84:
                    9f:8d:2c:c1:91:9e:b2:3d:5f:c7:49:b9:8b:50:6a:
                    7d:b2:07:94:df:b6:d1:a5:60:47:46:1a:55:4e:ec:
                    8c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:7D:84:01:5C:61:75:24:36:E8:8C:A5:0C:8A:D1:58:5C:88:C3:30
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e31302e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:20:34:f2:27:ad:a9:cc:08:c9:6e:4d:8d:a9:ea:6d:88:30:
         60:d1:0f:38:3c:08:96:8d:8e:0f:60:4c:d8:2e:89:e3:ef:7a:
         9f:fd:ad:45:76:03:50:c8:14:64:8c:92:cc:c3:66:ff:85:ad:
         d9:a7:6d:b1:00:78:c3:6d:fb:73:08:20:a8:e2:72:ba:0e:f8:
         5c:57:68:8a:ed:4c:ba:87:de:76:4b:81:e5:c9:6b:0e:81:81:
         6f:90:e1:02:d2:2d:db:25:ef:3c:66:a6:ce:fe:39:a9:40:f3:
         0b:71:84:42:83:79:89:07:24:71:ee:a0:de:35:be:67:88:b6:
         a5:f3:e1:b2:af:7b:3a:87:85:a7:ef:e5:6d:04:58:f5:55:be:
         d4:d0:75:f4:d4:17:e6:f6:75:61:a4:be:92:b6:96:9c:11:e5:
         5c:7a:91:84:f9:7b:36:d8:27:b9:5f:0c:a7:b6:03:a7:76:6c:
         e0:84:00:8e:57:82:a6:84:7c:f2:bb:e2:ca:78:bf:1b:9e:7e:
         5c:aa:12:55:49:05:dc:70:e5:b5:48:3f:7b:0d:dd:ae:f3:dc:
         90:b5:4c:1f:4c:7a:3d:23:06:d7:29:08:7a:1f:0a:5e:03:6b:
         64:77:a8:da:d1:ae:de:e4:d5:7f:90:08:1b:d8:05:50:b0:94:
         79:f7:19:20
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUU5SSwfU+H2vM46KEPs00BkcsTCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MTNaFw0yMjA5MzAwMDAwMTNaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwOTlGMURCNkQ2OEFFQUJDMzcw
MTk1QTlEREQxNDNCQjY0REU2QkE1NUFENDQzMTU5RjY2MEVCMjdCOTJGQjkwNzFC
NzkzNkQ0RDcwRDgwMkJENkY2MEUxNzg4OTM5MkYzRDU4MkEwNDMyMUI2NUZBMjgy
MjM2QzhFMUY3REEyQjFDREZCMDUyOURBRkQ1NUU3OTg0RUQxNERCMUU5Qzc3ODMx
NkMwMEVDQThBRDExMEJBODQ2QTAyRjFBRUU1RTM1NkY0OUVFNTJCRTA3QzFDOTQz
N0NERDkzQ0JCQzhBMUE5QkQxNTRDODRFOTRBQ0FERUQ2RjA2OTY2MEZBMDEyODQ4
NEZCNzI2MUY3QjEyQUM3M0Q3OTVBMDE3QTZBQTgyNEQ0ODM2QzVDMTE1Mzk1QzZB
QzA5RkNBMzRENDBERkJDRUI4OTNBNUMzOUMxMkNDQkMyNkQ0QzY5Mjk3QjJDQjE4
OEIzRjAwMzdDOUFBMzVDQURCQzg0N0JGNUVDMEFCMUFCRDU0NkE0QjM0RkI0QTI0
NTA5RDcyRDFFMDkwMTQyOUYyNkVGMTc2Q0YzQTUxMjEwNzAwMzU1RUIwOUE4NDlG
OEQyQ0MxOTE5RUIyM0Q1RkM3NDlCOThCNTA2QTdEQjIwNzk0REZCNkQxQTU2MDQ3
NDYxQTU1NEVFQzhDMkYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAmfHbbWiuq8NwGVqd3RQ7tk3mulWtRDFZ9mDrJ7kvuQcbeTbU1w2A
K9b2DheIk5Lz1YKgQyG2X6KCI2yOH32isc37BSna/VXnmE7RTbHpx3gxbADsqK0R
C6hGoC8a7l41b0nuUr4HwclDfN2Ty7yKGpvRVMhOlKyt7W8GlmD6AShIT7cmH3sS
rHPXlaAXpqqCTUg2xcEVOVxqwJ/KNNQN+864k6XDnBLMvCbUxpKXsssYiz8AN8mq
NcrbyEe/XsCrGr1Uaks0+0okUJ1y0eCQFCnybvF2zzpRIQcANV6wmoSfjSzBkZ6y
PV/HSbmLUGp9sgeU37bRpWBHRhpVTuyMLwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FDV9hAFcYXUkNuiMpQyK0VhciMMwMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAC2/QowDQYJKoZIhvcNAQELBQADggEBAEEgNPInranM
CMluTY2p6m2IMGDRDzg8CJaNjg9gTNguiePvep/9rUV2A1DIFGSMkszDZv+Frdmn
bbEAeMNt+3MIIKjicroO+FxXaIrtTLqH3nZLgeXJaw6BgW+Q4QLSLdsl7zxmps7+
OalA8wtxhEKDeYkHJHHuoN41vmeItqXz4bKvezqHhafv5W0EWPVVvtTQdfTUF+b2
dWGkvpK2lpwR5Vx6kYT5ezbYJ7lfDKe2A6d2bOCEAI5XgqaEfPK74sp4vxueflyq
ElVJBdxw5bVIP3sN3a7z3JC1TB9Mej0jBtcpCHofCl4Da2R3qNrRrt7k1X+QCBvY
BVCwlHn3GSA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org