Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e31322e302f32332d3234203d3e203137343531.roa
File:                     3138322e3235332e31322e302f32332d3234203d3e203137343531.roa (raw, json)
Hash identifier:          FkC9lVwr2Ad68J1k9h6pVYxT1t5L+IzcEupDgJNDnH4=
Subject key identifier:   33:BE:57:79:1B:06:46:9F:5E:17:49:90:F6:72:F8:62:DD:D1:B7:7D
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       686444EDB54AE0D780D578D8F0DE7D29391AC9FF
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e31322e302f32332d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:27 +0000
ROA not before:           Wed 29 Sep 2021 23:55:27 +0000
ROA not after:            Fri 30 Sep 2022 00:00:27 +0000
asID:                     17451
IP address blocks:        182.253.12.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:64:44:ed:b5:4a:e0:d7:80:d5:78:d8:f0:de:7d:29:39:1a:c9:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:27 2021 GMT
            Not After : Sep 30 00:00:27 2022 GMT
        Subject: CN=3082010A0282010100D980D910C34EC8286B151378A0EA6321824C18BCB09D2F6050549ECC5AB500CF311977BF8A690524235FBEC5577DB465B9DF325868A1CD30D0CD55C716976A69E81E5E1969FF9BB076F505D046601204993068CC38AC05F1441D4435421C1BFCEF0DFAC9C25864D8E825C61C5CB5E81B81E224093BAE00E686E49233D8FCA91BE139D2F09D5B3F14F9029803114737B0ECAA71F3B60FA87C67C3BFF54D68AAE273E79D035DAB6E2BD70E22BCD7C43BFC7FD1B12C0487D39AE42ED8F794FEEFDF26FA144D769829E5459A5C29C3507DF43013399A05CCAAE26285871BDE4A2519E938ECB9EF0C7DFCFE9EABDC21627D600949D24AF863E881BF5EABC5FBEB2D4F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:80:d9:10:c3:4e:c8:28:6b:15:13:78:a0:ea:
                    63:21:82:4c:18:bc:b0:9d:2f:60:50:54:9e:cc:5a:
                    b5:00:cf:31:19:77:bf:8a:69:05:24:23:5f:be:c5:
                    57:7d:b4:65:b9:df:32:58:68:a1:cd:30:d0:cd:55:
                    c7:16:97:6a:69:e8:1e:5e:19:69:ff:9b:b0:76:f5:
                    05:d0:46:60:12:04:99:30:68:cc:38:ac:05:f1:44:
                    1d:44:35:42:1c:1b:fc:ef:0d:fa:c9:c2:58:64:d8:
                    e8:25:c6:1c:5c:b5:e8:1b:81:e2:24:09:3b:ae:00:
                    e6:86:e4:92:33:d8:fc:a9:1b:e1:39:d2:f0:9d:5b:
                    3f:14:f9:02:98:03:11:47:37:b0:ec:aa:71:f3:b6:
                    0f:a8:7c:67:c3:bf:f5:4d:68:aa:e2:73:e7:9d:03:
                    5d:ab:6e:2b:d7:0e:22:bc:d7:c4:3b:fc:7f:d1:b1:
                    2c:04:87:d3:9a:e4:2e:d8:f7:94:fe:ef:df:26:fa:
                    14:4d:76:98:29:e5:45:9a:5c:29:c3:50:7d:f4:30:
                    13:39:9a:05:cc:aa:e2:62:85:87:1b:de:4a:25:19:
                    e9:38:ec:b9:ef:0c:7d:fc:fe:9e:ab:dc:21:62:7d:
                    60:09:49:d2:4a:f8:63:e8:81:bf:5e:ab:c5:fb:eb:
                    2d:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:BE:57:79:1B:06:46:9F:5E:17:49:90:F6:72:F8:62:DD:D1:B7:7D
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e31322e302f32332d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.12.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:ec:5c:b9:7b:4f:b1:b9:01:d3:0f:55:31:90:0c:93:2d:ed:
         5d:a3:17:c3:75:11:45:79:da:4d:d0:55:c0:1b:b9:76:7d:15:
         75:be:1a:34:a2:86:13:54:01:14:b1:d2:d0:7a:ad:98:ff:2a:
         97:e0:2d:f0:3a:33:8b:c9:5a:60:87:a7:30:87:a8:6a:5d:3e:
         68:b3:28:5d:15:01:52:2f:d4:b1:55:5a:89:8c:48:ab:00:98:
         8b:68:26:d9:ae:e4:8b:7f:9a:41:e0:35:41:ad:2a:7a:1f:42:
         6c:7c:f2:bf:6d:44:46:87:ea:02:52:7a:dd:fe:0d:c8:e9:bd:
         af:8e:9b:e9:3f:a9:8e:48:4e:98:57:e1:bd:47:8f:0b:e2:cb:
         fa:5a:62:dd:a9:79:05:fc:7b:96:eb:d8:61:8b:e3:be:34:48:
         8b:d3:7f:9d:a7:69:2b:fd:b1:d8:7d:08:9f:2e:4f:0b:35:13:
         b1:e5:76:43:20:f2:54:6f:23:82:4e:4e:77:85:f6:4d:7c:2a:
         6f:92:56:f1:40:08:a3:b2:de:07:7a:73:d3:80:29:f5:98:08:
         f1:9c:f4:94:52:e3:19:83:92:7c:bb:87:d9:b4:e7:4e:aa:87:
         11:b2:6e:fb:f4:d3:be:a9:d3:6e:ad:51:79:99:d5:ff:b2:c5:
         16:4a:2c:4c
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUaGRE7bVK4NeA1XjY8N59KTkayf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjdaFw0yMjA5MzAwMDAwMjdaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDk4MEQ5MTBDMzRFQzgyODZC
MTUxMzc4QTBFQTYzMjE4MjRDMThCQ0IwOUQyRjYwNTA1NDlFQ0M1QUI1MDBDRjMx
MTk3N0JGOEE2OTA1MjQyMzVGQkVDNTU3N0RCNDY1QjlERjMyNTg2OEExQ0QzMEQw
Q0Q1NUM3MTY5NzZBNjlFODFFNUUxOTY5RkY5QkIwNzZGNTA1RDA0NjYwMTIwNDk5
MzA2OENDMzhBQzA1RjE0NDFENDQzNTQyMUMxQkZDRUYwREZBQzlDMjU4NjREOEU4
MjVDNjFDNUNCNUU4MUI4MUUyMjQwOTNCQUUwMEU2ODZFNDkyMzNEOEZDQTkxQkUx
MzlEMkYwOUQ1QjNGMTRGOTAyOTgwMzExNDczN0IwRUNBQTcxRjNCNjBGQTg3QzY3
QzNCRkY1NEQ2OEFBRTI3M0U3OUQwMzVEQUI2RTJCRDcwRTIyQkNEN0M0M0JGQzdG
RDFCMTJDMDQ4N0QzOUFFNDJFRDhGNzk0RkVFRkRGMjZGQTE0NEQ3Njk4MjlFNTQ1
OUE1QzI5QzM1MDdERjQzMDEzMzk5QTA1Q0NBQUUyNjI4NTg3MUJERTRBMjUxOUU5
MzhFQ0I5RUYwQzdERkNGRTlFQUJEQzIxNjI3RDYwMDk0OUQyNEFGODYzRTg4MUJG
NUVBQkM1RkJFQjJENEYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2YDZEMNOyChrFRN4oOpjIYJMGLywnS9gUFSezFq1AM8xGXe/imkF
JCNfvsVXfbRlud8yWGihzTDQzVXHFpdqaegeXhlp/5uwdvUF0EZgEgSZMGjMOKwF
8UQdRDVCHBv87w36ycJYZNjoJcYcXLXoG4HiJAk7rgDmhuSSM9j8qRvhOdLwnVs/
FPkCmAMRRzew7Kpx87YPqHxnw7/1TWiq4nPnnQNdq24r1w4ivNfEO/x/0bEsBIfT
muQu2PeU/u/fJvoUTXaYKeVFmlwpw1B99DATOZoFzKriYoWHG95KJRnpOOy57wx9
/P6eq9whYn1gCUnSSvhj6IG/XqvF++stTwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FDO+V3kbBkafXhdJkPZy+GLd0bd9MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAG2/QwwDQYJKoZIhvcNAQELBQADggEBAB/sXLl7T7G5
AdMPVTGQDJMt7V2jF8N1EUV52k3QVcAbuXZ9FXW+GjSihhNUARSx0tB6rZj/Kpfg
LfA6M4vJWmCHpzCHqGpdPmizKF0VAVIv1LFVWomMSKsAmItoJtmu5It/mkHgNUGt
KnofQmx88r9tREaH6gJSet3+Dcjpva+Om+k/qY5ITphX4b1Hjwviy/paYt2peQX8
e5br2GGL4740SIvTf52naSv9sdh9CJ8uTws1E7HldkMg8lRvI4JOTneF9k18Km+S
VvFACKOy3gd6c9OAKfWYCPGc9JRS4xmDkny7h9m0506qhxGybvv0076p026tUXmZ
1f+yxRZKLEw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:03 2024 by rpki-client on console-fra.rpki-client.org