Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3132352e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3132352e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          rTKaQovTwFggi+eyXGvfLBN4fbjqEt2toUJ4sq59L9c=
Subject key identifier:   27:A7:5A:E3:4E:AC:A4:E2:C9:5B:AE:69:E0:CB:39:2F:2B:94:14:FB
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       64EA6F9B8CAF96EBE011C92D63656B04175EC5D0
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3132352e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:35 +0000
ROA not before:           Wed 29 Sep 2021 23:55:35 +0000
ROA not after:            Fri 30 Sep 2022 00:00:35 +0000
asID:                     17451
IP address blocks:        182.253.125.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:ea:6f:9b:8c:af:96:eb:e0:11:c9:2d:63:65:6b:04:17:5e:c5:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:35 2021 GMT
            Not After : Sep 30 00:00:35 2022 GMT
        Subject: CN=3082010A0282010100A69D8C8AC484D0C6A06EC378FCBFEFB46C1D2BDC86FB3ACBB897120095211542814330CFA1124BD7F94C9DE58C4E2458E0985F7FD8C8728E7D78769FBB0B107C6EC0B54C4EECF3883A9EA6AF3D4050DD87B2BE22733D024871A304FB9FAC1F6887BB0962EAD9CAEA1C5A9C410BF2150D1FFEEB398E1E3FBD89E968D2875C67F64673DB2A4971AEDDBD701DFA32A1952EEB910EBFA3453EDBC8B1AFECE94D45D80AA6FDFCACFD71228835F1CA601F16C2A81159EEED6CFF43005B6322A0B66C4ECF5B13206EAC321602FEA392879BF075EA2CC327793BA96492E9B3B907C832AAEB83214F85851DDEFF32A994074BCC17A6FCA4B1F0F0A44D5B0279C147681BFD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9d:8c:8a:c4:84:d0:c6:a0:6e:c3:78:fc:bf:
                    ef:b4:6c:1d:2b:dc:86:fb:3a:cb:b8:97:12:00:95:
                    21:15:42:81:43:30:cf:a1:12:4b:d7:f9:4c:9d:e5:
                    8c:4e:24:58:e0:98:5f:7f:d8:c8:72:8e:7d:78:76:
                    9f:bb:0b:10:7c:6e:c0:b5:4c:4e:ec:f3:88:3a:9e:
                    a6:af:3d:40:50:dd:87:b2:be:22:73:3d:02:48:71:
                    a3:04:fb:9f:ac:1f:68:87:bb:09:62:ea:d9:ca:ea:
                    1c:5a:9c:41:0b:f2:15:0d:1f:fe:eb:39:8e:1e:3f:
                    bd:89:e9:68:d2:87:5c:67:f6:46:73:db:2a:49:71:
                    ae:dd:bd:70:1d:fa:32:a1:95:2e:eb:91:0e:bf:a3:
                    45:3e:db:c8:b1:af:ec:e9:4d:45:d8:0a:a6:fd:fc:
                    ac:fd:71:22:88:35:f1:ca:60:1f:16:c2:a8:11:59:
                    ee:ed:6c:ff:43:00:5b:63:22:a0:b6:6c:4e:cf:5b:
                    13:20:6e:ac:32:16:02:fe:a3:92:87:9b:f0:75:ea:
                    2c:c3:27:79:3b:a9:64:92:e9:b3:b9:07:c8:32:aa:
                    eb:83:21:4f:85:85:1d:de:ff:32:a9:94:07:4b:cc:
                    17:a6:fc:a4:b1:f0:f0:a4:4d:5b:02:79:c1:47:68:
                    1b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:A7:5A:E3:4E:AC:A4:E2:C9:5B:AE:69:E0:CB:39:2F:2B:94:14:FB
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3132352e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:6a:e6:51:ed:02:9d:7e:52:e5:79:23:07:6a:04:c2:07:91:
         74:51:37:ef:5f:11:f2:b4:40:82:22:84:41:15:8f:c1:e0:70:
         28:cf:a9:e5:63:a2:7e:7e:75:cc:33:41:26:f5:6a:20:6d:b9:
         99:76:60:3a:43:a9:e0:eb:8e:76:84:b5:4b:01:be:3c:c5:08:
         77:19:e4:06:d3:af:5e:7b:ca:96:4c:76:b2:ee:81:8f:c0:d3:
         7a:20:a3:c3:c2:46:f8:83:4b:d0:6a:b1:45:8b:bf:2c:44:99:
         17:b5:93:3d:b0:0e:96:3b:dc:e7:1c:37:43:a4:cc:f7:26:69:
         1f:54:ea:da:64:f0:5f:be:ad:3e:29:c2:bb:b5:4c:24:36:95:
         79:1c:e8:43:18:77:11:57:81:8c:75:88:21:59:0a:d1:c7:3a:
         60:2d:6c:60:7f:3a:ea:68:24:61:88:cc:83:54:94:12:e3:76:
         d0:a6:12:04:46:b0:4b:75:1a:34:37:b2:78:15:f8:20:d1:34:
         e7:ba:8c:1d:ce:f5:8b:7f:42:88:31:6b:f8:61:99:85:77:96:
         d9:ba:9f:cb:df:b4:07:84:d2:42:16:5e:a6:30:8b:e0:dd:65:
         73:72:93:cb:9b:f2:69:b7:67:db:5f:7e:78:ec:e8:78:be:ef:
         5d:e9:bf:45
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUZOpvm4yvluvgEcktY2VrBBdexdAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzVaFw0yMjA5MzAwMDAwMzVaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQTY5RDhDOEFDNDg0RDBDNkEw
NkVDMzc4RkNCRkVGQjQ2QzFEMkJEQzg2RkIzQUNCQjg5NzEyMDA5NTIxMTU0Mjgx
NDMzMENGQTExMjRCRDdGOTRDOURFNThDNEUyNDU4RTA5ODVGN0ZEOEM4NzI4RTdE
Nzg3NjlGQkIwQjEwN0M2RUMwQjU0QzRFRUNGMzg4M0E5RUE2QUYzRDQwNTBERDg3
QjJCRTIyNzMzRDAyNDg3MUEzMDRGQjlGQUMxRjY4ODdCQjA5NjJFQUQ5Q0FFQTFD
NUE5QzQxMEJGMjE1MEQxRkZFRUIzOThFMUUzRkJEODlFOTY4RDI4NzVDNjdGNjQ2
NzNEQjJBNDk3MUFFRERCRDcwMURGQTMyQTE5NTJFRUI5MTBFQkZBMzQ1M0VEQkM4
QjFBRkVDRTk0RDQ1RDgwQUE2RkRGQ0FDRkQ3MTIyODgzNUYxQ0E2MDFGMTZDMkE4
MTE1OUVFRUQ2Q0ZGNDMwMDVCNjMyMkEwQjY2QzRFQ0Y1QjEzMjA2RUFDMzIxNjAy
RkVBMzkyODc5QkYwNzVFQTJDQzMyNzc5M0JBOTY0OTJFOUIzQjkwN0M4MzJBQUVC
ODMyMTRGODU4NTFEREVGRjMyQTk5NDA3NEJDQzE3QTZGQ0E0QjFGMEYwQTQ0RDVC
MDI3OUMxNDc2ODFCRkQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEApp2MisSE0MagbsN4/L/vtGwdK9yG+zrLuJcSAJUhFUKBQzDPoRJL
1/lMneWMTiRY4Jhff9jIco59eHafuwsQfG7AtUxO7POIOp6mrz1AUN2Hsr4icz0C
SHGjBPufrB9oh7sJYurZyuocWpxBC/IVDR/+6zmOHj+9ielo0odcZ/ZGc9sqSXGu
3b1wHfoyoZUu65EOv6NFPtvIsa/s6U1F2Aqm/fys/XEiiDXxymAfFsKoEVnu7Wz/
QwBbYyKgtmxOz1sTIG6sMhYC/qOSh5vwdeoswyd5O6lkkumzuQfIMqrrgyFPhYUd
3v8yqZQHS8wXpvyksfDwpE1bAnnBR2gb/QIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FCenWuNOrKTiyVuuaeDLOS8rlBT7MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzMjM1MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9fTANBgkqhkiG9w0BAQsFAAOCAQEAfWrmUe0C
nX5S5XkjB2oEwgeRdFE3718R8rRAgiKEQRWPweBwKM+p5WOifn51zDNBJvVqIG25
mXZgOkOp4OuOdoS1SwG+PMUIdxnkBtOvXnvKlkx2su6Bj8DTeiCjw8JG+INL0Gqx
RYu/LESZF7WTPbAOljvc5xw3Q6TM9yZpH1Tq2mTwX76tPinCu7VMJDaVeRzoQxh3
EVeBjHWIIVkK0cc6YC1sYH866mgkYYjMg1SUEuN20KYSBEawS3UaNDeyeBX4INE0
57qMHc71i39CiDFr+GGZhXeW2bqfy9+0B4TSQhZepjCL4N1lc3KTy5vyabdn219+
eOzoeL7vXem/RQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org