Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3135362e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3135362e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          bpziL2ya65EFzEy5758v9Zl7TdbT2Q0zbF4Pynutnwc=
Subject key identifier:   30:4D:0F:50:5D:F1:A3:F2:3A:F8:27:A0:05:B3:9D:47:5F:01:C9:FA
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       48A29276010F9AE503D9D7031A0E18505A7F2927
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3135362e302f32342d3234203d3e203137343531.roa
Signing time:             Sat 25 Dec 2021 08:00:01 +0000
ROA not before:           Sat 25 Dec 2021 07:55:01 +0000
ROA not after:            Sun 25 Dec 2022 08:00:01 +0000
asID:                     17451
IP address blocks:        182.253.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:a2:92:76:01:0f:9a:e5:03:d9:d7:03:1a:0e:18:50:5a:7f:29:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Dec 25 07:55:01 2021 GMT
            Not After : Dec 25 08:00:01 2022 GMT
        Subject: CN=3082010A0282010100BCC2162D1D3212E137A568EAA9F15C2C2D5164EE3743893A26BF71015162565F7071F5335C86A9233EB2BD9F9DDAC21B796A2B22CEFEDB7978F1F45E9F2030AF1A8FDCA3A7C6FB9F396F8442C94EF7C3DF42E9E3EC284F94A2D905F6F6DAB3CB239609E505AC7DA7184521D495B0A084B254B8D6B49E67907E7C0DD269CEAA6B83DD73C0BF4D3959EFE8ADC29F7D0D8FC1AA72DA07DB5A9EF1AA7A22E3F2C5BA62329791BDCC1E1DFF8668B7D08851551EF8DDDD05066EABBC51ED8F26588488F19B3DC6A5BE1A69E1B24D92E0B903626BF02B69FB3EA2204A3A5E609B7898EFFFF433789E5EA573086FCDCDE63D464C5E66028D8002D7D8D5FAE6DF83D44E770203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c2:16:2d:1d:32:12:e1:37:a5:68:ea:a9:f1:
                    5c:2c:2d:51:64:ee:37:43:89:3a:26:bf:71:01:51:
                    62:56:5f:70:71:f5:33:5c:86:a9:23:3e:b2:bd:9f:
                    9d:da:c2:1b:79:6a:2b:22:ce:fe:db:79:78:f1:f4:
                    5e:9f:20:30:af:1a:8f:dc:a3:a7:c6:fb:9f:39:6f:
                    84:42:c9:4e:f7:c3:df:42:e9:e3:ec:28:4f:94:a2:
                    d9:05:f6:f6:da:b3:cb:23:96:09:e5:05:ac:7d:a7:
                    18:45:21:d4:95:b0:a0:84:b2:54:b8:d6:b4:9e:67:
                    90:7e:7c:0d:d2:69:ce:aa:6b:83:dd:73:c0:bf:4d:
                    39:59:ef:e8:ad:c2:9f:7d:0d:8f:c1:aa:72:da:07:
                    db:5a:9e:f1:aa:7a:22:e3:f2:c5:ba:62:32:97:91:
                    bd:cc:1e:1d:ff:86:68:b7:d0:88:51:55:1e:f8:dd:
                    dd:05:06:6e:ab:bc:51:ed:8f:26:58:84:88:f1:9b:
                    3d:c6:a5:be:1a:69:e1:b2:4d:92:e0:b9:03:62:6b:
                    f0:2b:69:fb:3e:a2:20:4a:3a:5e:60:9b:78:98:ef:
                    ff:f4:33:78:9e:5e:a5:73:08:6f:cd:cd:e6:3d:46:
                    4c:5e:66:02:8d:80:02:d7:d8:d5:fa:e6:df:83:d4:
                    4e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:4D:0F:50:5D:F1:A3:F2:3A:F8:27:A0:05:B3:9D:47:5F:01:C9:FA
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3135362e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:a0:42:ba:06:ff:69:77:6e:0e:ce:5d:9b:4c:64:d4:e3:77:
         25:f8:c6:1f:06:26:d3:1b:d9:ac:ff:20:2e:be:14:72:43:c3:
         ba:0c:7f:8e:bb:f7:fa:8e:6f:96:7d:b8:ea:bb:22:a4:a2:a4:
         66:23:bd:3c:b8:d9:5c:0d:45:d8:b2:59:43:ad:f1:b5:45:92:
         6b:1f:11:80:9b:e6:e6:b7:38:be:3f:1e:cb:10:3b:c8:5e:11:
         58:fc:57:0d:9b:11:f8:58:26:40:4e:0d:e9:9c:3b:ff:6b:0e:
         10:89:e5:41:44:78:ec:43:d5:98:66:1d:86:8a:91:09:2f:df:
         a6:64:32:13:7f:db:8d:a3:75:d5:94:bc:3e:f8:4b:82:a0:ef:
         05:e7:75:cc:51:1c:f3:22:bd:47:06:71:b7:2a:52:dd:bd:1c:
         c1:07:db:9c:ec:9c:17:92:38:1e:52:6b:5c:5b:86:c6:ad:40:
         a1:bd:7f:b7:6a:9c:b9:0a:d9:97:2a:d1:c7:18:72:84:f7:7e:
         fd:86:de:d2:c2:b0:5c:df:78:c5:0a:86:5d:d2:31:2c:9f:f7:
         af:de:20:82:66:72:bc:a0:10:af:a8:8e:1d:f8:bf:e9:38:d7:
         78:cf:d8:5a:f3:b3:1a:cc:fa:fb:7f:8e:ac:66:70:95:08:c2:
         f5:8a:3f:bf
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUSKKSdgEPmuUD2dcDGg4YUFp/KScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTEyMjUwNzU1MDFaFw0yMjEyMjUwODAwMDFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkNDMjE2MkQxRDMyMTJFMTM3
QTU2OEVBQTlGMTVDMkMyRDUxNjRFRTM3NDM4OTNBMjZCRjcxMDE1MTYyNTY1Rjcw
NzFGNTMzNUM4NkE5MjMzRUIyQkQ5RjlEREFDMjFCNzk2QTJCMjJDRUZFREI3OTc4
RjFGNDVFOUYyMDMwQUYxQThGRENBM0E3QzZGQjlGMzk2Rjg0NDJDOTRFRjdDM0RG
NDJFOUUzRUMyODRGOTRBMkQ5MDVGNkY2REFCM0NCMjM5NjA5RTUwNUFDN0RBNzE4
NDUyMUQ0OTVCMEEwODRCMjU0QjhENkI0OUU2NzkwN0U3QzBERDI2OUNFQUE2Qjgz
REQ3M0MwQkY0RDM5NTlFRkU4QURDMjlGN0QwRDhGQzFBQTcyREEwN0RCNUE5RUYx
QUE3QTIyRTNGMkM1QkE2MjMyOTc5MUJEQ0MxRTFERkY4NjY4QjdEMDg4NTE1NTFF
RjhEREREMDUwNjZFQUJCQzUxRUQ4RjI2NTg4NDg4RjE5QjNEQzZBNUJFMUE2OUUx
QjI0RDkyRTBCOTAzNjI2QkYwMkI2OUZCM0VBMjIwNEEzQTVFNjA5Qjc4OThFRkZG
RjQzMzc4OUU1RUE1NzMwODZGQ0RDREU2M0Q0NjRDNUU2NjAyOEQ4MDAyRDdEOEQ1
RkFFNkRGODNENDRFNzcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvMIWLR0yEuE3pWjqqfFcLC1RZO43Q4k6Jr9xAVFiVl9wcfUzXIap
Iz6yvZ+d2sIbeWorIs7+23l48fRenyAwrxqP3KOnxvufOW+EQslO98PfQunj7ChP
lKLZBfb22rPLI5YJ5QWsfacYRSHUlbCghLJUuNa0nmeQfnwN0mnOqmuD3XPAv005
We/orcKffQ2Pwapy2gfbWp7xqnoi4/LFumIyl5G9zB4d/4Zot9CIUVUe+N3dBQZu
q7xR7Y8mWISI8Zs9xqW+Gmnhsk2S4LkDYmvwK2n7PqIgSjpeYJt4mO//9DN4nl6l
cwhvzc3mPUZMXmYCjYAC19jV+ubfg9ROdwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FDBND1Bd8aPyOvgnoAWznUdfAcn6MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzNTM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9nDANBgkqhkiG9w0BAQsFAAOCAQEAWKBCugb/
aXduDs5dm0xk1ON3JfjGHwYm0xvZrP8gLr4UckPDugx/jrv3+o5vln246rsipKKk
ZiO9PLjZXA1F2LJZQ63xtUWSax8RgJvm5rc4vj8eyxA7yF4RWPxXDZsR+FgmQE4N
6Zw7/2sOEInlQUR47EPVmGYdhoqRCS/fpmQyE3/bjaN11ZS8PvhLgqDvBed1zFEc
8yK9RwZxtypS3b0cwQfbnOycF5I4HlJrXFuGxq1Aob1/t2qcuQrZlyrRxxhyhPd+
/Ybe0sKwXN94xQqGXdIxLJ/3r94ggmZyvKAQr6iOHfi/6TjXeM/YWvOzGsz6+3+O
rGZwlQjC9Yo/vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:03 2024 by rpki-client on console-fra.rpki-client.org