Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3138302e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3138302e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          tJGHOMj/kdbxs70RUf/0/B5hpr95ppWV4tidslAsO8A=
Subject key identifier:   6C:10:9E:16:02:C8:42:71:11:38:FC:83:E8:3D:69:E7:7F:39:B7:A0
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       1FFD3C3D56C9BBEDCBE949BA03146BCC002BACAC
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3138302e302f32342d3234203d3e203137343531.roa
Signing time:             Sat 30 Oct 2021 03:00:05 +0000
ROA not before:           Sat 30 Oct 2021 02:55:05 +0000
ROA not after:            Sun 30 Oct 2022 03:00:05 +0000
asID:                     17451
IP address blocks:        182.253.180.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:fd:3c:3d:56:c9:bb:ed:cb:e9:49:ba:03:14:6b:cc:00:2b:ac:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Oct 30 02:55:05 2021 GMT
            Not After : Oct 30 03:00:05 2022 GMT
        Subject: CN=3082010A0282010100D5F6C6BFB946ED3442E7814177758D8D27036525621CB46A3DC25D373CA47184319C8C80736FC5AC00B0AB0E2056C9082234DC958294563712B438585F7450524699EA32B0B576FEDC3DD4F4F91C7D6544F25CFF4E387EEAAEBBF38176B5697C4E0D0B504C9C61445F8473B8C473392DF57AF52D9D89B35A899AC9B566FBF708ED5FBCB34FE3F1C792387FAAFA4E64438C16947EDCFBF1F06B1F65CC1FEDA1CFCAF409D57366F93ACCED77AF0A244BF9FDEDD4EF791014FD0162A8A188ACE994ADEC8434EA49967891C63D7D84EAD484D74BC53213650750353F47F76DF04244AC8B0C57040ABD8D467E4C333D545B46D1F8F88E5434BF658E3A176E0F74FE850203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f6:c6:bf:b9:46:ed:34:42:e7:81:41:77:75:
                    8d:8d:27:03:65:25:62:1c:b4:6a:3d:c2:5d:37:3c:
                    a4:71:84:31:9c:8c:80:73:6f:c5:ac:00:b0:ab:0e:
                    20:56:c9:08:22:34:dc:95:82:94:56:37:12:b4:38:
                    58:5f:74:50:52:46:99:ea:32:b0:b5:76:fe:dc:3d:
                    d4:f4:f9:1c:7d:65:44:f2:5c:ff:4e:38:7e:ea:ae:
                    bb:f3:81:76:b5:69:7c:4e:0d:0b:50:4c:9c:61:44:
                    5f:84:73:b8:c4:73:39:2d:f5:7a:f5:2d:9d:89:b3:
                    5a:89:9a:c9:b5:66:fb:f7:08:ed:5f:bc:b3:4f:e3:
                    f1:c7:92:38:7f:aa:fa:4e:64:43:8c:16:94:7e:dc:
                    fb:f1:f0:6b:1f:65:cc:1f:ed:a1:cf:ca:f4:09:d5:
                    73:66:f9:3a:cc:ed:77:af:0a:24:4b:f9:fd:ed:d4:
                    ef:79:10:14:fd:01:62:a8:a1:88:ac:e9:94:ad:ec:
                    84:34:ea:49:96:78:91:c6:3d:7d:84:ea:d4:84:d7:
                    4b:c5:32:13:65:07:50:35:3f:47:f7:6d:f0:42:44:
                    ac:8b:0c:57:04:0a:bd:8d:46:7e:4c:33:3d:54:5b:
                    46:d1:f8:f8:8e:54:34:bf:65:8e:3a:17:6e:0f:74:
                    fe:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:10:9E:16:02:C8:42:71:11:38:FC:83:E8:3D:69:E7:7F:39:B7:A0
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3138302e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:ec:46:41:3d:4d:28:67:79:3f:c0:b8:96:bc:99:4a:d3:ac:
         d1:b9:79:51:96:e8:c9:8e:e8:c1:e3:f7:a0:1b:08:57:39:14:
         01:fa:01:ce:54:1c:d7:29:99:4d:52:c1:7b:35:5c:15:9f:84:
         72:34:f8:e8:2c:a9:de:c6:67:06:a3:8e:5a:1c:22:d0:b3:5e:
         26:29:6e:17:54:fc:a3:1c:db:4b:9f:12:a3:8c:a3:bf:35:3c:
         b1:82:53:ee:51:45:0e:62:51:df:24:37:10:7e:d9:5c:87:dd:
         ad:51:0a:3c:3f:c8:f7:af:8a:c6:6d:96:38:14:5a:49:0e:9d:
         45:1a:64:5f:67:f7:8c:5d:b0:0b:5b:88:99:26:5e:42:86:fb:
         5c:61:1e:6d:96:ba:6c:86:3c:a6:cb:a2:7c:0f:bd:51:fe:f9:
         66:9f:90:6b:f2:29:9a:f8:e1:29:50:7c:86:10:b6:1c:12:e6:
         e2:2b:b4:73:54:18:92:ba:8d:81:5b:b2:da:d1:ed:31:6a:3f:
         d0:41:b3:59:9e:64:ab:9a:47:fa:31:82:c2:03:a5:88:ae:a2:
         bb:ac:60:b3:5e:f5:d8:e7:ca:84:dd:86:ff:c3:6c:56:f5:08:
         d1:29:79:fd:62:ea:ca:b8:ec:7e:f1:a8:07:08:43:2b:7b:fd:
         78:ed:ca:af
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUH/08PVbJu+3L6Um6AxRrzAArrKwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTEwMzAwMjU1MDVaFw0yMjEwMzAwMzAwMDVaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDVGNkM2QkZCOTQ2RUQzNDQy
RTc4MTQxNzc3NThEOEQyNzAzNjUyNTYyMUNCNDZBM0RDMjVEMzczQ0E0NzE4NDMx
OUM4QzgwNzM2RkM1QUMwMEIwQUIwRTIwNTZDOTA4MjIzNERDOTU4Mjk0NTYzNzEy
QjQzODU4NUY3NDUwNTI0Njk5RUEzMkIwQjU3NkZFREMzREQ0RjRGOTFDN0Q2NTQ0
RjI1Q0ZGNEUzODdFRUFBRUJCRjM4MTc2QjU2OTdDNEUwRDBCNTA0QzlDNjE0NDVG
ODQ3M0I4QzQ3MzM5MkRGNTdBRjUyRDlEODlCMzVBODk5QUM5QjU2NkZCRjcwOEVE
NUZCQ0IzNEZFM0YxQzc5MjM4N0ZBQUZBNEU2NDQzOEMxNjk0N0VEQ0ZCRjFGMDZC
MUY2NUNDMUZFREExQ0ZDQUY0MDlENTczNjZGOTNBQ0NFRDc3QUYwQTI0NEJGOUZE
RURENEVGNzkxMDE0RkQwMTYyQThBMTg4QUNFOTk0QURFQzg0MzRFQTQ5OTY3ODkx
QzYzRDdEODRFQUQ0ODRENzRCQzUzMjEzNjUwNzUwMzUzRjQ3Rjc2REYwNDI0NEFD
OEIwQzU3MDQwQUJEOEQ0NjdFNEMzMzNENTQ1QjQ2RDFGOEY4OEU1NDM0QkY2NThF
M0ExNzZFMEY3NEZFODUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA1fbGv7lG7TRC54FBd3WNjScDZSViHLRqPcJdNzykcYQxnIyAc2/F
rACwqw4gVskIIjTclYKUVjcStDhYX3RQUkaZ6jKwtXb+3D3U9PkcfWVE8lz/Tjh+
6q6784F2tWl8Tg0LUEycYURfhHO4xHM5LfV69S2dibNaiZrJtWb79wjtX7yzT+Px
x5I4f6r6TmRDjBaUftz78fBrH2XMH+2hz8r0CdVzZvk6zO13rwokS/n97dTveRAU
/QFiqKGIrOmUreyENOpJlniRxj19hOrUhNdLxTITZQdQNT9H923wQkSsiwxXBAq9
jUZ+TDM9VFtG0fj4jlQ0v2WOOhduD3T+hQIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FGwQnhYCyEJxETj8g+g9aed/ObegMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzEzODMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9tDANBgkqhkiG9w0BAQsFAAOCAQEAQexGQT1N
KGd5P8C4lryZStOs0bl5UZboyY7oweP3oBsIVzkUAfoBzlQc1ymZTVLBezVcFZ+E
cjT46Cyp3sZnBqOOWhwi0LNeJiluF1T8oxzbS58So4yjvzU8sYJT7lFFDmJR3yQ3
EH7ZXIfdrVEKPD/I96+Kxm2WOBRaSQ6dRRpkX2f3jF2wC1uImSZeQob7XGEebZa6
bIY8psuifA+9Uf75Zp+Qa/IpmvjhKVB8hhC2HBLm4iu0c1QYkrqNgVuy2tHtMWo/
0EGzWZ5kq5pH+jGCwgOliK6iu6xgs1712OfKhN2G/8NsVvUI0Sl5/WLqyrjsfvGo
BwhDK3v9eO3Krw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org