Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230312e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3230312e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          3wyCxqCRhM2cMUKHdkEW8BWc1NwgpLr8NIE7o9A6GyI=
Subject key identifier:   C8:0B:EC:FF:9E:DA:76:8F:10:53:8E:B1:09:2A:0B:99:E8:9C:83:6C
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       467B160FDC5296AF1034B5F898CAA2C203C3B6C5
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230312e302f32342d3234203d3e203137343531.roa
Signing time:             Fri 15 Oct 2021 03:00:01 +0000
ROA not before:           Fri 15 Oct 2021 02:55:01 +0000
ROA not after:            Sat 15 Oct 2022 03:00:01 +0000
asID:                     17451
IP address blocks:        182.253.201.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:7b:16:0f:dc:52:96:af:10:34:b5:f8:98:ca:a2:c2:03:c3:b6:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Oct 15 02:55:01 2021 GMT
            Not After : Oct 15 03:00:01 2022 GMT
        Subject: CN=3082010A0282010100984DB6458D066E52E75F1E4C9708B76B0BDE6B9BF6E3CD02E052AB7F5627D20D6F883262C81399004C2AD2EC033F197EFE0D68B67A15B277E4FE3F0734FF98C3C18A3079089DB7A699BDD478187FFCE25C39DC31FAA2E9299D1BDB9AE99D0494E301F2CD9681101F44F59A125DFF3083ACC715F150696C4DFF71A31BFE2B1165DCA96CE0F3893BED91A83F178E2B525D28B85121D66B0E94088B75891A98C817FECF83900D5379BCDEA99E1912B9229A519CB3811BB47DD87376FA8EC4AE7EAA196FC11ACDB42C5C52C1F6DC734B7762EBF743FCCBA960326ED982D6CF81440E16071F2CA62FB989F6CD4B53E373306410A231F913EFB3DF3F7F30C656FDBCDD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:4d:b6:45:8d:06:6e:52:e7:5f:1e:4c:97:08:
                    b7:6b:0b:de:6b:9b:f6:e3:cd:02:e0:52:ab:7f:56:
                    27:d2:0d:6f:88:32:62:c8:13:99:00:4c:2a:d2:ec:
                    03:3f:19:7e:fe:0d:68:b6:7a:15:b2:77:e4:fe:3f:
                    07:34:ff:98:c3:c1:8a:30:79:08:9d:b7:a6:99:bd:
                    d4:78:18:7f:fc:e2:5c:39:dc:31:fa:a2:e9:29:9d:
                    1b:db:9a:e9:9d:04:94:e3:01:f2:cd:96:81:10:1f:
                    44:f5:9a:12:5d:ff:30:83:ac:c7:15:f1:50:69:6c:
                    4d:ff:71:a3:1b:fe:2b:11:65:dc:a9:6c:e0:f3:89:
                    3b:ed:91:a8:3f:17:8e:2b:52:5d:28:b8:51:21:d6:
                    6b:0e:94:08:8b:75:89:1a:98:c8:17:fe:cf:83:90:
                    0d:53:79:bc:de:a9:9e:19:12:b9:22:9a:51:9c:b3:
                    81:1b:b4:7d:d8:73:76:fa:8e:c4:ae:7e:aa:19:6f:
                    c1:1a:cd:b4:2c:5c:52:c1:f6:dc:73:4b:77:62:eb:
                    f7:43:fc:cb:a9:60:32:6e:d9:82:d6:cf:81:44:0e:
                    16:07:1f:2c:a6:2f:b9:89:f6:cd:4b:53:e3:73:30:
                    64:10:a2:31:f9:13:ef:b3:df:3f:7f:30:c6:56:fd:
                    bc:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:0B:EC:FF:9E:DA:76:8F:10:53:8E:B1:09:2A:0B:99:E8:9C:83:6C
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230312e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:e2:1f:71:5e:be:a8:cc:67:d1:89:25:63:f7:67:7b:f6:58:
         a5:63:76:3f:89:11:8d:a5:d1:87:be:b3:f7:1f:99:f4:3f:2e:
         40:7e:16:37:92:6d:6d:b7:5b:be:c6:f9:38:f3:fd:e1:a0:37:
         a3:1d:b8:6b:22:e9:72:2c:90:e0:3e:29:27:61:d1:20:4f:f1:
         c5:79:8e:e2:ce:99:fb:cb:79:ce:f3:3a:8a:04:b3:ef:98:a5:
         10:b8:5b:d7:70:db:bd:63:a5:65:ff:b2:28:99:09:5c:b9:31:
         92:d4:aa:da:66:22:ee:6d:77:ea:73:3b:ee:b5:d1:ca:d6:5e:
         ce:ca:6f:f4:66:2e:b7:e5:ee:a6:d9:88:fd:9b:91:bd:f3:03:
         7b:81:65:6d:be:6e:76:86:d7:00:10:33:bc:82:15:5c:b0:4b:
         41:04:ac:90:c4:02:fc:cb:fe:58:5e:c7:53:b7:26:a3:7d:3d:
         bb:b4:7d:47:54:97:b5:fb:ce:a3:84:59:26:c3:17:cb:c7:69:
         66:13:8e:2e:6d:21:51:15:2f:4f:0f:b9:86:ab:d3:4c:0d:f9:
         14:f8:eb:da:32:e1:53:ec:0b:32:d1:23:b3:47:c8:51:7d:2d:
         db:ef:da:9a:a3:4f:bd:aa:e2:4a:57:fa:b3:67:53:3d:82:64:
         70:a4:73:24
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIURnsWD9xSlq8QNLX4mMqiwgPDtsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTEwMTUwMjU1MDFaFw0yMjEwMTUwMzAwMDFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwOTg0REI2NDU4RDA2NkU1MkU3
NUYxRTRDOTcwOEI3NkIwQkRFNkI5QkY2RTNDRDAyRTA1MkFCN0Y1NjI3RDIwRDZG
ODgzMjYyQzgxMzk5MDA0QzJBRDJFQzAzM0YxOTdFRkUwRDY4QjY3QTE1QjI3N0U0
RkUzRjA3MzRGRjk4QzNDMThBMzA3OTA4OURCN0E2OTlCREQ0NzgxODdGRkNFMjVD
MzlEQzMxRkFBMkU5Mjk5RDFCREI5QUU5OUQwNDk0RTMwMUYyQ0Q5NjgxMTAxRjQ0
RjU5QTEyNURGRjMwODNBQ0M3MTVGMTUwNjk2QzRERkY3MUEzMUJGRTJCMTE2NURD
QTk2Q0UwRjM4OTNCRUQ5MUE4M0YxNzhFMkI1MjVEMjhCODUxMjFENjZCMEU5NDA4
OEI3NTg5MUE5OEM4MTdGRUNGODM5MDBENTM3OUJDREVBOTlFMTkxMkI5MjI5QTUx
OUNCMzgxMUJCNDdERDg3Mzc2RkE4RUM0QUU3RUFBMTk2RkMxMUFDREI0MkM1QzUy
QzFGNkRDNzM0Qjc3NjJFQkY3NDNGQ0NCQTk2MDMyNkVEOTgyRDZDRjgxNDQwRTE2
MDcxRjJDQTYyRkI5ODlGNkNENEI1M0UzNzMzMDY0MTBBMjMxRjkxM0VGQjNERjNG
N0YzMEM2NTZGREJDREQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAmE22RY0GblLnXx5Mlwi3awvea5v2480C4FKrf1Yn0g1viDJiyBOZ
AEwq0uwDPxl+/g1otnoVsnfk/j8HNP+Yw8GKMHkInbemmb3UeBh//OJcOdwx+qLp
KZ0b25rpnQSU4wHyzZaBEB9E9ZoSXf8wg6zHFfFQaWxN/3GjG/4rEWXcqWzg84k7
7ZGoPxeOK1JdKLhRIdZrDpQIi3WJGpjIF/7Pg5ANU3m83qmeGRK5IppRnLOBG7R9
2HN2+o7Ern6qGW/BGs20LFxSwfbcc0t3Yuv3Q/zLqWAybtmC1s+BRA4WBx8spi+5
ifbNS1PjczBkEKIx+RPvs98/fzDGVv283QIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FMgL7P+e2naPEFOOsQkqC5nonINsMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzMDMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9yTANBgkqhkiG9w0BAQsFAAOCAQEAfeIfcV6+
qMxn0YklY/dne/ZYpWN2P4kRjaXRh76z9x+Z9D8uQH4WN5Jtbbdbvsb5OPP94aA3
ox24ayLpciyQ4D4pJ2HRIE/xxXmO4s6Z+8t5zvM6igSz75ilELhb13DbvWOlZf+y
KJkJXLkxktSq2mYi7m136nM77rXRytZezspv9GYut+XuptmI/ZuRvfMDe4Flbb5u
dobXABAzvIIVXLBLQQSskMQC/Mv+WF7HU7cmo309u7R9R1SXtfvOo4RZJsMXy8dp
ZhOOLm0hURUvTw+5hqvTTA35FPjr2jLhU+wLMtEjs0fIUX0t2+/amqNPvariSlf6
s2dTPYJkcKRzJA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org