Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230392e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3230392e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          65dPjICD2CcujwnAKm9POqK+ELSLt7YzbfbZb+IWnHY=
Subject key identifier:   2D:93:38:E6:60:58:04:89:11:6A:5F:74:36:A0:33:A1:B7:07:E0:18
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       0E902EC48E0CABCDAA75E2916AE607A8B7B70FD8
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230392e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:40 +0000
ROA not before:           Wed 29 Sep 2021 23:55:40 +0000
ROA not after:            Fri 30 Sep 2022 00:00:40 +0000
asID:                     17451
IP address blocks:        182.253.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:90:2e:c4:8e:0c:ab:cd:aa:75:e2:91:6a:e6:07:a8:b7:b7:0f:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:40 2021 GMT
            Not After : Sep 30 00:00:40 2022 GMT
        Subject: CN=3082010A0282010100C2052B442DB708836D0749AF33CDE36DF21E353ECBAEE2A4EDBD08530B84A8D35B4117A4C8BF7CC8BD6B26EFA36551EECA522274B2BF4215979FB2F2D9550558CB280D7D8448F6E9FE550FDA79024F8B78F82490956FC8F9172B60F7F58307EEC19F2B69F818E6E3670D766D28647303A92B9C1630118C0FFE142D1D48C5A905644BF02D2E385EEE6135C78647E232C792D7438930C2ACD1E56FD3C64CAB3D12AC10B7643D8C98716DF72A39E8FBCB295D1746024139FB2DFACD69B480D25756C67704D5FCB0D74447B3BA5E6E61DD2242640355E37EDB47614A90613AB1D799CD1E38C4B5B2D27F82F89F719ECEDFD4CA8B7AF55360A221B212DA77CB94EA230203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:05:2b:44:2d:b7:08:83:6d:07:49:af:33:cd:
                    e3:6d:f2:1e:35:3e:cb:ae:e2:a4:ed:bd:08:53:0b:
                    84:a8:d3:5b:41:17:a4:c8:bf:7c:c8:bd:6b:26:ef:
                    a3:65:51:ee:ca:52:22:74:b2:bf:42:15:97:9f:b2:
                    f2:d9:55:05:58:cb:28:0d:7d:84:48:f6:e9:fe:55:
                    0f:da:79:02:4f:8b:78:f8:24:90:95:6f:c8:f9:17:
                    2b:60:f7:f5:83:07:ee:c1:9f:2b:69:f8:18:e6:e3:
                    67:0d:76:6d:28:64:73:03:a9:2b:9c:16:30:11:8c:
                    0f:fe:14:2d:1d:48:c5:a9:05:64:4b:f0:2d:2e:38:
                    5e:ee:61:35:c7:86:47:e2:32:c7:92:d7:43:89:30:
                    c2:ac:d1:e5:6f:d3:c6:4c:ab:3d:12:ac:10:b7:64:
                    3d:8c:98:71:6d:f7:2a:39:e8:fb:cb:29:5d:17:46:
                    02:41:39:fb:2d:fa:cd:69:b4:80:d2:57:56:c6:77:
                    04:d5:fc:b0:d7:44:47:b3:ba:5e:6e:61:dd:22:42:
                    64:03:55:e3:7e:db:47:61:4a:90:61:3a:b1:d7:99:
                    cd:1e:38:c4:b5:b2:d2:7f:82:f8:9f:71:9e:ce:df:
                    d4:ca:8b:7a:f5:53:60:a2:21:b2:12:da:77:cb:94:
                    ea:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:93:38:E6:60:58:04:89:11:6A:5F:74:36:A0:33:A1:B7:07:E0:18
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3230392e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:c3:8d:27:7f:80:fc:70:aa:3d:b5:35:82:81:f9:85:a7:32:
         76:bf:26:38:21:4d:2c:ed:81:be:ca:d1:9a:3b:55:57:b4:c9:
         8b:0f:82:50:e8:09:b2:1f:81:dd:94:15:72:dd:62:33:9f:ab:
         c8:32:f3:d7:ad:e0:e2:d4:70:99:09:93:2d:84:fb:be:7d:72:
         0c:61:87:22:19:a0:23:c0:d7:2a:11:90:24:12:f4:4d:a0:e7:
         b3:f3:57:11:d6:94:fb:49:42:92:13:29:7b:fc:86:91:2c:f9:
         a1:4d:2b:2c:8b:78:df:42:d0:f6:d0:43:50:7e:b9:7b:32:40:
         b4:63:37:b2:30:05:38:84:73:59:24:37:f4:2b:4f:e7:8a:75:
         da:b3:70:bf:49:2b:70:f7:a0:5e:a0:12:71:73:dd:29:3f:c9:
         c3:d4:9a:3d:19:47:0e:f6:4e:4a:99:41:b2:76:e6:3c:57:ca:
         11:b7:f5:ce:7a:dd:7b:6b:eb:9b:d4:36:57:e7:43:28:64:6f:
         44:9a:6e:e1:c3:6d:6b:85:fb:9d:64:e3:88:6d:2e:72:53:e1:
         c8:e3:2d:ab:86:c7:f1:f0:0e:8b:e7:31:ef:c4:6c:33:2a:37:
         fd:a8:5d:a4:50:01:85:f7:f7:ee:36:5a:a3:13:79:20:8a:08:
         48:52:5d:fd
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUDpAuxI4Mq82qdeKRauYHqLe3D9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDBaFw0yMjA5MzAwMDAwNDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzIwNTJCNDQyREI3MDg4MzZE
MDc0OUFGMzNDREUzNkRGMjFFMzUzRUNCQUVFMkE0RURCRDA4NTMwQjg0QThEMzVC
NDExN0E0QzhCRjdDQzhCRDZCMjZFRkEzNjU1MUVFQ0E1MjIyNzRCMkJGNDIxNTk3
OUZCMkYyRDk1NTA1NThDQjI4MEQ3RDg0NDhGNkU5RkU1NTBGREE3OTAyNEY4Qjc4
RjgyNDkwOTU2RkM4RjkxNzJCNjBGN0Y1ODMwN0VFQzE5RjJCNjlGODE4RTZFMzY3
MEQ3NjZEMjg2NDczMDNBOTJCOUMxNjMwMTE4QzBGRkUxNDJEMUQ0OEM1QTkwNTY0
NEJGMDJEMkUzODVFRUU2MTM1Qzc4NjQ3RTIzMkM3OTJENzQzODkzMEMyQUNEMUU1
NkZEM0M2NENBQjNEMTJBQzEwQjc2NDNEOEM5ODcxNkRGNzJBMzlFOEZCQ0IyOTVE
MTc0NjAyNDEzOUZCMkRGQUNENjlCNDgwRDI1NzU2QzY3NzA0RDVGQ0IwRDc0NDQ3
QjNCQTVFNkU2MUREMjI0MjY0MDM1NUUzN0VEQjQ3NjE0QTkwNjEzQUIxRDc5OUNE
MUUzOEM0QjVCMkQyN0Y4MkY4OUY3MTlFQ0VERkQ0Q0E4QjdBRjU1MzYwQTIyMUIy
MTJEQTc3Q0I5NEVBMjMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwgUrRC23CINtB0mvM83jbfIeNT7LruKk7b0IUwuEqNNbQRekyL98
yL1rJu+jZVHuylIidLK/QhWXn7Ly2VUFWMsoDX2ESPbp/lUP2nkCT4t4+CSQlW/I
+RcrYPf1gwfuwZ8rafgY5uNnDXZtKGRzA6krnBYwEYwP/hQtHUjFqQVkS/AtLjhe
7mE1x4ZH4jLHktdDiTDCrNHlb9PGTKs9EqwQt2Q9jJhxbfcqOej7yyldF0YCQTn7
LfrNabSA0ldWxncE1fyw10RHs7pebmHdIkJkA1XjfttHYUqQYTqx15nNHjjEtbLS
f4L4n3Gezt/Uyot69VNgoiGyEtp3y5TqIwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FC2TOOZgWASJEWpfdDagM6G3B+AYMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzMDM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb90TANBgkqhkiG9w0BAQsFAAOCAQEANcONJ3+A
/HCqPbU1goH5hacydr8mOCFNLO2BvsrRmjtVV7TJiw+CUOgJsh+B3ZQVct1iM5+r
yDLz163g4tRwmQmTLYT7vn1yDGGHIhmgI8DXKhGQJBL0TaDns/NXEdaU+0lCkhMp
e/yGkSz5oU0rLIt430LQ9tBDUH65ezJAtGM3sjAFOIRzWSQ39CtP54p12rNwv0kr
cPegXqAScXPdKT/Jw9SaPRlHDvZOSplBsnbmPFfKEbf1znrde2vrm9Q2V+dDKGRv
RJpu4cNta4X7nWTjiG0uclPhyOMtq4bH8fAOi+cx78RsMyo3/ahdpFABhff37jZa
oxN5IIoISFJd/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:03 2024 by rpki-client on console-fra.rpki-client.org