Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e32322e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e32322e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          uRBNb0Rnk40gy050wPOWMSpalf1S6yaWJY/SCQo8fl8=
Subject key identifier:   25:A6:86:8B:65:3B:61:A3:16:02:0B:71:2B:7D:85:39:49:FD:19:20
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       38D2477765F6499A5E003C5676ED22D61F0305EB
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e32322e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:48 +0000
ROA not before:           Wed 29 Sep 2021 23:55:48 +0000
ROA not after:            Fri 30 Sep 2022 00:00:48 +0000
asID:                     17451
IP address blocks:        182.253.22.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:d2:47:77:65:f6:49:9a:5e:00:3c:56:76:ed:22:d6:1f:03:05:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:48 2021 GMT
            Not After : Sep 30 00:00:48 2022 GMT
        Subject: CN=3082010A0282010100A02DFC2D1A6F9C4271E2B07D6D8CAA5AC83C789C2CF120C23DEADC804240A4E55ACF60B3632F0B270634C707D119AEE3DCF073138777E9918C3F2863C0BB969F44853BA5BF3B268F1975E32B9FB3440E30149B9588B23B9486949A02CBCA1887ACF586868FC254D09609F7D26BC143EB0BFCFBC8A48EAE5926801E7011A24BDAFE6F6F00133006133B0B538AB010D941AEE334F73E053DB43085A0DD9BF438ADEC957D37653D871E3F26104DB5FAFDC48D0E9D205AF81A6666E7CA6F88E24E9CAD70ADCAF8D1077F41A4A044B8DDBD2B97A76809BFB0712B1B69C253327FA6F0C69AF0CDBC6FB4E122C132C01272F8E1E92B02FD80B8E6EECC752B0D8D13F5430203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:2d:fc:2d:1a:6f:9c:42:71:e2:b0:7d:6d:8c:
                    aa:5a:c8:3c:78:9c:2c:f1:20:c2:3d:ea:dc:80:42:
                    40:a4:e5:5a:cf:60:b3:63:2f:0b:27:06:34:c7:07:
                    d1:19:ae:e3:dc:f0:73:13:87:77:e9:91:8c:3f:28:
                    63:c0:bb:96:9f:44:85:3b:a5:bf:3b:26:8f:19:75:
                    e3:2b:9f:b3:44:0e:30:14:9b:95:88:b2:3b:94:86:
                    94:9a:02:cb:ca:18:87:ac:f5:86:86:8f:c2:54:d0:
                    96:09:f7:d2:6b:c1:43:eb:0b:fc:fb:c8:a4:8e:ae:
                    59:26:80:1e:70:11:a2:4b:da:fe:6f:6f:00:13:30:
                    06:13:3b:0b:53:8a:b0:10:d9:41:ae:e3:34:f7:3e:
                    05:3d:b4:30:85:a0:dd:9b:f4:38:ad:ec:95:7d:37:
                    65:3d:87:1e:3f:26:10:4d:b5:fa:fd:c4:8d:0e:9d:
                    20:5a:f8:1a:66:66:e7:ca:6f:88:e2:4e:9c:ad:70:
                    ad:ca:f8:d1:07:7f:41:a4:a0:44:b8:dd:bd:2b:97:
                    a7:68:09:bf:b0:71:2b:1b:69:c2:53:32:7f:a6:f0:
                    c6:9a:f0:cd:bc:6f:b4:e1:22:c1:32:c0:12:72:f8:
                    e1:e9:2b:02:fd:80:b8:e6:ee:cc:75:2b:0d:8d:13:
                    f5:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A6:86:8B:65:3B:61:A3:16:02:0B:71:2B:7D:85:39:49:FD:19:20
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e32322e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:db:10:b9:7e:55:2a:fb:dc:33:42:2c:6e:bf:bb:b2:09:1f:
         d2:de:0f:ab:bc:d3:e3:31:ce:40:ae:84:93:18:3a:3f:e8:c1:
         c3:1f:71:78:71:27:68:2c:e1:ce:d7:7b:8b:ed:b7:cb:2f:4b:
         1e:12:94:43:d7:d8:47:a2:c6:bb:c5:0c:09:56:9b:ca:a3:97:
         db:90:04:52:9d:6b:55:f0:da:d8:dc:44:67:39:12:45:12:40:
         75:9e:ca:1e:10:d5:02:27:db:fc:45:2f:06:81:0d:3b:d5:93:
         02:43:c7:a0:75:72:ac:18:70:bf:e6:e7:53:a0:af:21:fa:c9:
         46:9c:e8:34:1a:1b:31:95:50:0e:90:8c:60:fc:06:50:22:f7:
         bf:c0:c7:f0:2f:9c:9a:60:e2:09:5e:9a:03:23:26:d6:c8:d8:
         a6:fc:e2:1e:d6:c9:c8:02:24:7e:6f:2e:aa:5e:c6:d2:2a:0f:
         5e:de:47:65:88:97:82:1a:db:7b:f6:be:35:d5:3f:ae:05:1d:
         74:3f:eb:50:4a:ce:28:ee:b6:ce:d6:97:6a:40:63:a5:6d:e4:
         ff:4a:e6:ff:96:53:91:db:29:9a:e1:5f:13:8d:a8:96:d8:ce:
         89:10:e5:f8:2e:2f:cf:88:d2:48:a1:90:1f:0f:88:b9:cf:56:
         b1:24:ee:c9
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUONJHd2X2SZpeADxWdu0i1h8DBeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDhaFw0yMjA5MzAwMDAwNDhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQTAyREZDMkQxQTZGOUM0Mjcx
RTJCMDdENkQ4Q0FBNUFDODNDNzg5QzJDRjEyMEMyM0RFQURDODA0MjQwQTRFNTVB
Q0Y2MEIzNjMyRjBCMjcwNjM0QzcwN0QxMTlBRUUzRENGMDczMTM4Nzc3RTk5MThD
M0YyODYzQzBCQjk2OUY0NDg1M0JBNUJGM0IyNjhGMTk3NUUzMkI5RkIzNDQwRTMw
MTQ5Qjk1ODhCMjNCOTQ4Njk0OUEwMkNCQ0ExODg3QUNGNTg2ODY4RkMyNTREMDk2
MDlGN0QyNkJDMTQzRUIwQkZDRkJDOEE0OEVBRTU5MjY4MDFFNzAxMUEyNEJEQUZF
NkY2RjAwMTMzMDA2MTMzQjBCNTM4QUIwMTBEOTQxQUVFMzM0RjczRTA1M0RCNDMw
ODVBMEREOUJGNDM4QURFQzk1N0QzNzY1M0Q4NzFFM0YyNjEwNERCNUZBRkRDNDhE
MEU5RDIwNUFGODFBNjY2NkU3Q0E2Rjg4RTI0RTlDQUQ3MEFEQ0FGOEQxMDc3RjQx
QTRBMDQ0QjhEREJEMkI5N0E3NjgwOUJGQjA3MTJCMUI2OUMyNTMzMjdGQTZGMEM2
OUFGMENEQkM2RkI0RTEyMkMxMzJDMDEyNzJGOEUxRTkyQjAyRkQ4MEI4RTZFRUND
NzUyQjBEOEQxM0Y1NDMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAoC38LRpvnEJx4rB9bYyqWsg8eJws8SDCPercgEJApOVaz2CzYy8L
JwY0xwfRGa7j3PBzE4d36ZGMPyhjwLuWn0SFO6W/OyaPGXXjK5+zRA4wFJuViLI7
lIaUmgLLyhiHrPWGho/CVNCWCffSa8FD6wv8+8ikjq5ZJoAecBGiS9r+b28AEzAG
EzsLU4qwENlBruM09z4FPbQwhaDdm/Q4reyVfTdlPYcePyYQTbX6/cSNDp0gWvga
Zmbnym+I4k6crXCtyvjRB39BpKBEuN29K5enaAm/sHErG2nCUzJ/pvDGmvDNvG+0
4SLBMsAScvjh6SsC/YC45u7MdSsNjRP1QwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FCWmhotlO2GjFgILcSt9hTlJ/RkgMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAC2/RYwDQYJKoZIhvcNAQELBQADggEBAArbELl+VSr7
3DNCLG6/u7IJH9LeD6u80+MxzkCuhJMYOj/owcMfcXhxJ2gs4c7Xe4vtt8svSx4S
lEPX2EeixrvFDAlWm8qjl9uQBFKda1Xw2tjcRGc5EkUSQHWeyh4Q1QIn2/xFLwaB
DTvVkwJDx6B1cqwYcL/m51OgryH6yUac6DQaGzGVUA6QjGD8BlAi97/Ax/AvnJpg
4glemgMjJtbI2Kb84h7WycgCJH5vLqpextIqD17eR2WIl4Ia23v2vjXVP64FHXQ/
61BKzijuts7Wl2pAY6Vt5P9K5v+WU5HbKZrhXxONqJbYzokQ5fguL8+I0kihkB8P
iLnPVrEk7sk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org