Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3235342e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e3235342e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          u4XnW2DaUuhkv0imJQaxnSLB7GOWfW5BoK+duDrQIdA=
Subject key identifier:   8E:28:68:3D:04:CF:64:82:AE:2E:16:54:C0:1C:98:86:07:EE:02:4A
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       0F317C04B4434C82010EAA16FF90F7DC4353BDA9
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3235342e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:06 +0000
ROA not before:           Wed 29 Sep 2021 23:56:06 +0000
ROA not after:            Fri 30 Sep 2022 00:01:06 +0000
asID:                     17451
IP address blocks:        182.253.254.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:31:7c:04:b4:43:4c:82:01:0e:aa:16:ff:90:f7:dc:43:53:bd:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:06 2021 GMT
            Not After : Sep 30 00:01:06 2022 GMT
        Subject: CN=3082010A02820101009A3DC8E6FF90FA3A89CE29AEC09A6B97401BB0DDAC1FAC0CE59D6148F500F3914583210B3A1DDE43823704FC250FE0DF9ACF1E8D14B9CC5FDB26BFBC26F730EC747D4763FFED363B87987E055C3C3532424412E2564DE85E4E21A04870BA092022C5C599A6764B19D7BB332F3E20D8EBD55259250FBEF6B39CB3AE545BC69752DC9DF76C549EAEA51A321E7E2FFCA485A0CE87C519765B16436D5A672152689B28D6C412E10786E3DF7DA3B564AB95BA37BA442A7FB10C5B8B35AE07AD9D3DA69CD923618EAC4CBDCCEC7A251CAC79D30EB9BBAAE371447CD0DA37FF1BB66B8371C7545415C5A71908A212B6E7A601FEF06FFE112CC40FCF44EF468D82EC34810203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:3d:c8:e6:ff:90:fa:3a:89:ce:29:ae:c0:9a:
                    6b:97:40:1b:b0:dd:ac:1f:ac:0c:e5:9d:61:48:f5:
                    00:f3:91:45:83:21:0b:3a:1d:de:43:82:37:04:fc:
                    25:0f:e0:df:9a:cf:1e:8d:14:b9:cc:5f:db:26:bf:
                    bc:26:f7:30:ec:74:7d:47:63:ff:ed:36:3b:87:98:
                    7e:05:5c:3c:35:32:42:44:12:e2:56:4d:e8:5e:4e:
                    21:a0:48:70:ba:09:20:22:c5:c5:99:a6:76:4b:19:
                    d7:bb:33:2f:3e:20:d8:eb:d5:52:59:25:0f:be:f6:
                    b3:9c:b3:ae:54:5b:c6:97:52:dc:9d:f7:6c:54:9e:
                    ae:a5:1a:32:1e:7e:2f:fc:a4:85:a0:ce:87:c5:19:
                    76:5b:16:43:6d:5a:67:21:52:68:9b:28:d6:c4:12:
                    e1:07:86:e3:df:7d:a3:b5:64:ab:95:ba:37:ba:44:
                    2a:7f:b1:0c:5b:8b:35:ae:07:ad:9d:3d:a6:9c:d9:
                    23:61:8e:ac:4c:bd:cc:ec:7a:25:1c:ac:79:d3:0e:
                    b9:bb:aa:e3:71:44:7c:d0:da:37:ff:1b:b6:6b:83:
                    71:c7:54:54:15:c5:a7:19:08:a2:12:b6:e7:a6:01:
                    fe:f0:6f:fe:11:2c:c4:0f:cf:44:ef:46:8d:82:ec:
                    34:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:28:68:3D:04:CF:64:82:AE:2E:16:54:C0:1C:98:86:07:EE:02:4A
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e3235342e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:3f:a0:7d:14:24:50:71:e6:92:5f:6c:69:cf:e3:02:93:17:
         31:33:89:48:b2:29:48:0c:2b:c3:98:3b:52:a1:cd:cd:95:c7:
         a9:8d:aa:93:a1:69:ff:35:58:31:cf:af:87:bc:bc:09:1f:18:
         dc:18:14:22:a4:d8:a0:78:9b:b5:4a:dc:95:c1:61:13:41:79:
         ab:70:75:e8:0f:b3:6d:51:4b:56:93:89:74:d0:fb:8e:2b:d2:
         3e:cf:c7:c5:24:30:3f:22:d2:20:ee:d6:54:f6:4c:19:d8:da:
         84:8a:8c:c2:ff:71:e6:fd:b9:83:4a:51:2d:36:3c:17:a0:7c:
         3f:29:a7:1f:2e:21:3a:15:e1:56:d8:4a:1f:b8:65:aa:40:0b:
         0e:04:4b:7d:2c:9a:fd:0b:d7:d7:e0:45:38:67:a2:8b:f5:47:
         33:ea:47:96:82:ea:a4:5b:ee:27:3b:1b:28:58:88:15:e1:a0:
         18:dc:f2:5d:b1:f7:30:08:59:f4:fc:da:90:fa:56:f0:a5:51:
         3d:f1:72:18:01:84:a6:43:69:c0:c1:be:2b:3e:d4:07:33:ba:
         02:49:eb:5d:cd:56:6d:d1:d4:0c:8c:8d:24:a1:7a:a0:66:5a:
         12:ec:04:82:02:a1:2a:e6:92:9b:88:81:1a:54:4e:81:1b:58:
         2f:84:c7:2d
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUDzF8BLRDTIIBDqoW/5D33ENTvakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MDZaFw0yMjA5MzAwMDAxMDZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwOUEzREM4RTZGRjkwRkEzQTg5
Q0UyOUFFQzA5QTZCOTc0MDFCQjBEREFDMUZBQzBDRTU5RDYxNDhGNTAwRjM5MTQ1
ODMyMTBCM0ExRERFNDM4MjM3MDRGQzI1MEZFMERGOUFDRjFFOEQxNEI5Q0M1RkRC
MjZCRkJDMjZGNzMwRUM3NDdENDc2M0ZGRUQzNjNCODc5ODdFMDU1QzNDMzUzMjQy
NDQxMkUyNTY0REU4NUU0RTIxQTA0ODcwQkEwOTIwMjJDNUM1OTlBNjc2NEIxOUQ3
QkIzMzJGM0UyMEQ4RUJENTUyNTkyNTBGQkVGNkIzOUNCM0FFNTQ1QkM2OTc1MkRD
OURGNzZDNTQ5RUFFQTUxQTMyMUU3RTJGRkNBNDg1QTBDRTg3QzUxOTc2NUIxNjQz
NkQ1QTY3MjE1MjY4OUIyOEQ2QzQxMkUxMDc4NkUzREY3REEzQjU2NEFCOTVCQTM3
QkE0NDJBN0ZCMTBDNUI4QjM1QUUwN0FEOUQzREE2OUNEOTIzNjE4RUFDNENCREND
RUM3QTI1MUNBQzc5RDMwRUI5QkJBQUUzNzE0NDdDRDBEQTM3RkYxQkI2NkI4Mzcx
Qzc1NDU0MTVDNUE3MTkwOEEyMTJCNkU3QTYwMUZFRjA2RkZFMTEyQ0M0MEZDRjQ0
RUY0NjhEODJFQzM0ODEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAmj3I5v+Q+jqJzimuwJprl0AbsN2sH6wM5Z1hSPUA85FFgyELOh3e
Q4I3BPwlD+Dfms8ejRS5zF/bJr+8Jvcw7HR9R2P/7TY7h5h+BVw8NTJCRBLiVk3o
Xk4hoEhwugkgIsXFmaZ2SxnXuzMvPiDY69VSWSUPvvaznLOuVFvGl1LcnfdsVJ6u
pRoyHn4v/KSFoM6HxRl2WxZDbVpnIVJomyjWxBLhB4bj332jtWSrlbo3ukQqf7EM
W4s1rgetnT2mnNkjYY6sTL3M7HolHKx50w65u6rjcUR80No3/xu2a4Nxx1RUFcWn
GQiiErbnpgH+8G/+ESzED89E70aNguw0gQIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FI4oaD0Ez2SCri4WVMAcmIYH7gJKMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzIzNTM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALb9/jANBgkqhkiG9w0BAQsFAAOCAQEAZD+gfRQk
UHHmkl9sac/jApMXMTOJSLIpSAwrw5g7UqHNzZXHqY2qk6Fp/zVYMc+vh7y8CR8Y
3BgUIqTYoHibtUrclcFhE0F5q3B16A+zbVFLVpOJdND7jivSPs/HxSQwPyLSIO7W
VPZMGdjahIqMwv9x5v25g0pRLTY8F6B8PymnHy4hOhXhVthKH7hlqkALDgRLfSya
/QvX1+BFOGeii/VHM+pHloLqpFvuJzsbKFiIFeGgGNzyXbH3MAhZ9PzakPpW8KVR
PfFyGAGEpkNpwMG+Kz7UBzO6AknrXc1WbdHUDIyNJKF6oGZaEuwEggKhKuaSm4iB
GlROgRtYL4THLQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org