Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e34302e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e34302e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          C8pcc4sh5R8r+q/NLX8xKCsg8lmILWWZWWz5GkMSpAA=
Subject key identifier:   DA:BA:29:34:93:5A:AA:EA:EE:64:75:AE:92:F9:26:93:06:90:43:F6
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       5651CA88BD5EDDC65654346F9939EA60A87EB7E9
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e34302e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 20 Jan 2022 13:00:00 +0000
ROA not before:           Thu 20 Jan 2022 12:55:00 +0000
ROA not after:            Fri 20 Jan 2023 13:00:00 +0000
asID:                     17451
IP address blocks:        182.253.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:51:ca:88:bd:5e:dd:c6:56:54:34:6f:99:39:ea:60:a8:7e:b7:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Jan 20 12:55:00 2022 GMT
            Not After : Jan 20 13:00:00 2023 GMT
        Subject: CN=3082010A0282010100B42D50BD3420C71972D00211B726F03D7B5DB5A42A68D8070AA09084A4831CAE9C801C5D4497FC64939D139CD10745298E58CE82EE8632F623A6FA06D0E6ABEBA7FA3D70322547A1ACB84B7332B4FDE7737EF22FBA62EA1D90E0607CCE65154606E6EAA9D610BBCA2DAE6BE6F3A59A05703470AB45D69374CC0E2E6D23921A0EF2DDD2EB4040B5A7DAB1830F2B55EA6A5C2A4169E145DE0314B63293BAB231186896B181C4D87A94C69C24727CB0D806DB27179CD433F814B1A9FD9505EA236D43B4C61DC4178515240DDF423866FF8B64EBC93205967015D312F90A846B8E94F88EEC8660B20E9AD478C077C42E044FECEFE0026668319C9A60AED6C0170D590203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2d:50:bd:34:20:c7:19:72:d0:02:11:b7:26:
                    f0:3d:7b:5d:b5:a4:2a:68:d8:07:0a:a0:90:84:a4:
                    83:1c:ae:9c:80:1c:5d:44:97:fc:64:93:9d:13:9c:
                    d1:07:45:29:8e:58:ce:82:ee:86:32:f6:23:a6:fa:
                    06:d0:e6:ab:eb:a7:fa:3d:70:32:25:47:a1:ac:b8:
                    4b:73:32:b4:fd:e7:73:7e:f2:2f:ba:62:ea:1d:90:
                    e0:60:7c:ce:65:15:46:06:e6:ea:a9:d6:10:bb:ca:
                    2d:ae:6b:e6:f3:a5:9a:05:70:34:70:ab:45:d6:93:
                    74:cc:0e:2e:6d:23:92:1a:0e:f2:dd:d2:eb:40:40:
                    b5:a7:da:b1:83:0f:2b:55:ea:6a:5c:2a:41:69:e1:
                    45:de:03:14:b6:32:93:ba:b2:31:18:68:96:b1:81:
                    c4:d8:7a:94:c6:9c:24:72:7c:b0:d8:06:db:27:17:
                    9c:d4:33:f8:14:b1:a9:fd:95:05:ea:23:6d:43:b4:
                    c6:1d:c4:17:85:15:24:0d:df:42:38:66:ff:8b:64:
                    eb:c9:32:05:96:70:15:d3:12:f9:0a:84:6b:8e:94:
                    f8:8e:ec:86:60:b2:0e:9a:d4:78:c0:77:c4:2e:04:
                    4f:ec:ef:e0:02:66:68:31:9c:9a:60:ae:d6:c0:17:
                    0d:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:BA:29:34:93:5A:AA:EA:EE:64:75:AE:92:F9:26:93:06:90:43:F6
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e34302e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:e0:7b:f4:a3:34:74:1a:62:8f:a1:b7:3e:3b:fd:f9:e2:e0:
         45:0e:b6:2e:aa:65:f3:24:f1:70:c6:96:3b:f5:d5:53:88:28:
         0f:81:5a:66:95:3b:60:a9:4f:1a:d3:dd:77:17:ad:45:81:c8:
         70:b5:b7:ae:fd:27:0b:22:c5:05:c3:70:60:c1:ed:67:05:01:
         a7:bf:87:09:ea:45:0f:98:8d:ce:69:47:5a:9f:0e:42:1e:9c:
         28:19:54:ff:20:98:1a:00:34:3f:b8:1f:02:4e:52:63:d5:e1:
         ba:f8:a4:55:7b:7c:09:58:9d:7b:4f:33:42:a6:94:17:7b:8e:
         85:2e:27:61:9a:68:21:2f:d5:b6:86:cd:8b:9c:59:96:fe:99:
         81:c3:02:b7:01:fa:dc:9e:f6:ec:5d:6a:c4:90:57:e2:a3:b1:
         1a:84:22:ea:d4:0d:f0:98:71:2d:03:ab:52:63:db:56:7c:fd:
         df:35:6a:d7:4c:da:47:1d:77:15:3d:64:d7:00:c3:6d:77:60:
         3b:5a:66:3c:81:40:d5:2c:f2:d8:b6:dc:72:63:d1:8d:5d:8b:
         c3:05:87:c6:c7:20:9b:5e:1b:44:e9:1b:b0:60:00:dd:15:60:
         b0:ee:37:19:0f:62:69:8a:ba:9c:e9:a1:1e:65:79:61:2e:38:
         e4:c1:f1:e0
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUVlHKiL1e3cZWVDRvmTnqYKh+t+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMjAxMjAxMjU1MDBaFw0yMzAxMjAxMzAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjQyRDUwQkQzNDIwQzcxOTcy
RDAwMjExQjcyNkYwM0Q3QjVEQjVBNDJBNjhEODA3MEFBMDkwODRBNDgzMUNBRTlD
ODAxQzVENDQ5N0ZDNjQ5MzlEMTM5Q0QxMDc0NTI5OEU1OENFODJFRTg2MzJGNjIz
QTZGQTA2RDBFNkFCRUJBN0ZBM0Q3MDMyMjU0N0ExQUNCODRCNzMzMkI0RkRFNzcz
N0VGMjJGQkE2MkVBMUQ5MEUwNjA3Q0NFNjUxNTQ2MDZFNkVBQTlENjEwQkJDQTJE
QUU2QkU2RjNBNTlBMDU3MDM0NzBBQjQ1RDY5Mzc0Q0MwRTJFNkQyMzkyMUEwRUYy
REREMkVCNDA0MEI1QTdEQUIxODMwRjJCNTVFQTZBNUMyQTQxNjlFMTQ1REUwMzE0
QjYzMjkzQkFCMjMxMTg2ODk2QjE4MUM0RDg3QTk0QzY5QzI0NzI3Q0IwRDgwNkRC
MjcxNzlDRDQzM0Y4MTRCMUE5RkQ5NTA1RUEyMzZENDNCNEM2MURDNDE3ODUxNTI0
MERERjQyMzg2NkZGOEI2NEVCQzkzMjA1OTY3MDE1RDMxMkY5MEE4NDZCOEU5NEY4
OEVFQzg2NjBCMjBFOUFENDc4QzA3N0M0MkUwNDRGRUNFRkUwMDI2NjY4MzE5QzlB
NjBBRUQ2QzAxNzBENTkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAtC1QvTQgxxly0AIRtybwPXtdtaQqaNgHCqCQhKSDHK6cgBxdRJf8
ZJOdE5zRB0UpjljOgu6GMvYjpvoG0Oar66f6PXAyJUehrLhLczK0/edzfvIvumLq
HZDgYHzOZRVGBubqqdYQu8otrmvm86WaBXA0cKtF1pN0zA4ubSOSGg7y3dLrQEC1
p9qxgw8rVepqXCpBaeFF3gMUtjKTurIxGGiWsYHE2HqUxpwkcnyw2AbbJxec1DP4
FLGp/ZUF6iNtQ7TGHcQXhRUkDd9COGb/i2TryTIFlnAV0xL5CoRrjpT4juyGYLIO
mtR4wHfELgRP7O/gAmZoMZyaYK7WwBcNWQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FNq6KTSTWqrq7mR1rpL5JpMGkEP2MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAC2/SgwDQYJKoZIhvcNAQELBQADggEBAFTge/SjNHQa
Yo+htz47/fni4EUOti6qZfMk8XDGljv11VOIKA+BWmaVO2CpTxrT3XcXrUWByHC1
t679JwsixQXDcGDB7WcFAae/hwnqRQ+Yjc5pR1qfDkIenCgZVP8gmBoAND+4HwJO
UmPV4br4pFV7fAlYnXtPM0KmlBd7joUuJ2GaaCEv1baGzYucWZb+mYHDArcB+tye
9uxdasSQV+KjsRqEIurUDfCYcS0Dq1Jj21Z8/d81atdM2kcddxU9ZNcAw213YDta
ZjyBQNUs8ti23HJj0Y1di8MFh8bHIJteG0TpG7BgAN0VYLDuNxkPYmmKupzpoR5l
eWEuOOTB8eA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:03 2024 by rpki-client on console-fra.rpki-client.org