Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e37372e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e37372e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          T8spfmjQziVvuEoIVjZbWBca6h/RkjK7XVUjhroeNYs=
Subject key identifier:   A5:9F:55:57:1A:CD:D8:FD:42:6A:FA:42:02:CA:D2:74:A5:81:11:EC
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       4848BDF23946F9A6ED4998F38224BF147392C209
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e37372e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:42 +0000
ROA not before:           Wed 29 Sep 2021 23:55:42 +0000
ROA not after:            Fri 30 Sep 2022 00:00:42 +0000
asID:                     17451
IP address blocks:        182.253.77.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:48:bd:f2:39:46:f9:a6:ed:49:98:f3:82:24:bf:14:73:92:c2:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:42 2021 GMT
            Not After : Sep 30 00:00:42 2022 GMT
        Subject: CN=3082010A0282010100F801505E12E33E3D0138054576D36DA27F343E565D116103AF66745B674A74AD699ADFDF179984AA98BDA61A484CDD36DE2765413DE372D9ACD488E4CD09B9C943839C246A2A1CA123A4B598DA016708EA8C704E14AF123C3693532BFD0ED5E3DA669656AAFB0D6D60A55D2AD15AD4E5ED14E948A159D6F2F575A4DA5CAF0008AFA988665C62BAE9180A2162E8CD0B2CC91B60895BD34F66BAB85FFC54FB5AE17D663E23F66DE1FCE1858ED9DD145FA010382203E65C5FBDC4114D588B70D080893FA41BE577797A21FDADBF50A86ADD96FAD8F37A3F8E6BF368E7D38AF94525F828BA18E0F28113E52B23E618C536D142E5B7E77870E466BD10989EAC9C52BF0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:01:50:5e:12:e3:3e:3d:01:38:05:45:76:d3:
                    6d:a2:7f:34:3e:56:5d:11:61:03:af:66:74:5b:67:
                    4a:74:ad:69:9a:df:df:17:99:84:aa:98:bd:a6:1a:
                    48:4c:dd:36:de:27:65:41:3d:e3:72:d9:ac:d4:88:
                    e4:cd:09:b9:c9:43:83:9c:24:6a:2a:1c:a1:23:a4:
                    b5:98:da:01:67:08:ea:8c:70:4e:14:af:12:3c:36:
                    93:53:2b:fd:0e:d5:e3:da:66:96:56:aa:fb:0d:6d:
                    60:a5:5d:2a:d1:5a:d4:e5:ed:14:e9:48:a1:59:d6:
                    f2:f5:75:a4:da:5c:af:00:08:af:a9:88:66:5c:62:
                    ba:e9:18:0a:21:62:e8:cd:0b:2c:c9:1b:60:89:5b:
                    d3:4f:66:ba:b8:5f:fc:54:fb:5a:e1:7d:66:3e:23:
                    f6:6d:e1:fc:e1:85:8e:d9:dd:14:5f:a0:10:38:22:
                    03:e6:5c:5f:bd:c4:11:4d:58:8b:70:d0:80:89:3f:
                    a4:1b:e5:77:79:7a:21:fd:ad:bf:50:a8:6a:dd:96:
                    fa:d8:f3:7a:3f:8e:6b:f3:68:e7:d3:8a:f9:45:25:
                    f8:28:ba:18:e0:f2:81:13:e5:2b:23:e6:18:c5:36:
                    d1:42:e5:b7:e7:78:70:e4:66:bd:10:98:9e:ac:9c:
                    52:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:9F:55:57:1A:CD:D8:FD:42:6A:FA:42:02:CA:D2:74:A5:81:11:EC
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e37372e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:32:75:80:d5:06:22:f2:d4:4a:12:9a:9c:75:12:fc:19:61:
         44:d3:6e:0d:2f:62:e1:d9:a9:06:18:96:7e:e0:5c:11:94:4d:
         f5:14:ad:75:38:0a:2d:ca:14:f0:f0:b2:ff:18:d2:af:c5:c2:
         fd:bf:81:0a:f2:fc:a9:78:e2:4c:2a:9c:16:7c:b3:1d:c3:15:
         d7:f1:0c:bb:6e:04:ad:91:d4:e1:20:26:fe:52:da:01:3e:71:
         66:3a:46:55:fe:d5:45:72:4a:4d:5b:12:89:e5:40:ec:96:62:
         f2:a1:ff:5f:f1:cc:1a:37:ce:97:6c:11:cc:75:59:bb:d0:1b:
         59:cb:3d:f2:4f:b6:a0:8c:68:57:50:8a:0a:19:e8:06:bf:6b:
         79:42:9f:f6:b9:ee:d4:75:ef:7f:cf:e5:39:3a:f6:8d:1e:5d:
         f6:86:57:13:77:64:60:1c:c9:a2:76:50:be:75:db:6f:59:49:
         62:83:8a:46:d9:a1:95:9c:02:35:61:e8:c9:20:bf:07:5e:30:
         ae:08:c5:98:f6:bc:19:20:6c:6a:4b:96:a3:77:1e:c5:35:6e:
         f8:4d:15:56:04:f6:72:a0:cd:7e:0f:06:c3:3d:b6:e9:7c:69:
         0c:f4:42:33:6f:fd:81:31:de:ef:21:bb:97:da:50:a4:72:ad:
         db:13:6f:b6
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUSEi98jlG+abtSZjzgiS/FHOSwgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDJaFw0yMjA5MzAwMDAwNDJaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRjgwMTUwNUUxMkUzM0UzRDAx
MzgwNTQ1NzZEMzZEQTI3RjM0M0U1NjVEMTE2MTAzQUY2Njc0NUI2NzRBNzRBRDY5
OUFERkRGMTc5OTg0QUE5OEJEQTYxQTQ4NENERDM2REUyNzY1NDEzREUzNzJEOUFD
RDQ4OEU0Q0QwOUI5Qzk0MzgzOUMyNDZBMkExQ0ExMjNBNEI1OThEQTAxNjcwOEVB
OEM3MDRFMTRBRjEyM0MzNjkzNTMyQkZEMEVENUUzREE2Njk2NTZBQUZCMEQ2RDYw
QTU1RDJBRDE1QUQ0RTVFRDE0RTk0OEExNTlENkYyRjU3NUE0REE1Q0FGMDAwOEFG
QTk4ODY2NUM2MkJBRTkxODBBMjE2MkU4Q0QwQjJDQzkxQjYwODk1QkQzNEY2NkJB
Qjg1RkZDNTRGQjVBRTE3RDY2M0UyM0Y2NkRFMUZDRTE4NThFRDlERDE0NUZBMDEw
MzgyMjAzRTY1QzVGQkRDNDExNEQ1ODhCNzBEMDgwODkzRkE0MUJFNTc3Nzk3QTIx
RkRBREJGNTBBODZBREQ5NkZBRDhGMzdBM0Y4RTZCRjM2OEU3RDM4QUY5NDUyNUY4
MjhCQTE4RTBGMjgxMTNFNTJCMjNFNjE4QzUzNkQxNDJFNUI3RTc3ODcwRTQ2NkJE
MTA5ODlFQUM5QzUyQkYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA+AFQXhLjPj0BOAVFdtNton80PlZdEWEDr2Z0W2dKdK1pmt/fF5mE
qpi9phpITN023idlQT3jctms1IjkzQm5yUODnCRqKhyhI6S1mNoBZwjqjHBOFK8S
PDaTUyv9DtXj2maWVqr7DW1gpV0q0VrU5e0U6UihWdby9XWk2lyvAAivqYhmXGK6
6RgKIWLozQssyRtgiVvTT2a6uF/8VPta4X1mPiP2beH84YWO2d0UX6AQOCID5lxf
vcQRTViLcNCAiT+kG+V3eXoh/a2/UKhq3Zb62PN6P45r82jn04r5RSX4KLoY4PKB
E+UrI+YYxTbRQuW353hw5Ga9EJierJxSvwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FKWfVVcazdj9Qmr6QgLK0nSlgRHsMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzczNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAC2/U0wDQYJKoZIhvcNAQELBQADggEBAIIydYDVBiLy
1EoSmpx1EvwZYUTTbg0vYuHZqQYYln7gXBGUTfUUrXU4Ci3KFPDwsv8Y0q/Fwv2/
gQry/Kl44kwqnBZ8sx3DFdfxDLtuBK2R1OEgJv5S2gE+cWY6RlX+1UVySk1bEonl
QOyWYvKh/1/xzBo3zpdsEcx1WbvQG1nLPfJPtqCMaFdQigoZ6Aa/a3lCn/a57tR1
73/P5Tk69o0eXfaGVxN3ZGAcyaJ2UL51229ZSWKDikbZoZWcAjVh6MkgvwdeMK4I
xZj2vBkgbGpLlqN3HsU1bvhNFVYE9nKgzX4PBsM9tul8aQz0QjNv/YEx3u8hu5fa
UKRyrdsTb7Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:03 2024 by rpki-client on console-fra.rpki-client.org