Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e382e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e382e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          KSftrZJYdLhuT3T/7VV56645XPif2FpkbYjC4jIuetY=
Subject key identifier:   30:51:8A:57:86:60:52:A4:34:C7:9D:59:66:50:05:E4:64:E1:85:04
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       1C12073D67AA58D81B6D3E0E5058CD1047542E74
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e382e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:09 +0000
ROA not before:           Wed 29 Sep 2021 23:55:09 +0000
ROA not after:            Fri 30 Sep 2022 00:00:09 +0000
asID:                     17451
IP address blocks:        182.253.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:12:07:3d:67:aa:58:d8:1b:6d:3e:0e:50:58:cd:10:47:54:2e:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:09 2021 GMT
            Not After : Sep 30 00:00:09 2022 GMT
        Subject: CN=3082010A0282010100B06C3F8062AAD1077E802EA118AFDE41DEAD1420A7D6246326A69922A7B619282CD27F3E3493AA5D9BFE9DCF6C8ED47EA7B400E650577CD507C41724FF4F27784D48A70E42E8519A04F168AC24674738AB1EACE2B1DF5DFCA7262C21A6ECACF2F5DC56B8492B2F41795F90534B87A4E9FEB01FD9DFFD36312067A4B82E29E4A284383318FAD053F95325236A7BE337B389A9591A1CCE4B0C1870FF64014BC493A8DFBE019C80919771EAEA403050EF4C59D6E41E927854E8352C3A492B9B737EDF7B2EEB8D6AFD1FEB7A389B78DEED946FED2009A4A814FF4F00BD761F8662B3B67B0AEA26A2AFA9E33E7443984AE9E110F9A74A1AD50FBD8515BDF93B8D5D8D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6c:3f:80:62:aa:d1:07:7e:80:2e:a1:18:af:
                    de:41:de:ad:14:20:a7:d6:24:63:26:a6:99:22:a7:
                    b6:19:28:2c:d2:7f:3e:34:93:aa:5d:9b:fe:9d:cf:
                    6c:8e:d4:7e:a7:b4:00:e6:50:57:7c:d5:07:c4:17:
                    24:ff:4f:27:78:4d:48:a7:0e:42:e8:51:9a:04:f1:
                    68:ac:24:67:47:38:ab:1e:ac:e2:b1:df:5d:fc:a7:
                    26:2c:21:a6:ec:ac:f2:f5:dc:56:b8:49:2b:2f:41:
                    79:5f:90:53:4b:87:a4:e9:fe:b0:1f:d9:df:fd:36:
                    31:20:67:a4:b8:2e:29:e4:a2:84:38:33:18:fa:d0:
                    53:f9:53:25:23:6a:7b:e3:37:b3:89:a9:59:1a:1c:
                    ce:4b:0c:18:70:ff:64:01:4b:c4:93:a8:df:be:01:
                    9c:80:91:97:71:ea:ea:40:30:50:ef:4c:59:d6:e4:
                    1e:92:78:54:e8:35:2c:3a:49:2b:9b:73:7e:df:7b:
                    2e:eb:8d:6a:fd:1f:eb:7a:38:9b:78:de:ed:94:6f:
                    ed:20:09:a4:a8:14:ff:4f:00:bd:76:1f:86:62:b3:
                    b6:7b:0a:ea:26:a2:af:a9:e3:3e:74:43:98:4a:e9:
                    e1:10:f9:a7:4a:1a:d5:0f:bd:85:15:bd:f9:3b:8d:
                    5d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:51:8A:57:86:60:52:A4:34:C7:9D:59:66:50:05:E4:64:E1:85:04
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e382e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:95:e9:f9:dc:d6:69:13:41:7d:b7:c0:4c:e2:16:ac:7a:d3:
         81:96:9a:66:18:60:5a:53:28:fe:64:9f:6e:40:1d:2f:35:88:
         c5:91:19:cb:e5:d0:86:c2:84:62:a5:b3:90:6c:fc:4d:0e:e6:
         fe:84:59:ad:8d:c6:6c:74:97:ce:5f:72:36:a4:38:46:67:b5:
         f9:e1:6d:2b:12:7e:70:4f:54:4e:09:84:51:f8:42:00:36:05:
         22:48:5e:f6:15:59:28:48:44:0c:39:43:d5:6e:0e:d9:55:22:
         ab:b2:35:91:fd:ca:73:a4:7b:9c:1d:43:8e:8f:72:9e:7f:c2:
         4b:97:9b:de:19:aa:11:ee:e5:a4:9a:94:a3:45:dd:73:97:95:
         1f:30:3c:df:67:69:2d:48:4b:7b:e7:45:73:9e:85:19:2f:c6:
         0e:3b:6b:e5:d9:31:81:70:dc:07:96:31:ff:60:1a:4b:4c:ea:
         7a:a2:2c:67:44:c6:c1:4e:d5:f1:2b:e5:75:06:aa:15:ac:cb:
         13:fc:bf:75:c5:3b:f7:66:5d:d2:74:b6:b0:94:7d:8b:6a:7b:
         d7:7b:43:de:e4:f4:9b:fa:41:ea:8b:d6:d3:de:25:cb:c4:67:
         a5:91:dc:65:59:fb:74:1d:6b:38:2f:67:6f:9c:6c:6c:cd:00:
         4f:3e:3c:67
-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgIUHBIHPWeqWNgbbT4OUFjNEEdULnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MDlaFw0yMjA5MzAwMDAwMDlaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjA2QzNGODA2MkFBRDEwNzdF
ODAyRUExMThBRkRFNDFERUFEMTQyMEE3RDYyNDYzMjZBNjk5MjJBN0I2MTkyODJD
RDI3RjNFMzQ5M0FBNUQ5QkZFOURDRjZDOEVENDdFQTdCNDAwRTY1MDU3N0NENTA3
QzQxNzI0RkY0RjI3Nzg0RDQ4QTcwRTQyRTg1MTlBMDRGMTY4QUMyNDY3NDczOEFC
MUVBQ0UyQjFERjVERkNBNzI2MkMyMUE2RUNBQ0YyRjVEQzU2Qjg0OTJCMkY0MTc5
NUY5MDUzNEI4N0E0RTlGRUIwMUZEOURGRkQzNjMxMjA2N0E0QjgyRTI5RTRBMjg0
MzgzMzE4RkFEMDUzRjk1MzI1MjM2QTdCRTMzN0IzODlBOTU5MUExQ0NFNEIwQzE4
NzBGRjY0MDE0QkM0OTNBOERGQkUwMTlDODA5MTk3NzFFQUVBNDAzMDUwRUY0QzU5
RDZFNDFFOTI3ODU0RTgzNTJDM0E0OTJCOUI3MzdFREY3QjJFRUI4RDZBRkQxRkVC
N0EzODlCNzhERUVEOTQ2RkVEMjAwOUE0QTgxNEZGNEYwMEJENzYxRjg2NjJCM0I2
N0IwQUVBMjZBMkFGQTlFMzNFNzQ0Mzk4NEFFOUUxMTBGOUE3NEExQUQ1MEZCRDg1
MTVCREY5M0I4RDVEOEQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsGw/gGKq0Qd+gC6hGK/eQd6tFCCn1iRjJqaZIqe2GSgs0n8+NJOq
XZv+nc9sjtR+p7QA5lBXfNUHxBck/08neE1Ipw5C6FGaBPForCRnRzirHqzisd9d
/KcmLCGm7Kzy9dxWuEkrL0F5X5BTS4ek6f6wH9nf/TYxIGekuC4p5KKEODMY+tBT
+VMlI2p74zezialZGhzOSwwYcP9kAUvEk6jfvgGcgJGXcerqQDBQ70xZ1uQeknhU
6DUsOkkrm3N+33su641q/R/rejibeN7tlG/tIAmkqBT/TwC9dh+GYrO2ewrqJqKv
qeM+dEOYSunhEPmnShrVD72FFb35O41djQIDAQABo4ICMDCCAiwwHQYDVR0OBBYE
FDBRileGYFKkNMedWWZQBeRk4YUEMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGgBggrBgEFBQcB
CwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM3MzQz
NTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAtv0IMA0GCSqGSIb3DQEBCwUAA4IBAQBflen53NZpE0F9
t8BM4hasetOBlppmGGBaUyj+ZJ9uQB0vNYjFkRnL5dCGwoRipbOQbPxNDub+hFmt
jcZsdJfOX3I2pDhGZ7X54W0rEn5wT1ROCYRR+EIANgUiSF72FVkoSEQMOUPVbg7Z
VSKrsjWR/cpzpHucHUOOj3Kef8JLl5veGaoR7uWkmpSjRd1zl5UfMDzfZ2ktSEt7
50VznoUZL8YOO2vl2TGBcNwHljH/YBpLTOp6oixnRMbBTtXxK+V1BqoVrMsT/L91
xTv3Zl3SdLawlH2LanvXe0Pe5PSb+kHqi9bT3iXLxGelkdxlWft0HWs4L2dvnGxs
zQBPPjxn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org