Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e39302e302f32342d3234203d3e203137343531.roa
File:                     3138322e3235332e39302e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          XvKHoZ/SApCWFnllyn3FRvB9q+E4Y8Y/FVnaFcfRlZ4=
Subject key identifier:   F1:6C:12:E9:93:3A:52:F9:B0:8F:E5:6E:30:8E:84:3A:66:1F:76:AB
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       1AB74F50ED091EF268CEBF6CE085F7A9CF244A1B
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e39302e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:22 +0000
ROA not before:           Wed 29 Sep 2021 23:55:22 +0000
ROA not after:            Fri 30 Sep 2022 00:00:22 +0000
asID:                     17451
IP address blocks:        182.253.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:b7:4f:50:ed:09:1e:f2:68:ce:bf:6c:e0:85:f7:a9:cf:24:4a:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:22 2021 GMT
            Not After : Sep 30 00:00:22 2022 GMT
        Subject: CN=3082010A0282010100DE03AC0820F8D5A31DE4D47008576B0091AC8B1B1D475A0C1F7E1407A8316B639772199001D098941FC0E8889EBED8224A47DC656493F16EE1753856AF8D735B6E02FA1DE86E5CFA682F8B23BE0C6D3D76A381047945A259CB61F48AE4402F1715D4BB9DAA2937F62AD2EC0322CD7A1D617E02E9D0296DCA1503EE9AD73A21F844080F1BDAD09F88FCC090C241E1E828F249F5442EF5BA29909A7AE440817749ECCD4E577BF40B8F398B71955EC8AC5156B70627A28C69684F83BBBD9CF6FB01B8F61934F6E1CAE9AA5F0774E9F67D47E3812ECA3AB4897463B9DAE2363FDBC6CD0919E6518BE5BB75E05AA8000E4699F0F9F94BCE3155E401054E67379CE35F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:03:ac:08:20:f8:d5:a3:1d:e4:d4:70:08:57:
                    6b:00:91:ac:8b:1b:1d:47:5a:0c:1f:7e:14:07:a8:
                    31:6b:63:97:72:19:90:01:d0:98:94:1f:c0:e8:88:
                    9e:be:d8:22:4a:47:dc:65:64:93:f1:6e:e1:75:38:
                    56:af:8d:73:5b:6e:02:fa:1d:e8:6e:5c:fa:68:2f:
                    8b:23:be:0c:6d:3d:76:a3:81:04:79:45:a2:59:cb:
                    61:f4:8a:e4:40:2f:17:15:d4:bb:9d:aa:29:37:f6:
                    2a:d2:ec:03:22:cd:7a:1d:61:7e:02:e9:d0:29:6d:
                    ca:15:03:ee:9a:d7:3a:21:f8:44:08:0f:1b:da:d0:
                    9f:88:fc:c0:90:c2:41:e1:e8:28:f2:49:f5:44:2e:
                    f5:ba:29:90:9a:7a:e4:40:81:77:49:ec:cd:4e:57:
                    7b:f4:0b:8f:39:8b:71:95:5e:c8:ac:51:56:b7:06:
                    27:a2:8c:69:68:4f:83:bb:bd:9c:f6:fb:01:b8:f6:
                    19:34:f6:e1:ca:e9:aa:5f:07:74:e9:f6:7d:47:e3:
                    81:2e:ca:3a:b4:89:74:63:b9:da:e2:36:3f:db:c6:
                    cd:09:19:e6:51:8b:e5:bb:75:e0:5a:a8:00:0e:46:
                    99:f0:f9:f9:4b:ce:31:55:e4:01:05:4e:67:37:9c:
                    e3:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:6C:12:E9:93:3A:52:F9:B0:8F:E5:6E:30:8E:84:3A:66:1F:76:AB
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3138322e3235332e39302e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.253.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:19:09:2f:ec:5f:6b:51:c2:99:e4:3d:e9:a6:68:f2:86:13:
         68:bc:57:50:5a:66:bc:f1:5a:f3:80:57:18:86:83:0e:01:1b:
         ae:91:ff:83:58:b6:b3:75:4b:9b:e0:c5:26:ae:b4:f7:3a:01:
         c8:fe:e0:16:c0:a5:49:e8:b7:e2:4d:b0:c6:61:ce:1f:5a:88:
         ab:84:cc:00:65:2f:81:29:71:bf:49:92:e2:7f:69:85:e7:fc:
         3f:ed:fe:b7:e4:a6:8a:55:6f:fe:4c:b4:9a:80:9a:32:c5:28:
         1c:75:76:db:6a:ab:26:a3:23:b4:ea:75:d8:4f:53:ef:29:06:
         79:3b:12:c4:51:82:a4:a6:f9:92:8b:38:b2:d8:d2:44:78:14:
         cf:4d:f2:e0:bf:c0:37:73:7a:6f:27:32:08:fe:0b:1f:5a:55:
         ee:0a:c4:30:80:ae:d0:bd:c2:3f:29:60:0f:0e:59:25:53:12:
         da:7e:7b:c8:1d:cf:41:eb:2f:ce:dd:85:89:fc:c8:18:2f:b4:
         27:14:b5:6c:98:80:a0:36:6d:aa:e7:31:7c:69:38:a7:68:7d:
         f9:dc:9c:e9:93:00:82:63:92:65:87:e0:cb:e1:b6:5c:9a:71:
         6a:b9:1d:4f:86:7a:57:58:01:3d:2b:3f:e7:2f:1f:9c:22:aa:
         77:b4:b3:bb
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUGrdPUO0JHvJozr9s4IX3qc8kShswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjJaFw0yMjA5MzAwMDAwMjJaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwREUwM0FDMDgyMEY4RDVBMzFE
RTRENDcwMDg1NzZCMDA5MUFDOEIxQjFENDc1QTBDMUY3RTE0MDdBODMxNkI2Mzk3
NzIxOTkwMDFEMDk4OTQxRkMwRTg4ODlFQkVEODIyNEE0N0RDNjU2NDkzRjE2RUUx
NzUzODU2QUY4RDczNUI2RTAyRkExREU4NkU1Q0ZBNjgyRjhCMjNCRTBDNkQzRDc2
QTM4MTA0Nzk0NUEyNTlDQjYxRjQ4QUU0NDAyRjE3MTVENEJCOURBQTI5MzdGNjJB
RDJFQzAzMjJDRDdBMUQ2MTdFMDJFOUQwMjk2RENBMTUwM0VFOUFENzNBMjFGODQ0
MDgwRjFCREFEMDlGODhGQ0MwOTBDMjQxRTFFODI4RjI0OUY1NDQyRUY1QkEyOTkw
OUE3QUU0NDA4MTc3NDlFQ0NENEU1NzdCRjQwQjhGMzk4QjcxOTU1RUM4QUM1MTU2
QjcwNjI3QTI4QzY5Njg0RjgzQkJCRDlDRjZGQjAxQjhGNjE5MzRGNkUxQ0FFOUFB
NUYwNzc0RTlGNjdENDdFMzgxMkVDQTNBQjQ4OTc0NjNCOURBRTIzNjNGREJDNkNE
MDkxOUU2NTE4QkU1QkI3NUUwNUFBODAwMEU0Njk5RjBGOUY5NEJDRTMxNTVFNDAx
MDU0RTY3Mzc5Q0UzNUYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA3gOsCCD41aMd5NRwCFdrAJGsixsdR1oMH34UB6gxa2OXchmQAdCY
lB/A6IievtgiSkfcZWST8W7hdThWr41zW24C+h3oblz6aC+LI74MbT12o4EEeUWi
Wcth9IrkQC8XFdS7naopN/Yq0uwDIs16HWF+AunQKW3KFQPumtc6IfhECA8b2tCf
iPzAkMJB4ego8kn1RC71uimQmnrkQIF3SezNTld79AuPOYtxlV7IrFFWtwYnooxp
aE+Du72c9vsBuPYZNPbhyumqXwd06fZ9R+OBLso6tIl0Y7na4jY/28bNCRnmUYvl
u3XgWqgADkaZ8Pn5S84xVeQBBU5nN5zjXwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FPFsEumTOlL5sI/lbjCOhDpmH3arMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTM4MzIyZTMyMzUzMzJlMzkzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAC2/VowDQYJKoZIhvcNAQELBQADggEBACoZCS/sX2tR
wpnkPemmaPKGE2i8V1BaZrzxWvOAVxiGgw4BG66R/4NYtrN1S5vgxSautPc6Acj+
4BbApUnot+JNsMZhzh9aiKuEzABlL4Epcb9JkuJ/aYXn/D/t/rfkpopVb/5MtJqA
mjLFKBx1dttqqyajI7TqddhPU+8pBnk7EsRRgqSm+ZKLOLLY0kR4FM9N8uC/wDdz
em8nMgj+Cx9aVe4KxDCArtC9wj8pYA8OWSVTEtp+e8gdz0HrL87dhYn8yBgvtCcU
tWyYgKA2barnMXxpOKdoffncnOmTAIJjkmWH4MvhtlyacWq5HU+GeldYAT0rP+cv
H5wiqne0s7s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:03 2024 by rpki-client on console-fra.rpki-client.org