Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3230322e3136392e34382e302f32342d3234203d3e203137343531.roa
File:                     3230322e3136392e34382e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          cJxGr5Zof1bvOv+GQWKrpZUL1nYYral4srx+ta+uE/4=
Subject key identifier:   EB:BF:36:55:5B:72:17:B6:59:8C:54:5F:5F:51:11:8A:1B:B9:08:61
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       3A6B2552350D5AF5B441C46A3D7C3CDB1AD6F049
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3230322e3136392e34382e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:17 +0000
ROA not before:           Wed 29 Sep 2021 23:56:17 +0000
ROA not after:            Fri 30 Sep 2022 00:01:17 +0000
asID:                     17451
IP address blocks:        202.169.48.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:6b:25:52:35:0d:5a:f5:b4:41:c4:6a:3d:7c:3c:db:1a:d6:f0:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:17 2021 GMT
            Not After : Sep 30 00:01:17 2022 GMT
        Subject: CN=3082010A0282010100C9084C1C7DBD8826F5DBCE167ACDC715C1F145CF8D05E095030CD7F66E9BDB4A7D9B56BBF4FFB5EC921935EE701EA51BB91F0DEF9C0AE2882DCF8F6C71C7A45747C3DA74ED955A468E804F3AEC6E02CF09C42F16138CCE6CB08B57F2ED363862D92178238C92D67B4008FFE747860C5D69923B8A41D20B84F6E227BB5A5844960F9A5F1E51438E93D61B5BB12DE991EADD48BF3F30D1008D917387095242CEE26179BF42B20D65DA7720800B2BD2524E951E98D92BFBE33DD0FDE5C5288D934D26990253D7030E269E1235FED1B0DF3875217AF9CDA9B29CFA371C9DA9EEA4C14A224B09364A28FB3ADDC16F08F397D9015516562ED603100A3F51B340E7D26F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:08:4c:1c:7d:bd:88:26:f5:db:ce:16:7a:cd:
                    c7:15:c1:f1:45:cf:8d:05:e0:95:03:0c:d7:f6:6e:
                    9b:db:4a:7d:9b:56:bb:f4:ff:b5:ec:92:19:35:ee:
                    70:1e:a5:1b:b9:1f:0d:ef:9c:0a:e2:88:2d:cf:8f:
                    6c:71:c7:a4:57:47:c3:da:74:ed:95:5a:46:8e:80:
                    4f:3a:ec:6e:02:cf:09:c4:2f:16:13:8c:ce:6c:b0:
                    8b:57:f2:ed:36:38:62:d9:21:78:23:8c:92:d6:7b:
                    40:08:ff:e7:47:86:0c:5d:69:92:3b:8a:41:d2:0b:
                    84:f6:e2:27:bb:5a:58:44:96:0f:9a:5f:1e:51:43:
                    8e:93:d6:1b:5b:b1:2d:e9:91:ea:dd:48:bf:3f:30:
                    d1:00:8d:91:73:87:09:52:42:ce:e2:61:79:bf:42:
                    b2:0d:65:da:77:20:80:0b:2b:d2:52:4e:95:1e:98:
                    d9:2b:fb:e3:3d:d0:fd:e5:c5:28:8d:93:4d:26:99:
                    02:53:d7:03:0e:26:9e:12:35:fe:d1:b0:df:38:75:
                    21:7a:f9:cd:a9:b2:9c:fa:37:1c:9d:a9:ee:a4:c1:
                    4a:22:4b:09:36:4a:28:fb:3a:dd:c1:6f:08:f3:97:
                    d9:01:55:16:56:2e:d6:03:10:0a:3f:51:b3:40:e7:
                    d2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:BF:36:55:5B:72:17:B6:59:8C:54:5F:5F:51:11:8A:1B:B9:08:61
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3230322e3136392e34382e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.169.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:79:da:88:e5:e3:0c:a3:0c:ce:fe:86:4d:c6:ad:39:ba:ff:
         5f:ce:1b:23:d6:2a:a1:63:6c:c5:5d:b0:09:b5:21:c6:38:66:
         19:a0:ed:35:3d:3d:0d:f2:12:52:19:c1:b5:d8:6f:e4:1a:d4:
         c7:ec:4b:c6:f8:cb:7d:a5:33:17:e3:83:9e:a0:50:bd:53:10:
         57:dc:05:f5:20:2d:0b:fe:4f:28:fc:16:7d:69:d1:4d:64:34:
         9e:4c:e4:4f:32:cb:38:b6:d7:d4:bf:6a:5d:b9:50:22:57:a7:
         19:d6:19:03:37:6c:3b:16:e5:f1:92:f4:94:a2:a1:de:c8:bf:
         6d:55:cd:83:ac:9d:1b:8b:6d:92:34:91:47:58:ad:c3:4c:09:
         d1:f8:e6:18:b8:b3:87:7e:3a:fd:11:1a:dc:6d:ce:b3:40:32:
         fc:ed:92:8c:ba:ec:52:1e:69:e6:84:d4:1a:1e:7c:f9:e8:ec:
         0d:85:67:c7:c2:c2:c8:b7:ca:b2:15:0d:6f:31:d6:4e:6e:5b:
         37:22:b8:c4:e8:98:db:c3:66:fc:fc:89:fe:73:a3:80:ac:4e:
         a5:1d:48:80:b0:3e:91:b9:21:eb:87:d2:13:9b:f0:45:16:ca:
         4d:5a:9e:ed:d8:96:32:c9:6d:5f:b6:d8:14:8a:d1:4f:15:b8:
         2d:c9:90:9f
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUOmslUjUNWvW0QcRqPXw82xrW8EkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MTdaFw0yMjA5MzAwMDAxMTdaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzkwODRDMUM3REJEODgyNkY1
REJDRTE2N0FDREM3MTVDMUYxNDVDRjhEMDVFMDk1MDMwQ0Q3RjY2RTlCREI0QTdE
OUI1NkJCRjRGRkI1RUM5MjE5MzVFRTcwMUVBNTFCQjkxRjBERUY5QzBBRTI4ODJE
Q0Y4RjZDNzFDN0E0NTc0N0MzREE3NEVEOTU1QTQ2OEU4MDRGM0FFQzZFMDJDRjA5
QzQyRjE2MTM4Q0NFNkNCMDhCNTdGMkVEMzYzODYyRDkyMTc4MjM4QzkyRDY3QjQw
MDhGRkU3NDc4NjBDNUQ2OTkyM0I4QTQxRDIwQjg0RjZFMjI3QkI1QTU4NDQ5NjBG
OUE1RjFFNTE0MzhFOTNENjFCNUJCMTJERTk5MUVBREQ0OEJGM0YzMEQxMDA4RDkx
NzM4NzA5NTI0MkNFRTI2MTc5QkY0MkIyMEQ2NURBNzcyMDgwMEIyQkQyNTI0RTk1
MUU5OEQ5MkJGQkUzM0REMEZERTVDNTI4OEQ5MzREMjY5OTAyNTNENzAzMEUyNjlF
MTIzNUZFRDFCMERGMzg3NTIxN0FGOUNEQTlCMjlDRkEzNzFDOURBOUVFQTRDMTRB
MjI0QjA5MzY0QTI4RkIzQUREQzE2RjA4RjM5N0Q5MDE1NTE2NTYyRUQ2MDMxMDBB
M0Y1MUIzNDBFN0QyNkYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAyQhMHH29iCb1284Wes3HFcHxRc+NBeCVAwzX9m6b20p9m1a79P+1
7JIZNe5wHqUbuR8N75wK4ogtz49sccekV0fD2nTtlVpGjoBPOuxuAs8JxC8WE4zO
bLCLV/LtNjhi2SF4I4yS1ntACP/nR4YMXWmSO4pB0guE9uInu1pYRJYPml8eUUOO
k9YbW7Et6ZHq3Ui/PzDRAI2Rc4cJUkLO4mF5v0KyDWXadyCACyvSUk6VHpjZK/vj
PdD95cUojZNNJpkCU9cDDiaeEjX+0bDfOHUhevnNqbKc+jccnanupMFKIksJNkoo
+zrdwW8I85fZAVUWVi7WAxAKP1GzQOfSbwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FOu/NlVbche2WYxUX19REYobuQhhMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjMwMzIyZTMxMzYzOTJlMzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBADKqTAwDQYJKoZIhvcNAQELBQADggEBAE552ojl4wyj
DM7+hk3GrTm6/1/OGyPWKqFjbMVdsAm1IcY4Zhmg7TU9PQ3yElIZwbXYb+Qa1Mfs
S8b4y32lMxfjg56gUL1TEFfcBfUgLQv+Tyj8Fn1p0U1kNJ5M5E8yyzi219S/al25
UCJXpxnWGQM3bDsW5fGS9JSiod7Iv21VzYOsnRuLbZI0kUdYrcNMCdH45hi4s4d+
Ov0RGtxtzrNAMvztkoy67FIeaeaE1BoefPno7A2FZ8fCwsi3yrIVDW8x1k5uWzci
uMTomNvDZvz8if5zo4CsTqUdSICwPpG5IeuH0hOb8EUWyk1anu3YljLJbV+22BSK
0U8VuC3JkJ8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org