Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030383a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313030383a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          9KXOP5qDZ6cmobZX1L8yVlvWnshLE7SKFQyiuyCsUu4=
Subject key identifier:   BE:D9:E9:EA:B6:76:A1:14:7D:F3:FE:39:26:52:A7:D1:77:C2:64:D2
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       60D7DB8BAFFDEF3F4DD4A67C0DFFDABD4409BA77
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030383a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:57 +0000
ROA not before:           Wed 29 Sep 2021 23:55:57 +0000
ROA not after:            Fri 30 Sep 2022 00:00:57 +0000
asID:                     17451
IP address blocks:        2404:8000:1008::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:d7:db:8b:af:fd:ef:3f:4d:d4:a6:7c:0d:ff:da:bd:44:09:ba:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:57 2021 GMT
            Not After : Sep 30 00:00:57 2022 GMT
        Subject: CN=3082010A0282010100D3F4687061EF5AE0D636F4FAF7E6E5173E7DCFF7F0FEDABA71A62ACF23FE1793BAB25567341B63A3A9064D8E78D4C9B7D477018E9CFEF496C3E67784BFF0B3E377E226D3337253689D5DDE14909669030C67A5674F17AE2088912ED15AB13B47BE8353704F40103641049E3B677D32B34B9AA5CB71FB3D6910140D86F72A721ACC48A669334237DAAFB60318EFBBCAB080D0CE91BC76CA018F0A2C92641E94C2401BDE999EB7E681CEEDC8562B5545C1367C1E1995E5798A4FFAD5BC2593B14EC3C7F48136A4F7BA042F01514A91DE5A336A2209F34540B8A4CE3124744CA4B5EF150F491831D45619CD03FE15ACE5BFD9CD18B62DB4E2D54914072DC19B6F4D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:f4:68:70:61:ef:5a:e0:d6:36:f4:fa:f7:e6:
                    e5:17:3e:7d:cf:f7:f0:fe:da:ba:71:a6:2a:cf:23:
                    fe:17:93:ba:b2:55:67:34:1b:63:a3:a9:06:4d:8e:
                    78:d4:c9:b7:d4:77:01:8e:9c:fe:f4:96:c3:e6:77:
                    84:bf:f0:b3:e3:77:e2:26:d3:33:72:53:68:9d:5d:
                    de:14:90:96:69:03:0c:67:a5:67:4f:17:ae:20:88:
                    91:2e:d1:5a:b1:3b:47:be:83:53:70:4f:40:10:36:
                    41:04:9e:3b:67:7d:32:b3:4b:9a:a5:cb:71:fb:3d:
                    69:10:14:0d:86:f7:2a:72:1a:cc:48:a6:69:33:42:
                    37:da:af:b6:03:18:ef:bb:ca:b0:80:d0:ce:91:bc:
                    76:ca:01:8f:0a:2c:92:64:1e:94:c2:40:1b:de:99:
                    9e:b7:e6:81:ce:ed:c8:56:2b:55:45:c1:36:7c:1e:
                    19:95:e5:79:8a:4f:fa:d5:bc:25:93:b1:4e:c3:c7:
                    f4:81:36:a4:f7:ba:04:2f:01:51:4a:91:de:5a:33:
                    6a:22:09:f3:45:40:b8:a4:ce:31:24:74:4c:a4:b5:
                    ef:15:0f:49:18:31:d4:56:19:cd:03:fe:15:ac:e5:
                    bf:d9:cd:18:b6:2d:b4:e2:d5:49:14:07:2d:c1:9b:
                    6f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:D9:E9:EA:B6:76:A1:14:7D:F3:FE:39:26:52:A7:D1:77:C2:64:D2
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030383a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:1008::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:50:09:73:4c:1f:41:0e:d4:b5:b1:ce:fb:c8:99:63:a3:66:
         b5:db:49:2e:95:3c:00:32:79:60:d3:4b:8e:b0:9d:76:45:99:
         62:e1:9d:c6:97:19:be:d1:e2:dc:f1:a8:89:bf:d4:40:86:93:
         03:a2:66:d9:81:6f:07:77:3c:de:3d:37:2d:f3:7c:ad:91:46:
         79:65:12:b9:03:e5:86:7c:dd:86:ed:bb:a6:b9:e8:1c:98:72:
         97:f3:18:99:d5:ae:02:1b:51:da:33:8c:18:ed:77:bd:e3:4d:
         cb:06:38:6b:01:86:25:b8:cf:24:b0:04:8c:e3:8e:bc:77:b5:
         61:86:3a:cd:ef:be:34:03:a9:e8:e3:f1:98:aa:c8:d7:76:20:
         58:3e:07:e1:68:a0:7f:fc:15:db:aa:85:da:db:03:01:2f:00:
         95:8d:4d:e0:e2:5d:d6:65:f5:f4:6b:61:75:41:a0:fa:4c:78:
         88:10:2c:1a:42:56:77:f7:8a:3a:36:3d:93:65:50:46:d8:22:
         c9:82:0f:98:ea:2d:87:05:14:da:6a:64:71:61:9b:7c:77:76:
         11:ff:4d:a4:cb:1f:ba:4c:b3:7c:54:3e:c4:01:be:32:59:a8:
         d1:40:4e:71:85:0a:b7:63:ae:91:72:9b:39:a4:8d:f9:b0:61:
         1d:31:a8:0e
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUYNfbi6/97z9N1KZ8Df/avUQJuncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NTdaFw0yMjA5MzAwMDAwNTdaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDNGNDY4NzA2MUVGNUFFMEQ2
MzZGNEZBRjdFNkU1MTczRTdEQ0ZGN0YwRkVEQUJBNzFBNjJBQ0YyM0ZFMTc5M0JB
QjI1NTY3MzQxQjYzQTNBOTA2NEQ4RTc4RDRDOUI3RDQ3NzAxOEU5Q0ZFRjQ5NkMz
RTY3Nzg0QkZGMEIzRTM3N0UyMjZEMzMzNzI1MzY4OUQ1RERFMTQ5MDk2NjkwMzBD
NjdBNTY3NEYxN0FFMjA4ODkxMkVEMTVBQjEzQjQ3QkU4MzUzNzA0RjQwMTAzNjQx
MDQ5RTNCNjc3RDMyQjM0QjlBQTVDQjcxRkIzRDY5MTAxNDBEODZGNzJBNzIxQUND
NDhBNjY5MzM0MjM3REFBRkI2MDMxOEVGQkJDQUIwODBEMENFOTFCQzc2Q0EwMThG
MEEyQzkyNjQxRTk0QzI0MDFCREU5OTlFQjdFNjgxQ0VFREM4NTYyQjU1NDVDMTM2
N0MxRTE5OTVFNTc5OEE0RkZBRDVCQzI1OTNCMTRFQzNDN0Y0ODEzNkE0RjdCQTA0
MkYwMTUxNEE5MURFNUEzMzZBMjIwOUYzNDU0MEI4QTRDRTMxMjQ3NDRDQTRCNUVG
MTUwRjQ5MTgzMUQ0NTYxOUNEMDNGRTE1QUNFNUJGRDlDRDE4QjYyREI0RTJENTQ5
MTQwNzJEQzE5QjZGNEQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0/RocGHvWuDWNvT69+blFz59z/fw/tq6caYqzyP+F5O6slVnNBtj
o6kGTY541Mm31HcBjpz+9JbD5neEv/Cz43fiJtMzclNonV3eFJCWaQMMZ6VnTxeu
IIiRLtFasTtHvoNTcE9AEDZBBJ47Z30ys0uapctx+z1pEBQNhvcqchrMSKZpM0I3
2q+2Axjvu8qwgNDOkbx2ygGPCiySZB6UwkAb3pmet+aBzu3IVitVRcE2fB4ZleV5
ik/61bwlk7FOw8f0gTak97oELwFRSpHeWjNqIgnzRUC4pM4xJHRMpLXvFQ9JGDHU
VhnNA/4VrOW/2c0Yti204tVJFActwZtvTQIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FL7Z6eq2dqEUffP+OSZSp9F3wmTSMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMDM4M2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQCDANBgkqhkiG9w0BAQsFAAOC
AQEAlVAJc0wfQQ7UtbHO+8iZY6NmtdtJLpU8ADJ5YNNLjrCddkWZYuGdxpcZvtHi
3PGoib/UQIaTA6Jm2YFvB3c83j03LfN8rZFGeWUSuQPlhnzdhu27prnoHJhyl/MY
mdWuAhtR2jOMGO13veNNywY4awGGJbjPJLAEjOOOvHe1YYY6ze++NAOp6OPxmKrI
13YgWD4H4Wigf/wV26qF2tsDAS8AlY1N4OJd1mX19GthdUGg+kx4iBAsGkJWd/eK
OjY9k2VQRtgiyYIPmOothwUU2mpkcWGbfHd2Ef9NpMsfukyzfFQ+xAG+Mlmo0UBO
cYUKt2OukXKbOaSN+bBhHTGoDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:38 2024 by rpki-client on console-ams.rpki-client.org