Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030663a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313030663a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          +IrKRXqQ1uOKEnoHbhX34Raw8nyq+59BwiYMgYQLubA=
Subject key identifier:   AE:69:51:A9:1D:A7:57:6B:32:C5:63:BA:54:93:BC:72:93:56:1D:31
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       796C15C1208E372EE34B05A0E2C3D70FB8571A07
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030663a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:15 +0000
ROA not before:           Wed 29 Sep 2021 23:56:15 +0000
ROA not after:            Fri 30 Sep 2022 00:01:15 +0000
asID:                     17451
IP address blocks:        2404:8000:100f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:6c:15:c1:20:8e:37:2e:e3:4b:05:a0:e2:c3:d7:0f:b8:57:1a:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:15 2021 GMT
            Not After : Sep 30 00:01:15 2022 GMT
        Subject: CN=3082010A0282010100DF607393F90250EE260632FF7943102A04E15E234A6FBBE01E4B6B74120C57A09A4A06C69ADF91365E36A55787B6140BC7EC0C720002CB4101176BD6267E4FE303F607B6B0B0CFC58D38ED1D1DADEC8E2A5AE8822F6A848FA4601216239D58C6549EC3A6345FE7B0E3CFA487975FB514C1CC8CD7D80B152BA2960DB0A98CEEB0CBC81A556EA6A2B7BCEF80F312F7DEE57C7567637A22C82229E9A5AED96B66CFAE654A23E24AA433005FB1ABAA636ED881AAEA568DEDB2AFA8E71AC79AD08F2B2F4CABC20A721FD1B48811B11D654F36DFD989A926C084C11D4D62EFBF2931AED1B686E0E765DFD40C00D8D23EDEAC1789168ED092860C23D99A810EF5F18D690203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:60:73:93:f9:02:50:ee:26:06:32:ff:79:43:
                    10:2a:04:e1:5e:23:4a:6f:bb:e0:1e:4b:6b:74:12:
                    0c:57:a0:9a:4a:06:c6:9a:df:91:36:5e:36:a5:57:
                    87:b6:14:0b:c7:ec:0c:72:00:02:cb:41:01:17:6b:
                    d6:26:7e:4f:e3:03:f6:07:b6:b0:b0:cf:c5:8d:38:
                    ed:1d:1d:ad:ec:8e:2a:5a:e8:82:2f:6a:84:8f:a4:
                    60:12:16:23:9d:58:c6:54:9e:c3:a6:34:5f:e7:b0:
                    e3:cf:a4:87:97:5f:b5:14:c1:cc:8c:d7:d8:0b:15:
                    2b:a2:96:0d:b0:a9:8c:ee:b0:cb:c8:1a:55:6e:a6:
                    a2:b7:bc:ef:80:f3:12:f7:de:e5:7c:75:67:63:7a:
                    22:c8:22:29:e9:a5:ae:d9:6b:66:cf:ae:65:4a:23:
                    e2:4a:a4:33:00:5f:b1:ab:aa:63:6e:d8:81:aa:ea:
                    56:8d:ed:b2:af:a8:e7:1a:c7:9a:d0:8f:2b:2f:4c:
                    ab:c2:0a:72:1f:d1:b4:88:11:b1:1d:65:4f:36:df:
                    d9:89:a9:26:c0:84:c1:1d:4d:62:ef:bf:29:31:ae:
                    d1:b6:86:e0:e7:65:df:d4:0c:00:d8:d2:3e:de:ac:
                    17:89:16:8e:d0:92:86:0c:23:d9:9a:81:0e:f5:f1:
                    8d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:69:51:A9:1D:A7:57:6B:32:C5:63:BA:54:93:BC:72:93:56:1D:31
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313030663a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:100f::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:23:9c:0a:d4:f0:0f:1a:ae:95:fa:b2:c6:0d:3c:34:00:8f:
         b0:ef:eb:67:38:2d:1c:e1:b1:ee:ce:76:a3:c5:aa:4e:fe:15:
         4d:f9:95:20:0d:e2:20:6d:d8:05:14:5d:4f:f9:06:c9:be:b8:
         6b:0e:28:67:5a:e2:5f:1b:b8:8e:05:9f:a7:6a:83:b7:79:02:
         e6:58:f0:ec:50:8f:e7:45:9e:e5:e0:4a:0a:ed:2b:e1:be:5a:
         3e:eb:56:94:e4:91:61:87:05:9d:4a:56:ce:a7:1e:f4:b3:89:
         85:4e:43:1b:34:f2:0e:9b:85:f1:0c:55:95:28:5b:6f:dc:d5:
         bf:f3:b7:f3:ba:f1:6f:94:ac:ae:80:9c:d2:f0:16:7f:af:b6:
         df:2c:e6:e5:62:eb:9d:b7:39:62:94:0b:28:ab:ef:ec:9b:af:
         55:1b:39:62:23:fd:1d:9d:db:39:70:23:00:55:2a:46:66:14:
         c3:fa:e7:52:33:50:89:de:5d:1a:65:ea:84:8b:6e:90:4b:12:
         54:fb:a2:4d:6d:52:33:cd:a1:56:f5:6a:05:5f:ae:d6:98:29:
         78:5a:02:67:1b:50:6a:b0:18:f5:a4:de:8e:63:77:32:9c:14:
         19:24:dd:72:58:40:5d:c3:6a:39:04:b4:73:96:1f:8a:38:1c:
         01:da:1c:9b
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUeWwVwSCONy7jSwWg4sPXD7hXGgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MTVaFw0yMjA5MzAwMDAxMTVaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwREY2MDczOTNGOTAyNTBFRTI2
MDYzMkZGNzk0MzEwMkEwNEUxNUUyMzRBNkZCQkUwMUU0QjZCNzQxMjBDNTdBMDlB
NEEwNkM2OUFERjkxMzY1RTM2QTU1Nzg3QjYxNDBCQzdFQzBDNzIwMDAyQ0I0MTAx
MTc2QkQ2MjY3RTRGRTMwM0Y2MDdCNkIwQjBDRkM1OEQzOEVEMUQxREFERUM4RTJB
NUFFODgyMkY2QTg0OEZBNDYwMTIxNjIzOUQ1OEM2NTQ5RUMzQTYzNDVGRTdCMEUz
Q0ZBNDg3OTc1RkI1MTRDMUNDOENEN0Q4MEIxNTJCQTI5NjBEQjBBOThDRUVCMENC
QzgxQTU1NkVBNkEyQjdCQ0VGODBGMzEyRjdERUU1N0M3NTY3NjM3QTIyQzgyMjI5
RTlBNUFFRDk2QjY2Q0ZBRTY1NEEyM0UyNEFBNDMzMDA1RkIxQUJBQTYzNkVEODgx
QUFFQTU2OERFREIyQUZBOEU3MUFDNzlBRDA4RjJCMkY0Q0FCQzIwQTcyMUZEMUI0
ODgxMUIxMUQ2NTRGMzZERkQ5ODlBOTI2QzA4NEMxMUQ0RDYyRUZCRjI5MzFBRUQx
QjY4NkUwRTc2NURGRDQwQzAwRDhEMjNFREVBQzE3ODkxNjhFRDA5Mjg2MEMyM0Q5
OUE4MTBFRjVGMThENjkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA32Bzk/kCUO4mBjL/eUMQKgThXiNKb7vgHktrdBIMV6CaSgbGmt+R
Nl42pVeHthQLx+wMcgACy0EBF2vWJn5P4wP2B7awsM/FjTjtHR2t7I4qWuiCL2qE
j6RgEhYjnVjGVJ7DpjRf57Djz6SHl1+1FMHMjNfYCxUropYNsKmM7rDLyBpVbqai
t7zvgPMS997lfHVnY3oiyCIp6aWu2Wtmz65lSiPiSqQzAF+xq6pjbtiBqupWje2y
r6jnGsea0I8rL0yrwgpyH9G0iBGxHWVPNt/ZiakmwITBHU1i778pMa7Rtobg52Xf
1AwA2NI+3qwXiRaO0JKGDCPZmoEO9fGNaQIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FK5pUakdp1drMsVjulSTvHKTVh0xMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMDY2M2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQDzANBgkqhkiG9w0BAQsFAAOC
AQEARSOcCtTwDxqulfqyxg08NACPsO/rZzgtHOGx7s52o8WqTv4VTfmVIA3iIG3Y
BRRdT/kGyb64aw4oZ1riXxu4jgWfp2qDt3kC5ljw7FCP50We5eBKCu0r4b5aPutW
lOSRYYcFnUpWzqce9LOJhU5DGzTyDpuF8QxVlShbb9zVv/O387rxb5SsroCc0vAW
f6+23yzm5WLrnbc5YpQLKKvv7JuvVRs5YiP9HZ3bOXAjAFUqRmYUw/rnUjNQid5d
GmXqhItukEsSVPuiTW1SM82hVvVqBV+u1pgpeFoCZxtQarAY9aTejmN3MpwUGSTd
clhAXcNqOQS0c5YfijgcAdocmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:05 2024 by rpki-client on console-fra.rpki-client.org