Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031323a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313031323a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          0k4V+BNTt9G040v9KJN/GOPmyeHE+AYAOzMuNVXsPiw=
Subject key identifier:   95:16:8A:36:DC:A5:09:96:CD:A2:9B:62:E9:FD:12:EA:16:DA:B8:86
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       12E2E74AF6010CE9A66D43E1C5F57CC852655F66
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031323a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:07 +0000
ROA not before:           Wed 29 Sep 2021 23:55:07 +0000
ROA not after:            Fri 30 Sep 2022 00:00:07 +0000
asID:                     17451
IP address blocks:        2404:8000:1012::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:e2:e7:4a:f6:01:0c:e9:a6:6d:43:e1:c5:f5:7c:c8:52:65:5f:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:07 2021 GMT
            Not After : Sep 30 00:00:07 2022 GMT
        Subject: CN=3082010A0282010100C09F9EC60DD9DEA9D0E83C22E312D36BB2A54855C77322D3CEA3DC4D4C94765292BAD8BBF090056594A85C944A4A455593655967A6AB394E371EFE62D1DA8CE947A98D34790DB9D1DD858EDF72A86499018BF23C49EEF668EAF43BFAF3C605FBAA4707353ADE21FFE78DC087347EAC1445CD8F8684E34159B626C5C20A3743DFF5605BA012C75FCBBCBFC495FC04A91100EA853B5D9E219679BA0A7493F1D5170B31FA2C61440F6C76B314DBA8B5AB5900BAAA0D298BF3AC1B0DB86EA1416A6E9D0E6E292353B3C12EE66E8C03EB1BC1C3A20A0D742507F377DC78DD34CEED1644EC189ED6D1350FB596E0FA3E7B5B4A6DAA6CC1F4A53B2BEB052EA56291D8450203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9f:9e:c6:0d:d9:de:a9:d0:e8:3c:22:e3:12:
                    d3:6b:b2:a5:48:55:c7:73:22:d3:ce:a3:dc:4d:4c:
                    94:76:52:92:ba:d8:bb:f0:90:05:65:94:a8:5c:94:
                    4a:4a:45:55:93:65:59:67:a6:ab:39:4e:37:1e:fe:
                    62:d1:da:8c:e9:47:a9:8d:34:79:0d:b9:d1:dd:85:
                    8e:df:72:a8:64:99:01:8b:f2:3c:49:ee:f6:68:ea:
                    f4:3b:fa:f3:c6:05:fb:aa:47:07:35:3a:de:21:ff:
                    e7:8d:c0:87:34:7e:ac:14:45:cd:8f:86:84:e3:41:
                    59:b6:26:c5:c2:0a:37:43:df:f5:60:5b:a0:12:c7:
                    5f:cb:bc:bf:c4:95:fc:04:a9:11:00:ea:85:3b:5d:
                    9e:21:96:79:ba:0a:74:93:f1:d5:17:0b:31:fa:2c:
                    61:44:0f:6c:76:b3:14:db:a8:b5:ab:59:00:ba:aa:
                    0d:29:8b:f3:ac:1b:0d:b8:6e:a1:41:6a:6e:9d:0e:
                    6e:29:23:53:b3:c1:2e:e6:6e:8c:03:eb:1b:c1:c3:
                    a2:0a:0d:74:25:07:f3:77:dc:78:dd:34:ce:ed:16:
                    44:ec:18:9e:d6:d1:35:0f:b5:96:e0:fa:3e:7b:5b:
                    4a:6d:aa:6c:c1:f4:a5:3b:2b:eb:05:2e:a5:62:91:
                    d8:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:16:8A:36:DC:A5:09:96:CD:A2:9B:62:E9:FD:12:EA:16:DA:B8:86
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031323a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:1012::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:55:aa:e1:65:cd:8c:c2:c5:ac:22:fe:7e:ba:a5:9b:58:00:
         64:b7:35:95:39:e6:a2:72:31:d4:ef:f5:d3:56:10:60:a3:66:
         4d:50:8d:39:7f:89:d4:bf:12:8e:15:d2:1f:4e:22:3d:1e:e9:
         30:d4:5c:be:f9:e1:57:2e:40:74:69:a0:4f:fc:a0:1c:b5:25:
         bb:98:55:35:21:2d:0b:a6:98:28:17:e1:a9:13:6e:a3:22:70:
         1a:c4:eb:14:8b:7b:e6:f7:e4:4f:ec:d1:78:07:1d:a2:05:15:
         2d:e8:5d:c3:00:14:74:fc:19:24:66:00:ae:cc:e0:84:5f:b7:
         2a:a6:b3:e2:12:2f:32:11:1e:b9:cc:80:41:11:0b:49:ec:4d:
         f6:a9:9b:0b:0f:68:45:0d:b4:a7:17:5e:e6:3f:56:a3:66:78:
         c9:f1:61:c3:06:78:73:40:0e:94:18:6a:5f:2f:a0:15:7d:f1:
         b4:4f:42:c3:c3:3d:c5:d2:ec:81:c8:88:81:1b:9e:9e:5b:d4:
         ac:34:42:64:2d:79:3b:fe:50:26:ff:88:ae:93:3e:2e:7a:21:
         e8:90:7b:39:3f:5f:4d:94:77:0f:35:b9:c6:ff:ab:90:b3:06:
         0c:5b:59:7d:4b:d6:ca:6f:d1:b7:ce:a8:a5:12:28:21:13:76:
         90:ed:c7:0b
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUEuLnSvYBDOmmbUPhxfV8yFJlX2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MDdaFw0yMjA5MzAwMDAwMDdaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzA5RjlFQzYwREQ5REVBOUQw
RTgzQzIyRTMxMkQzNkJCMkE1NDg1NUM3NzMyMkQzQ0VBM0RDNEQ0Qzk0NzY1Mjky
QkFEOEJCRjA5MDA1NjU5NEE4NUM5NDRBNEE0NTU1OTM2NTU5NjdBNkFCMzk0RTM3
MUVGRTYyRDFEQThDRTk0N0E5OEQzNDc5MERCOUQxREQ4NThFREY3MkE4NjQ5OTAx
OEJGMjNDNDlFRUY2NjhFQUY0M0JGQUYzQzYwNUZCQUE0NzA3MzUzQURFMjFGRkU3
OERDMDg3MzQ3RUFDMTQ0NUNEOEY4Njg0RTM0MTU5QjYyNkM1QzIwQTM3NDNERkY1
NjA1QkEwMTJDNzVGQ0JCQ0JGQzQ5NUZDMDRBOTExMDBFQTg1M0I1RDlFMjE5Njc5
QkEwQTc0OTNGMUQ1MTcwQjMxRkEyQzYxNDQwRjZDNzZCMzE0REJBOEI1QUI1OTAw
QkFBQTBEMjk4QkYzQUMxQjBEQjg2RUExNDE2QTZFOUQwRTZFMjkyMzUzQjNDMTJF
RTY2RThDMDNFQjFCQzFDM0EyMEEwRDc0MjUwN0YzNzdEQzc4REQzNENFRUQxNjQ0
RUMxODlFRDZEMTM1MEZCNTk2RTBGQTNFN0I1QjRBNkRBQTZDQzFGNEE1M0IyQkVC
MDUyRUE1NjI5MUQ4NDUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAwJ+exg3Z3qnQ6Dwi4xLTa7KlSFXHcyLTzqPcTUyUdlKSuti78JAF
ZZSoXJRKSkVVk2VZZ6arOU43Hv5i0dqM6UepjTR5DbnR3YWO33KoZJkBi/I8Se72
aOr0O/rzxgX7qkcHNTreIf/njcCHNH6sFEXNj4aE40FZtibFwgo3Q9/1YFugEsdf
y7y/xJX8BKkRAOqFO12eIZZ5ugp0k/HVFwsx+ixhRA9sdrMU26i1q1kAuqoNKYvz
rBsNuG6hQWpunQ5uKSNTs8Eu5m6MA+sbwcOiCg10JQfzd9x43TTO7RZE7Bie1tE1
D7WW4Po+e1tKbapswfSlOyvrBS6lYpHYRQIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FJUWijbcpQmWzaKbYun9EuoW2riGMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMTMyM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQEjANBgkqhkiG9w0BAQsFAAOC
AQEAN1Wq4WXNjMLFrCL+frqlm1gAZLc1lTnmonIx1O/101YQYKNmTVCNOX+J1L8S
jhXSH04iPR7pMNRcvvnhVy5AdGmgT/ygHLUlu5hVNSEtC6aYKBfhqRNuoyJwGsTr
FIt75vfkT+zReAcdogUVLehdwwAUdPwZJGYArszghF+3Kqaz4hIvMhEeucyAQREL
SexN9qmbCw9oRQ20pxde5j9Wo2Z4yfFhwwZ4c0AOlBhqXy+gFX3xtE9Cw8M9xdLs
gciIgRuenlvUrDRCZC15O/5QJv+IrpM+Lnoh6JB7OT9fTZR3DzW5xv+rkLMGDFtZ
fUvWym/Rt86opRIoIRN2kO3HCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:05 2024 by rpki-client on console-fra.rpki-client.org