Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031333a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313031333a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          j8NaGaiuFfT0mE29+C/QeE7elSmRNH3ZKIVGqCEpkJ8=
Subject key identifier:   EB:07:88:D8:AB:2F:A7:32:4E:06:57:D6:FB:84:A8:11:7D:01:42:45
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       12612110258B1F8A3D02E877D22843BAD57B5A2B
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031333a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:10 +0000
ROA not before:           Wed 29 Sep 2021 23:55:10 +0000
ROA not after:            Fri 30 Sep 2022 00:00:10 +0000
asID:                     17451
IP address blocks:        2404:8000:1013::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:61:21:10:25:8b:1f:8a:3d:02:e8:77:d2:28:43:ba:d5:7b:5a:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:10 2021 GMT
            Not After : Sep 30 00:00:10 2022 GMT
        Subject: CN=3082010A0282010100D1DCB6D2F802D34708D3AEF9A14D31413778D453215F22339C8CD4FD933D55F48CD747BD11D5E1B0B3A8D4B0E216F42BF56F1862900EACA052910D62BCE1EC8E4045CA8F2BC25A63F5ACDDCEE85DE7E945442C26AE23B012B90DDDFB683A047CC35D9628E66CC1BA6455F998FAEDE81F8C9953C1DDBCD845A222E31217D3A829C6DB79FDE1849F83E9A0EDA6EBED1BD900BD4157671C8FEB70E07483EC76A4767B520785EEC8A694DCD1D5FC5551FB82988DAC009C052D429D4AB45D6A0EE6CA3F70BD5EDFF4DB26898FD13D121ADBE377FA939A1FFAB788C02848CF38CF04111E69CB00469F3335BA48A382723509B0ED4D76BC4C6EAC49730F841ED74495530203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:dc:b6:d2:f8:02:d3:47:08:d3:ae:f9:a1:4d:
                    31:41:37:78:d4:53:21:5f:22:33:9c:8c:d4:fd:93:
                    3d:55:f4:8c:d7:47:bd:11:d5:e1:b0:b3:a8:d4:b0:
                    e2:16:f4:2b:f5:6f:18:62:90:0e:ac:a0:52:91:0d:
                    62:bc:e1:ec:8e:40:45:ca:8f:2b:c2:5a:63:f5:ac:
                    dd:ce:e8:5d:e7:e9:45:44:2c:26:ae:23:b0:12:b9:
                    0d:dd:fb:68:3a:04:7c:c3:5d:96:28:e6:6c:c1:ba:
                    64:55:f9:98:fa:ed:e8:1f:8c:99:53:c1:dd:bc:d8:
                    45:a2:22:e3:12:17:d3:a8:29:c6:db:79:fd:e1:84:
                    9f:83:e9:a0:ed:a6:eb:ed:1b:d9:00:bd:41:57:67:
                    1c:8f:eb:70:e0:74:83:ec:76:a4:76:7b:52:07:85:
                    ee:c8:a6:94:dc:d1:d5:fc:55:51:fb:82:98:8d:ac:
                    00:9c:05:2d:42:9d:4a:b4:5d:6a:0e:e6:ca:3f:70:
                    bd:5e:df:f4:db:26:89:8f:d1:3d:12:1a:db:e3:77:
                    fa:93:9a:1f:fa:b7:88:c0:28:48:cf:38:cf:04:11:
                    1e:69:cb:00:46:9f:33:35:ba:48:a3:82:72:35:09:
                    b0:ed:4d:76:bc:4c:6e:ac:49:73:0f:84:1e:d7:44:
                    95:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:07:88:D8:AB:2F:A7:32:4E:06:57:D6:FB:84:A8:11:7D:01:42:45
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031333a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:1013::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:67:a5:2d:5f:b9:ad:c8:4b:ed:c8:79:a3:ec:de:88:ba:77:
         21:a8:49:d2:db:65:f1:4a:ef:8f:39:1d:27:72:e4:67:4e:c1:
         c1:0d:b2:25:5a:c8:6e:4d:7d:3d:50:dc:6a:75:fc:86:18:92:
         4a:24:d0:a0:90:6f:eb:07:07:cf:1d:ab:4d:3c:4c:14:57:b1:
         96:c6:df:88:69:91:bb:c4:b9:b2:6a:98:73:13:b4:9b:77:42:
         cd:12:d8:ad:49:32:fb:39:bb:d7:5b:25:ec:ec:1e:eb:4e:9b:
         0f:76:7b:ec:b4:ec:24:f3:7f:47:67:ac:35:53:88:94:76:03:
         ea:f5:1f:7c:d0:92:a8:c6:da:f7:88:c6:10:d4:6b:4f:e2:3b:
         18:85:6e:61:a0:91:5f:49:e4:52:d9:69:17:c2:8d:3c:03:d9:
         58:95:43:97:02:3c:69:87:d7:9a:0a:50:d7:39:da:16:db:e3:
         f3:2c:d1:b5:a8:7f:41:41:62:40:02:f2:3e:a6:e9:23:92:e9:
         73:1b:13:93:c0:78:79:ac:e2:09:8e:7e:6f:54:5a:e4:57:47:
         24:18:97:29:f3:58:e6:60:e1:2a:19:2e:e7:08:d1:ee:ef:85:
         eb:76:54:81:00:99:b1:d7:d7:ad:ec:6d:81:96:13:7d:0c:7a:
         75:9d:89:74
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUEmEhECWLH4o9Auh30ihDutV7WiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MTBaFw0yMjA5MzAwMDAwMTBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDFEQ0I2RDJGODAyRDM0NzA4
RDNBRUY5QTE0RDMxNDEzNzc4RDQ1MzIxNUYyMjMzOUM4Q0Q0RkQ5MzNENTVGNDhD
RDc0N0JEMTFENUUxQjBCM0E4RDRCMEUyMTZGNDJCRjU2RjE4NjI5MDBFQUNBMDUy
OTEwRDYyQkNFMUVDOEU0MDQ1Q0E4RjJCQzI1QTYzRjVBQ0REQ0VFODVERTdFOTQ1
NDQyQzI2QUUyM0IwMTJCOTBERERGQjY4M0EwNDdDQzM1RDk2MjhFNjZDQzFCQTY0
NTVGOTk4RkFFREU4MUY4Qzk5NTNDMUREQkNEODQ1QTIyMkUzMTIxN0QzQTgyOUM2
REI3OUZERTE4NDlGODNFOUEwRURBNkVCRUQxQkQ5MDBCRDQxNTc2NzFDOEZFQjcw
RTA3NDgzRUM3NkE0NzY3QjUyMDc4NUVFQzhBNjk0RENEMUQ1RkM1NTUxRkI4Mjk4
OERBQzAwOUMwNTJENDI5RDRBQjQ1RDZBMEVFNkNBM0Y3MEJENUVERkY0REIyNjg5
OEZEMTNEMTIxQURCRTM3N0ZBOTM5QTFGRkFCNzg4QzAyODQ4Q0YzOENGMDQxMTFF
NjlDQjAwNDY5RjMzMzVCQTQ4QTM4MjcyMzUwOUIwRUQ0RDc2QkM0QzZFQUM0OTcz
MEY4NDFFRDc0NDk1NTMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0dy20vgC00cI0675oU0xQTd41FMhXyIznIzU/ZM9VfSM10e9EdXh
sLOo1LDiFvQr9W8YYpAOrKBSkQ1ivOHsjkBFyo8rwlpj9azdzuhd5+lFRCwmriOw
ErkN3ftoOgR8w12WKOZswbpkVfmY+u3oH4yZU8HdvNhFoiLjEhfTqCnG23n94YSf
g+mg7abr7RvZAL1BV2ccj+tw4HSD7HakdntSB4XuyKaU3NHV/FVR+4KYjawAnAUt
Qp1KtF1qDubKP3C9Xt/02yaJj9E9Ehrb43f6k5of+reIwChIzzjPBBEeacsARp8z
NbpIo4JyNQmw7U12vExurElzD4Qe10SVUwIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FOsHiNirL6cyTgZX1vuEqBF9AUJFMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMTMzM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQEzANBgkqhkiG9w0BAQsFAAOC
AQEAYGelLV+5rchL7ch5o+zeiLp3IahJ0ttl8UrvjzkdJ3LkZ07BwQ2yJVrIbk19
PVDcanX8hhiSSiTQoJBv6wcHzx2rTTxMFFexlsbfiGmRu8S5smqYcxO0m3dCzRLY
rUky+zm711sl7Owe606bD3Z77LTsJPN/R2esNVOIlHYD6vUffNCSqMba94jGENRr
T+I7GIVuYaCRX0nkUtlpF8KNPAPZWJVDlwI8aYfXmgpQ1znaFtvj8yzRtah/QUFi
QALyPqbpI5LpcxsTk8B4eaziCY5+b1Ra5FdHJBiXKfNY5mDhKhku5wjR7u+F63ZU
gQCZsdfXrextgZYTfQx6dZ2JdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:05 2024 by rpki-client on console-fra.rpki-client.org