Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031383a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313031383a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          l5YClgAmdgY0TNWHl/hQdkbbz0XGh+QJhfeYtRn/IOw=
Subject key identifier:   D4:E2:DB:1B:B8:AA:52:60:92:D2:65:53:9C:60:4B:AD:3D:3E:44:37
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       2917F0DEED6BED98E303B9F29EEF8668BB35C8BA
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031383a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:35 +0000
ROA not before:           Wed 29 Sep 2021 23:55:35 +0000
ROA not after:            Fri 30 Sep 2022 00:00:35 +0000
asID:                     17451
IP address blocks:        2404:8000:1018::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:17:f0:de:ed:6b:ed:98:e3:03:b9:f2:9e:ef:86:68:bb:35:c8:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:35 2021 GMT
            Not After : Sep 30 00:00:35 2022 GMT
        Subject: CN=3082010A0282010100B70D18EC9E7DBAB5DE68D960C300C93071957D831DED51786792D3DD2C0C61E86F5634D802332B1131AFF9878DB4A39AE6B7C6E77FE1F6168C58FE2F593C587C335FC145A89FE6DC883614FF782B70BB67EA3CF08C257CB2747D74E81CC471302751643034B79C9DF5F62CB08EA8DFCE6A459A509C143CB4B8D42622EAF59A5FF34D713CC0F3AC3D66AFA0736FFEBAB9D6480EC0BBC38FFA6937B86F94645D66B5C63A68AAF77EA8617A7824611390B8AF6DACEF2907AEB2DB160243E4B78C46747FA9AC60D91FF34EA905A82439912D3E2BE3BF3D10677D4B5B5C5B68559DB55E126E5F385D0FB55D35BDC07E74DAE5E15B4E6B1ED4DB26D63FE27677ACB8EB0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0d:18:ec:9e:7d:ba:b5:de:68:d9:60:c3:00:
                    c9:30:71:95:7d:83:1d:ed:51:78:67:92:d3:dd:2c:
                    0c:61:e8:6f:56:34:d8:02:33:2b:11:31:af:f9:87:
                    8d:b4:a3:9a:e6:b7:c6:e7:7f:e1:f6:16:8c:58:fe:
                    2f:59:3c:58:7c:33:5f:c1:45:a8:9f:e6:dc:88:36:
                    14:ff:78:2b:70:bb:67:ea:3c:f0:8c:25:7c:b2:74:
                    7d:74:e8:1c:c4:71:30:27:51:64:30:34:b7:9c:9d:
                    f5:f6:2c:b0:8e:a8:df:ce:6a:45:9a:50:9c:14:3c:
                    b4:b8:d4:26:22:ea:f5:9a:5f:f3:4d:71:3c:c0:f3:
                    ac:3d:66:af:a0:73:6f:fe:ba:b9:d6:48:0e:c0:bb:
                    c3:8f:fa:69:37:b8:6f:94:64:5d:66:b5:c6:3a:68:
                    aa:f7:7e:a8:61:7a:78:24:61:13:90:b8:af:6d:ac:
                    ef:29:07:ae:b2:db:16:02:43:e4:b7:8c:46:74:7f:
                    a9:ac:60:d9:1f:f3:4e:a9:05:a8:24:39:91:2d:3e:
                    2b:e3:bf:3d:10:67:7d:4b:5b:5c:5b:68:55:9d:b5:
                    5e:12:6e:5f:38:5d:0f:b5:5d:35:bd:c0:7e:74:da:
                    e5:e1:5b:4e:6b:1e:d4:db:26:d6:3f:e2:76:77:ac:
                    b8:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:E2:DB:1B:B8:AA:52:60:92:D2:65:53:9C:60:4B:AD:3D:3E:44:37
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313031383a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:1018::/48

    Signature Algorithm: sha256WithRSAEncryption
         54:2c:73:a5:e2:d5:85:b5:38:4f:cd:fc:78:6b:f8:a3:28:7c:
         6e:32:15:2e:6b:1f:3a:6c:66:45:31:f0:4b:50:6e:87:3f:56:
         73:61:58:1d:79:4e:94:f9:32:37:04:20:14:30:19:0b:6e:f4:
         01:43:1e:e9:2f:54:d9:52:07:e4:c2:b9:ea:b4:e2:7a:97:bf:
         f2:4f:2f:66:0c:5b:95:e4:9e:1c:76:38:20:1f:62:95:64:5d:
         8a:1c:a9:c4:80:3d:ac:bf:4e:91:bd:b9:9b:b9:9f:a3:cc:02:
         45:04:34:64:f5:c3:68:21:e9:48:1b:5a:0b:aa:ad:92:e0:ba:
         15:f7:0c:1e:26:4f:68:22:d3:53:9c:43:a8:79:8b:a1:16:74:
         dc:98:ca:49:45:11:b5:83:c4:68:fa:10:97:c3:7e:07:d3:49:
         df:26:d7:1d:a1:77:ef:61:08:0a:ff:e2:1a:d4:51:a5:58:97:
         d1:ab:b8:bb:86:6c:88:35:ce:ba:b5:ea:18:64:4e:d4:03:e8:
         4c:9e:62:6b:2a:3e:13:23:cb:f0:ef:68:2f:a2:28:95:a3:e7:
         c2:9f:51:7d:11:8a:37:98:58:fc:48:40:90:5c:c5:89:d2:75:
         5d:cd:2e:d2:df:21:d4:a5:3c:58:71:6c:04:e9:4a:1d:6b:7b:
         fb:22:66:33
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUKRfw3u1r7ZjjA7nynu+GaLs1yLowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzVaFw0yMjA5MzAwMDAwMzVaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjcwRDE4RUM5RTdEQkFCNURF
NjhEOTYwQzMwMEM5MzA3MTk1N0Q4MzFERUQ1MTc4Njc5MkQzREQyQzBDNjFFODZG
NTYzNEQ4MDIzMzJCMTEzMUFGRjk4NzhEQjRBMzlBRTZCN0M2RTc3RkUxRjYxNjhD
NThGRTJGNTkzQzU4N0MzMzVGQzE0NUE4OUZFNkRDODgzNjE0RkY3ODJCNzBCQjY3
RUEzQ0YwOEMyNTdDQjI3NDdENzRFODFDQzQ3MTMwMjc1MTY0MzAzNEI3OUM5REY1
RjYyQ0IwOEVBOERGQ0U2QTQ1OUE1MDlDMTQzQ0I0QjhENDI2MjJFQUY1OUE1RkYz
NEQ3MTNDQzBGM0FDM0Q2NkFGQTA3MzZGRkVCQUI5RDY0ODBFQzBCQkMzOEZGQTY5
MzdCODZGOTQ2NDVENjZCNUM2M0E2OEFBRjc3RUE4NjE3QTc4MjQ2MTEzOTBCOEFG
NkRBQ0VGMjkwN0FFQjJEQjE2MDI0M0U0Qjc4QzQ2NzQ3RkE5QUM2MEQ5MUZGMzRF
QTkwNUE4MjQzOTkxMkQzRTJCRTNCRjNEMTA2NzdENEI1QjVDNUI2ODU1OURCNTVF
MTI2RTVGMzg1RDBGQjU1RDM1QkRDMDdFNzREQUU1RTE1QjRFNkIxRUQ0REIyNkQ2
M0ZFMjc2NzdBQ0I4RUIwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAtw0Y7J59urXeaNlgwwDJMHGVfYMd7VF4Z5LT3SwMYehvVjTYAjMr
ETGv+YeNtKOa5rfG53/h9haMWP4vWTxYfDNfwUWon+bciDYU/3grcLtn6jzwjCV8
snR9dOgcxHEwJ1FkMDS3nJ319iywjqjfzmpFmlCcFDy0uNQmIur1ml/zTXE8wPOs
PWavoHNv/rq51kgOwLvDj/ppN7hvlGRdZrXGOmiq936oYXp4JGETkLivbazvKQeu
stsWAkPkt4xGdH+prGDZH/NOqQWoJDmRLT4r4789EGd9S1tcW2hVnbVeEm5fOF0P
tV01vcB+dNrl4VtOax7U2ybWP+J2d6y46wIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FNTi2xu4qlJgktJlU5xgS609PkQ3MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMTM4M2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQGDANBgkqhkiG9w0BAQsFAAOC
AQEAVCxzpeLVhbU4T838eGv4oyh8bjIVLmsfOmxmRTHwS1Buhz9Wc2FYHXlOlPky
NwQgFDAZC270AUMe6S9U2VIH5MK56rTiepe/8k8vZgxbleSeHHY4IB9ilWRdihyp
xIA9rL9Okb25m7mfo8wCRQQ0ZPXDaCHpSBtaC6qtkuC6FfcMHiZPaCLTU5xDqHmL
oRZ03JjKSUURtYPEaPoQl8N+B9NJ3ybXHaF372EICv/iGtRRpViX0au4u4ZsiDXO
urXqGGRO1APoTJ5iayo+EyPL8O9oL6IolaPnwp9RfRGKN5hY/EhAkFzFidJ1Xc0u
0t8h1KU8WHFsBOlKHWt7+yJmMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:38 2024 by rpki-client on console-ams.rpki-client.org