Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313032363a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a313032363a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          iQ3HrXe33eZpCF5Qz2MS9/eFmUoJVUD2ih87+ta3wbU=
Subject key identifier:   78:F6:C2:E4:33:3D:82:87:A6:DB:5C:6D:34:2C:EB:E9:27:D8:CB:61
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       7440807B1B8D6B5177969F12017520677DFF211E
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313032363a3a2f34382d3438203d3e203137343531.roa
Signing time:             Mon 13 Dec 2021 05:09:08 +0000
ROA not before:           Mon 13 Dec 2021 05:04:08 +0000
ROA not after:            Tue 13 Dec 2022 05:09:08 +0000
asID:                     17451
IP address blocks:        2404:8000:1026::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:40:80:7b:1b:8d:6b:51:77:96:9f:12:01:75:20:67:7d:ff:21:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Dec 13 05:04:08 2021 GMT
            Not After : Dec 13 05:09:08 2022 GMT
        Subject: CN=3082010A0282010100B18FA8071B49E13046D4669C90C79611C5C8082EAC9967CCBB6D9FBC44F7A78D5DB7434F3CA5396A72A307D2A37D44DCCC0DB001E0086BA0D4A0C6110310F67DEEC905F1A16F5E81B78540F8EE5A7BA46E4BF0E19DFAD5DBDCE80B87E08621F70E70CD6F5C8A0870B861A2EC4E5A9982EA238E88D48A5B451FE89F44EC50F940A9D786DFEE5E81A4C1E7440FD3CE90B0DB30397C6BD7124866F8B91E7B18976263FA83B72A4A72ACB0BECDAD9B53E4BFB28BA371AF13A9F6C2E8576B34CAED8F8BBF4CF8D4E8381C83A7EB9F9E7B1055A1910FE66774AEE6A2319D93B9ECB6C6010A7E6ACE9B05FFFFF9652EE3640E0BA282716EB6F5F9355BDDE3A297F749830203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8f:a8:07:1b:49:e1:30:46:d4:66:9c:90:c7:
                    96:11:c5:c8:08:2e:ac:99:67:cc:bb:6d:9f:bc:44:
                    f7:a7:8d:5d:b7:43:4f:3c:a5:39:6a:72:a3:07:d2:
                    a3:7d:44:dc:cc:0d:b0:01:e0:08:6b:a0:d4:a0:c6:
                    11:03:10:f6:7d:ee:c9:05:f1:a1:6f:5e:81:b7:85:
                    40:f8:ee:5a:7b:a4:6e:4b:f0:e1:9d:fa:d5:db:dc:
                    e8:0b:87:e0:86:21:f7:0e:70:cd:6f:5c:8a:08:70:
                    b8:61:a2:ec:4e:5a:99:82:ea:23:8e:88:d4:8a:5b:
                    45:1f:e8:9f:44:ec:50:f9:40:a9:d7:86:df:ee:5e:
                    81:a4:c1:e7:44:0f:d3:ce:90:b0:db:30:39:7c:6b:
                    d7:12:48:66:f8:b9:1e:7b:18:97:62:63:fa:83:b7:
                    2a:4a:72:ac:b0:be:cd:ad:9b:53:e4:bf:b2:8b:a3:
                    71:af:13:a9:f6:c2:e8:57:6b:34:ca:ed:8f:8b:bf:
                    4c:f8:d4:e8:38:1c:83:a7:eb:9f:9e:7b:10:55:a1:
                    91:0f:e6:67:74:ae:e6:a2:31:9d:93:b9:ec:b6:c6:
                    01:0a:7e:6a:ce:9b:05:ff:ff:f9:65:2e:e3:64:0e:
                    0b:a2:82:71:6e:b6:f5:f9:35:5b:dd:e3:a2:97:f7:
                    49:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:F6:C2:E4:33:3D:82:87:A6:DB:5C:6D:34:2C:EB:E9:27:D8:CB:61
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a313032363a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:1026::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:fb:f9:c9:f6:18:a9:74:d0:76:ba:2d:9d:a9:5b:70:1a:7d:
         00:4d:3d:9c:78:9b:ed:8d:dd:d4:98:27:e2:cb:96:c9:21:d5:
         43:89:23:9b:f1:2c:56:0a:59:d2:6c:30:9c:fd:b4:6f:70:9b:
         07:a2:16:38:a5:cc:c9:cd:d2:31:2b:e8:b1:cc:09:bf:ea:f6:
         58:18:37:66:e9:07:1c:6c:2c:7f:c2:72:0b:71:26:a7:fc:63:
         f7:5e:5e:07:58:8f:41:b4:8f:41:58:66:e7:4c:89:83:6f:fd:
         aa:c9:5d:61:35:07:cc:b4:b6:53:9f:0a:8a:ed:5e:f8:55:17:
         da:34:1f:d8:63:b7:27:8a:dc:47:e0:4e:37:d1:9f:de:0d:b4:
         65:53:62:b4:83:9c:0f:4f:12:8e:9f:68:01:ca:15:6f:4e:ad:
         07:8b:a1:d1:b7:cb:2b:dc:ac:ea:f4:c6:58:8c:b2:82:11:24:
         63:8b:49:0a:37:3a:05:cd:05:79:c2:a5:e3:91:04:ce:3b:0d:
         7e:2c:89:8f:e0:e5:30:59:c7:b0:23:95:55:a8:c6:12:2f:80:
         a4:59:f8:6e:16:a5:03:22:6c:6a:ef:6a:45:c2:55:29:63:af:
         35:d5:2f:80:29:20:c6:3a:15:bb:3a:98:78:15:67:bf:36:62:
         2b:e6:0d:78
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIUdECAexuNa1F3lp8SAXUgZ33/IR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTEyMTMwNTA0MDhaFw0yMjEyMTMwNTA5MDhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjE4RkE4MDcxQjQ5RTEzMDQ2
RDQ2NjlDOTBDNzk2MTFDNUM4MDgyRUFDOTk2N0NDQkI2RDlGQkM0NEY3QTc4RDVE
Qjc0MzRGM0NBNTM5NkE3MkEzMDdEMkEzN0Q0NERDQ0MwREIwMDFFMDA4NkJBMEQ0
QTBDNjExMDMxMEY2N0RFRUM5MDVGMUExNkY1RTgxQjc4NTQwRjhFRTVBN0JBNDZF
NEJGMEUxOURGQUQ1REJEQ0U4MEI4N0UwODYyMUY3MEU3MENENkY1QzhBMDg3MEI4
NjFBMkVDNEU1QTk5ODJFQTIzOEU4OEQ0OEE1QjQ1MUZFODlGNDRFQzUwRjk0MEE5
RDc4NkRGRUU1RTgxQTRDMUU3NDQwRkQzQ0U5MEIwREIzMDM5N0M2QkQ3MTI0ODY2
RjhCOTFFN0IxODk3NjI2M0ZBODNCNzJBNEE3MkFDQjBCRUNEQUQ5QjUzRTRCRkIy
OEJBMzcxQUYxM0E5RjZDMkU4NTc2QjM0Q0FFRDhGOEJCRjRDRjhENEU4MzgxQzgz
QTdFQjlGOUU3QjEwNTVBMTkxMEZFNjY3NzRBRUU2QTIzMTlEOTNCOUVDQjZDNjAx
MEE3RTZBQ0U5QjA1RkZGRkY5NjUyRUUzNjQwRTBCQTI4MjcxNkVCNkY1RjkzNTVC
RERFM0EyOTdGNzQ5ODMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsY+oBxtJ4TBG1GackMeWEcXICC6smWfMu22fvET3p41dt0NPPKU5
anKjB9KjfUTczA2wAeAIa6DUoMYRAxD2fe7JBfGhb16Bt4VA+O5ae6RuS/DhnfrV
29zoC4fghiH3DnDNb1yKCHC4YaLsTlqZguojjojUiltFH+ifROxQ+UCp14bf7l6B
pMHnRA/TzpCw2zA5fGvXEkhm+LkeexiXYmP6g7cqSnKssL7NrZtT5L+yi6NxrxOp
9sLoV2s0yu2Pi79M+NToOByDp+ufnnsQVaGRD+ZndK7mojGdk7nstsYBCn5qzpsF
///5ZS7jZA4LooJxbrb1+TVb3eOil/dJgwIDAQABo4ICPTCCAjkwHQYDVR0OBBYE
FHj2wuQzPYKHpttcbTQs6+kn2MthMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGqBggrBgEFBQcB
CwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMxMzAzMjM2M2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzNzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQEgAAQJjANBgkqhkiG9w0BAQsFAAOC
AQEACvv5yfYYqXTQdrotnalbcBp9AE09nHib7Y3d1Jgn4suWySHVQ4kjm/EsVgpZ
0mwwnP20b3CbB6IWOKXMyc3SMSvoscwJv+r2WBg3ZukHHGwsf8JyC3Emp/xj915e
B1iPQbSPQVhm50yJg2/9qsldYTUHzLS2U58Kiu1e+FUX2jQf2GO3J4rcR+BON9Gf
3g20ZVNitIOcD08Sjp9oAcoVb06tB4uh0bfLK9ys6vTGWIyyghEkY4tJCjc6Bc0F
ecKl45EEzjsNfiyJj+DlMFnHsCOVVajGEi+ApFn4bhalAyJsau9qRcJVKWOvNdUv
gCkgxjoVuzqYeBVnvzZiK+YNeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:05 2024 by rpki-client on console-fra.rpki-client.org