Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a323a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a323a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          oRXBQ/9/cxS3rYU0XSr5hOu1OQoO9S7FNvpsRBqYkNI=
Subject key identifier:   F4:63:86:0B:CB:46:49:2C:D9:86:BB:4C:EA:F2:4C:BC:27:0C:E7:D9
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       56459100CA60A33088A07B73BC786492D0975B4B
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a323a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:38 +0000
ROA not before:           Wed 29 Sep 2021 23:55:38 +0000
ROA not after:            Fri 30 Sep 2022 00:00:38 +0000
asID:                     17451
IP address blocks:        2404:8000:2::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:45:91:00:ca:60:a3:30:88:a0:7b:73:bc:78:64:92:d0:97:5b:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:38 2021 GMT
            Not After : Sep 30 00:00:38 2022 GMT
        Subject: CN=3082010A0282010100AF8DF22346E41A71548D5DCAC8EADB2DAE727C6C5813B8B186958F1AF74F19F1F014C0F4BDCA7300D37BDA512B3EABF8CBBEA333871D8A404C830EC2E2BD2E058851DEBBA945B1171B2AADAF86E072A8E6F96020E0BBA82C038C6DBFD6B0F06F99BE6B0646769621EADB08CA2090C19448E54BC87132047F81BAF5E126D67BDF92502B3E47211E9F68B5CB6677964C8C199082195EE355A09F1118507F45B67669136CFDBF538A18F60D637693AA8924CB3DB85704CD593A550D745E45BC2614F210ABABDB1D680EE2DECAF541D15069170878BE19B6ACB440680A45056F50628603DE7450F928A05CBFD8C163360C7789B8D0488E33F0B5E0A47DCEF6B8251F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8d:f2:23:46:e4:1a:71:54:8d:5d:ca:c8:ea:
                    db:2d:ae:72:7c:6c:58:13:b8:b1:86:95:8f:1a:f7:
                    4f:19:f1:f0:14:c0:f4:bd:ca:73:00:d3:7b:da:51:
                    2b:3e:ab:f8:cb:be:a3:33:87:1d:8a:40:4c:83:0e:
                    c2:e2:bd:2e:05:88:51:de:bb:a9:45:b1:17:1b:2a:
                    ad:af:86:e0:72:a8:e6:f9:60:20:e0:bb:a8:2c:03:
                    8c:6d:bf:d6:b0:f0:6f:99:be:6b:06:46:76:96:21:
                    ea:db:08:ca:20:90:c1:94:48:e5:4b:c8:71:32:04:
                    7f:81:ba:f5:e1:26:d6:7b:df:92:50:2b:3e:47:21:
                    1e:9f:68:b5:cb:66:77:96:4c:8c:19:90:82:19:5e:
                    e3:55:a0:9f:11:18:50:7f:45:b6:76:69:13:6c:fd:
                    bf:53:8a:18:f6:0d:63:76:93:aa:89:24:cb:3d:b8:
                    57:04:cd:59:3a:55:0d:74:5e:45:bc:26:14:f2:10:
                    ab:ab:db:1d:68:0e:e2:de:ca:f5:41:d1:50:69:17:
                    08:78:be:19:b6:ac:b4:40:68:0a:45:05:6f:50:62:
                    86:03:de:74:50:f9:28:a0:5c:bf:d8:c1:63:36:0c:
                    77:89:b8:d0:48:8e:33:f0:b5:e0:a4:7d:ce:f6:b8:
                    25:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:63:86:0B:CB:46:49:2C:D9:86:BB:4C:EA:F2:4C:BC:27:0C:E7:D9
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a323a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         57:d8:bc:4b:01:e8:9e:06:92:d9:55:db:97:39:90:8c:3f:31:
         b6:43:50:6b:15:47:dc:30:c8:e4:ca:66:70:31:29:d7:45:51:
         b7:a6:34:cd:92:86:42:fa:bb:32:44:45:df:30:45:ee:46:57:
         cf:3d:88:20:ee:eb:6d:dd:ee:d9:b5:05:45:4d:db:ea:06:64:
         09:36:61:3b:a3:ff:8b:ca:6e:2e:4b:88:2b:d7:5e:ad:be:42:
         db:fa:6e:74:63:75:2d:6d:57:a7:6e:af:f2:6d:53:64:dc:04:
         b3:58:1a:eb:cd:80:b9:2e:a9:a5:3d:0d:63:d6:cb:65:b2:5f:
         d8:14:b0:69:36:19:bc:ed:a9:96:5a:dc:4b:8b:a4:a1:33:d6:
         1a:61:9c:61:70:06:22:63:a6:02:ea:4a:a5:25:b6:99:58:8e:
         81:d0:c4:20:d0:4a:f9:87:ce:63:af:30:14:ad:e1:7e:2b:bf:
         a8:11:3f:08:45:84:3d:32:0b:3d:8e:75:c0:37:4b:ca:9e:33:
         99:bb:0e:f5:8a:ca:b1:c4:85:c8:62:85:14:b8:11:5e:48:3e:
         78:90:9e:e7:d4:d4:2d:60:bf:04:01:c7:b8:73:1b:ba:45:fc:
         5f:c8:91:ff:26:1c:a5:93:52:df:d7:ee:ac:aa:ff:d1:4b:1a:
         e4:60:22:08
-----BEGIN CERTIFICATE-----
MIIHKTCCBhGgAwIBAgIUVkWRAMpgozCIoHtzvHhkktCXW0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzhaFw0yMjA5MzAwMDAwMzhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQUY4REYyMjM0NkU0MUE3MTU0
OEQ1RENBQzhFQURCMkRBRTcyN0M2QzU4MTNCOEIxODY5NThGMUFGNzRGMTlGMUYw
MTRDMEY0QkRDQTczMDBEMzdCREE1MTJCM0VBQkY4Q0JCRUEzMzM4NzFEOEE0MDRD
ODMwRUMyRTJCRDJFMDU4ODUxREVCQkE5NDVCMTE3MUIyQUFEQUY4NkUwNzJBOEU2
Rjk2MDIwRTBCQkE4MkMwMzhDNkRCRkQ2QjBGMDZGOTlCRTZCMDY0Njc2OTYyMUVB
REIwOENBMjA5MEMxOTQ0OEU1NEJDODcxMzIwNDdGODFCQUY1RTEyNkQ2N0JERjky
NTAyQjNFNDcyMTFFOUY2OEI1Q0I2Njc3OTY0QzhDMTk5MDgyMTk1RUUzNTVBMDlG
MTExODUwN0Y0NUI2NzY2OTEzNkNGREJGNTM4QTE4RjYwRDYzNzY5M0FBODkyNENC
M0RCODU3MDRDRDU5M0E1NTBENzQ1RTQ1QkMyNjE0RjIxMEFCQUJEQjFENjgwRUUy
REVDQUY1NDFEMTUwNjkxNzA4NzhCRTE5QjZBQ0I0NDA2ODBBNDUwNTZGNTA2Mjg2
MDNERTc0NTBGOTI4QTA1Q0JGRDhDMTYzMzYwQzc3ODlCOEQwNDg4RTMzRjBCNUUw
QTQ3RENFRjZCODI1MUYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAr43yI0bkGnFUjV3KyOrbLa5yfGxYE7ixhpWPGvdPGfHwFMD0vcpz
ANN72lErPqv4y76jM4cdikBMgw7C4r0uBYhR3rupRbEXGyqtr4bgcqjm+WAg4Luo
LAOMbb/WsPBvmb5rBkZ2liHq2wjKIJDBlEjlS8hxMgR/gbr14SbWe9+SUCs+RyEe
n2i1y2Z3lkyMGZCCGV7jVaCfERhQf0W2dmkTbP2/U4oY9g1jdpOqiSTLPbhXBM1Z
OlUNdF5FvCYU8hCrq9sdaA7i3sr1QdFQaRcIeL4Ztqy0QGgKRQVvUGKGA950UPko
oFy/2MFjNgx3ibjQSI4z8LXgpH3O9rglHwIDAQABo4ICNzCCAjMwHQYDVR0OBBYE
FPRjhgvLRkks2Ya7TOryTLwnDOfZMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACQEgAAAAjANBgkqhkiG9w0BAQsFAAOCAQEAV9i8
SwHongaS2VXblzmQjD8xtkNQaxVH3DDI5MpmcDEp10VRt6Y0zZKGQvq7MkRF3zBF
7kZXzz2IIO7rbd3u2bUFRU3b6gZkCTZhO6P/i8puLkuIK9derb5C2/pudGN1LW1X
p26v8m1TZNwEs1ga682AuS6ppT0NY9bLZbJf2BSwaTYZvO2pllrcS4ukoTPWGmGc
YXAGImOmAupKpSW2mViOgdDEINBK+YfOY68wFK3hfiu/qBE/CEWEPTILPY51wDdL
yp4zmbsO9YrKscSFyGKFFLgRXkg+eJCe59TULWC/BAHHuHMbukX8X8iR/yYcpZNS
39furKr/0Usa5GAiCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:05 2024 by rpki-client on console-fra.rpki-client.org