Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a33303a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a33303a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          3g9F4AMrMwMVZBq3KbmirvIctN/b1aneXtyLQTr00no=
Subject key identifier:   CB:58:81:E3:50:C1:AA:0F:5F:89:9B:5F:21:3B:9B:D0:6D:28:8C:A2
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       123275B563C70ED74AB766DA00951C20A9BBA5F0
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a33303a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:31 +0000
ROA not before:           Wed 29 Sep 2021 23:55:31 +0000
ROA not after:            Fri 30 Sep 2022 00:00:31 +0000
asID:                     17451
IP address blocks:        2404:8000:30::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:32:75:b5:63:c7:0e:d7:4a:b7:66:da:00:95:1c:20:a9:bb:a5:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:31 2021 GMT
            Not After : Sep 30 00:00:31 2022 GMT
        Subject: CN=3082010A0282010100B552970411D5592692022A74F393A640B6565785EBDD0EC8E7808D486F42AB0BF2B980B555775B46B43B67E25B0CF2A7CC9941C3E7A11464540A6C1A79DFE74DF823EBF97D245504C6B6B7C05C233F9CA10587FBA19254AE64D7187A94C74B00E7B90FF3428DB852DB0BEAD0E8FADD2ABD076535D0421E7E1676D570060C340F14B775BEE901ECE0B2446B423484BAA85DFF99984B3546B21088AF128937AEC801E87C3BDB6EA552C2F559BE699520C7226917BEFDBCC53E76E13C430A76353D7A10832406ED974CFCBE042154C00037FED196AA6CE309C5B8AED56796DD52CE72EF58405246935D581BF662A10E48D44450260510F4E17F7468125C35E8957D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:52:97:04:11:d5:59:26:92:02:2a:74:f3:93:
                    a6:40:b6:56:57:85:eb:dd:0e:c8:e7:80:8d:48:6f:
                    42:ab:0b:f2:b9:80:b5:55:77:5b:46:b4:3b:67:e2:
                    5b:0c:f2:a7:cc:99:41:c3:e7:a1:14:64:54:0a:6c:
                    1a:79:df:e7:4d:f8:23:eb:f9:7d:24:55:04:c6:b6:
                    b7:c0:5c:23:3f:9c:a1:05:87:fb:a1:92:54:ae:64:
                    d7:18:7a:94:c7:4b:00:e7:b9:0f:f3:42:8d:b8:52:
                    db:0b:ea:d0:e8:fa:dd:2a:bd:07:65:35:d0:42:1e:
                    7e:16:76:d5:70:06:0c:34:0f:14:b7:75:be:e9:01:
                    ec:e0:b2:44:6b:42:34:84:ba:a8:5d:ff:99:98:4b:
                    35:46:b2:10:88:af:12:89:37:ae:c8:01:e8:7c:3b:
                    db:6e:a5:52:c2:f5:59:be:69:95:20:c7:22:69:17:
                    be:fd:bc:c5:3e:76:e1:3c:43:0a:76:35:3d:7a:10:
                    83:24:06:ed:97:4c:fc:be:04:21:54:c0:00:37:fe:
                    d1:96:aa:6c:e3:09:c5:b8:ae:d5:67:96:dd:52:ce:
                    72:ef:58:40:52:46:93:5d:58:1b:f6:62:a1:0e:48:
                    d4:44:50:26:05:10:f4:e1:7f:74:68:12:5c:35:e8:
                    95:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:58:81:E3:50:C1:AA:0F:5F:89:9B:5F:21:3B:9B:D0:6D:28:8C:A2
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a33303a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:30::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:c5:cc:73:42:9e:4e:d4:58:98:5a:ea:76:e3:0e:e7:c4:ec:
         7a:61:f8:8e:94:e7:46:d9:1e:de:c2:8c:90:fd:1b:a4:1f:64:
         de:73:f8:49:4a:1b:1d:cf:ce:5a:ae:ba:7c:7a:70:16:09:ff:
         e2:eb:c4:c6:31:3c:fb:4e:1e:ba:b0:87:2f:f8:e2:bb:2a:71:
         78:63:72:84:63:14:9f:79:6f:39:c5:f0:5e:2f:a9:2e:84:b5:
         70:05:bb:80:47:2d:a6:37:fe:12:36:54:ed:66:01:f6:d3:8b:
         74:fe:57:d6:1a:75:94:2a:a2:93:c8:99:9e:cd:f9:c9:d0:0b:
         8f:e0:e9:63:47:9d:db:38:2d:7b:4c:68:39:77:e4:5a:81:90:
         d1:18:c0:6a:ec:84:22:a3:25:2d:88:9a:25:e8:86:5f:4f:f5:
         b7:80:ad:d2:79:de:dc:b2:a6:ad:64:d7:b8:25:dc:c4:6d:60:
         07:d6:d7:be:17:7f:69:e4:e4:e7:94:7a:32:27:03:89:ee:61:
         dc:9a:c5:54:87:9d:83:8d:ab:42:e5:c8:06:ad:f4:6a:fb:2f:
         c0:3a:4d:b2:32:c3:ab:f1:8a:97:ee:77:b0:6a:38:bd:f6:a7:
         ee:a1:9a:c5:80:7a:ba:c0:cd:90:90:86:36:de:73:86:21:28:
         67:59:b6:c1
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIUEjJ1tWPHDtdKt2baAJUcIKm7pfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzFaFw0yMjA5MzAwMDAwMzFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjU1Mjk3MDQxMUQ1NTkyNjky
MDIyQTc0RjM5M0E2NDBCNjU2NTc4NUVCREQwRUM4RTc4MDhENDg2RjQyQUIwQkYy
Qjk4MEI1NTU3NzVCNDZCNDNCNjdFMjVCMENGMkE3Q0M5OTQxQzNFN0ExMTQ2NDU0
MEE2QzFBNzlERkU3NERGODIzRUJGOTdEMjQ1NTA0QzZCNkI3QzA1QzIzM0Y5Q0Ex
MDU4N0ZCQTE5MjU0QUU2NEQ3MTg3QTk0Qzc0QjAwRTdCOTBGRjM0MjhEQjg1MkRC
MEJFQUQwRThGQUREMkFCRDA3NjUzNUQwNDIxRTdFMTY3NkQ1NzAwNjBDMzQwRjE0
Qjc3NUJFRTkwMUVDRTBCMjQ0NkI0MjM0ODRCQUE4NURGRjk5OTg0QjM1NDZCMjEw
ODhBRjEyODkzN0FFQzgwMUU4N0MzQkRCNkVBNTUyQzJGNTU5QkU2OTk1MjBDNzIy
NjkxN0JFRkRCQ0M1M0U3NkUxM0M0MzBBNzYzNTNEN0ExMDgzMjQwNkVEOTc0Q0ZD
QkUwNDIxNTRDMDAwMzdGRUQxOTZBQTZDRTMwOUM1QjhBRUQ1Njc5NkRENTJDRTcy
RUY1ODQwNTI0NjkzNUQ1ODFCRjY2MkExMEU0OEQ0NDQ1MDI2MDUxMEY0RTE3Rjc0
NjgxMjVDMzVFODk1N0QwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAtVKXBBHVWSaSAip085OmQLZWV4Xr3Q7I54CNSG9CqwvyuYC1VXdb
RrQ7Z+JbDPKnzJlBw+ehFGRUCmwaed/nTfgj6/l9JFUExra3wFwjP5yhBYf7oZJU
rmTXGHqUx0sA57kP80KNuFLbC+rQ6PrdKr0HZTXQQh5+FnbVcAYMNA8Ut3W+6QHs
4LJEa0I0hLqoXf+ZmEs1RrIQiK8SiTeuyAHofDvbbqVSwvVZvmmVIMciaRe+/bzF
PnbhPEMKdjU9ehCDJAbtl0z8vgQhVMAAN/7Rlqps4wnFuK7VZ5bdUs5y71hAUkaT
XVgb9mKhDkjURFAmBRD04X90aBJcNeiVfQIDAQABo4ICOTCCAjUwHQYDVR0OBBYE
FMtYgeNQwaoPX4mbXyE7m9BtKIyiMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTMzMzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAz
MTM3MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAJASAAAAwMA0GCSqGSIb3DQEBCwUAA4IBAQA3
xcxzQp5O1FiYWup24w7nxOx6YfiOlOdG2R7ewoyQ/RukH2Tec/hJShsdz85arrp8
enAWCf/i68TGMTz7Th66sIcv+OK7KnF4Y3KEYxSfeW85xfBeL6kuhLVwBbuARy2m
N/4SNlTtZgH204t0/lfWGnWUKqKTyJmezfnJ0AuP4OljR53bOC17TGg5d+RagZDR
GMBq7IQioyUtiJol6IZfT/W3gK3Sed7csqatZNe4JdzEbWAH1te+F39p5OTnlHoy
JwOJ7mHcmsVUh52DjatC5cgGrfRq+y/AOk2yMsOr8YqX7newaji99qfuoZrFgHq6
wM2QkIY23nOGIShnWbbB
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:05 2024 by rpki-client on console-fra.rpki-client.org