Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61393a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a61393a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          I2Pl9aZLN27J/SDbAhX57ZDERiE9IZl76Y4CTqEwuV4=
Subject key identifier:   05:92:24:79:20:57:FE:C2:00:10:89:7F:FD:B9:8B:81:FA:81:29:D1
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       4EBE998C63291CEBBA3D367715D97111B3F69ABF
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61393a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:24 +0000
ROA not before:           Wed 29 Sep 2021 23:55:24 +0000
ROA not after:            Fri 30 Sep 2022 00:00:24 +0000
asID:                     17451
IP address blocks:        2404:8000:a9::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:be:99:8c:63:29:1c:eb:ba:3d:36:77:15:d9:71:11:b3:f6:9a:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:24 2021 GMT
            Not After : Sep 30 00:00:24 2022 GMT
        Subject: CN=3082010A0282010100DA4D21A905875DEE9571D9C87A2BB9FF93E8EBBBF74F7BFCC68D5755D490CF710CA2BEA77BD5C288D6821232108A2BBE6CDBADADA78F94A50EAF8CCBE49889A7168847D478B78DFCD5FC25B4266FAD43CE1444BEB1996796BF374CE9BA596C333905FF9B6E6367ABFA2EFE55D34447B98806DE11AE68FFD4B03A4F67BC8D38949297C301759372CE53C55B1CB71691F7C0886917882FB088703F6960DCA8AA49C57069B315E646733DEE13347F36578CC9A592BAAF96A6B69666FAC29FD9ABF80CF7473B2561A998E42D2E6C54000077AEA9FD9A141D6EF47092AD075B8E81581A87A25C3F8C065C5753CE1065852241806815F2D09E63EDA87FA8874DFA8A030203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:4d:21:a9:05:87:5d:ee:95:71:d9:c8:7a:2b:
                    b9:ff:93:e8:eb:bb:f7:4f:7b:fc:c6:8d:57:55:d4:
                    90:cf:71:0c:a2:be:a7:7b:d5:c2:88:d6:82:12:32:
                    10:8a:2b:be:6c:db:ad:ad:a7:8f:94:a5:0e:af:8c:
                    cb:e4:98:89:a7:16:88:47:d4:78:b7:8d:fc:d5:fc:
                    25:b4:26:6f:ad:43:ce:14:44:be:b1:99:67:96:bf:
                    37:4c:e9:ba:59:6c:33:39:05:ff:9b:6e:63:67:ab:
                    fa:2e:fe:55:d3:44:47:b9:88:06:de:11:ae:68:ff:
                    d4:b0:3a:4f:67:bc:8d:38:94:92:97:c3:01:75:93:
                    72:ce:53:c5:5b:1c:b7:16:91:f7:c0:88:69:17:88:
                    2f:b0:88:70:3f:69:60:dc:a8:aa:49:c5:70:69:b3:
                    15:e6:46:73:3d:ee:13:34:7f:36:57:8c:c9:a5:92:
                    ba:af:96:a6:b6:96:66:fa:c2:9f:d9:ab:f8:0c:f7:
                    47:3b:25:61:a9:98:e4:2d:2e:6c:54:00:00:77:ae:
                    a9:fd:9a:14:1d:6e:f4:70:92:ad:07:5b:8e:81:58:
                    1a:87:a2:5c:3f:8c:06:5c:57:53:ce:10:65:85:22:
                    41:80:68:15:f2:d0:9e:63:ed:a8:7f:a8:87:4d:fa:
                    8a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:92:24:79:20:57:FE:C2:00:10:89:7F:FD:B9:8B:81:FA:81:29:D1
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61393a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:a9::/48

    Signature Algorithm: sha256WithRSAEncryption
         66:27:e1:2c:c1:b9:5a:7c:f6:da:9b:70:9d:3e:16:64:9e:3d:
         4a:64:cd:68:c1:92:54:74:8a:8b:ca:58:01:2a:a2:e2:76:bf:
         15:2a:b6:c8:eb:db:b8:9e:30:33:22:56:bf:6a:54:5b:c7:9e:
         46:06:17:59:dc:c7:bb:12:04:e9:4a:7b:30:f8:a4:13:86:74:
         06:33:69:ee:87:81:a0:22:aa:b9:e7:53:a5:cb:42:f8:ba:e8:
         ee:dd:af:b7:2c:37:30:03:f1:29:4d:bb:56:13:92:e2:39:d6:
         45:39:a3:ba:06:43:52:1a:44:02:b0:a4:25:9e:d8:4f:01:e8:
         38:be:33:7e:83:87:46:d7:5c:fe:52:83:e6:35:76:17:e9:01:
         90:d7:92:8b:de:05:fe:e4:ef:ae:5e:ab:b8:86:41:7c:99:d7:
         f5:d1:a7:40:2c:e5:4e:f7:59:63:bc:f0:ec:96:b9:d1:5f:2d:
         90:5a:c9:2d:af:04:e0:a8:50:ed:60:e5:9c:4c:93:e2:e8:e3:
         7f:9b:11:78:c4:72:ae:01:de:5a:26:b7:4b:61:c0:61:72:4c:
         cf:d6:39:dd:af:ff:3b:70:a3:97:56:16:29:02:ab:5d:b5:22:
         fb:f3:5b:2a:fa:5e:38:55:66:a8:39:5c:37:0c:8b:68:62:f0:
         64:cf:ab:39
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIUTr6ZjGMpHOu6PTZ3FdlxEbP2mr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjRaFw0yMjA5MzAwMDAwMjRaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwREE0RDIxQTkwNTg3NURFRTk1
NzFEOUM4N0EyQkI5RkY5M0U4RUJCQkY3NEY3QkZDQzY4RDU3NTVENDkwQ0Y3MTBD
QTJCRUE3N0JENUMyODhENjgyMTIzMjEwOEEyQkJFNkNEQkFEQURBNzhGOTRBNTBF
QUY4Q0NCRTQ5ODg5QTcxNjg4NDdENDc4Qjc4REZDRDVGQzI1QjQyNjZGQUQ0M0NF
MTQ0NEJFQjE5OTY3OTZCRjM3NENFOUJBNTk2QzMzMzkwNUZGOUI2RTYzNjdBQkZB
MkVGRTU1RDM0NDQ3Qjk4ODA2REUxMUFFNjhGRkQ0QjAzQTRGNjdCQzhEMzg5NDky
OTdDMzAxNzU5MzcyQ0U1M0M1NUIxQ0I3MTY5MUY3QzA4ODY5MTc4ODJGQjA4ODcw
M0Y2OTYwRENBOEFBNDlDNTcwNjlCMzE1RTY0NjczM0RFRTEzMzQ3RjM2NTc4Q0M5
QTU5MkJBQUY5NkE2QjY5NjY2RkFDMjlGRDlBQkY4MENGNzQ3M0IyNTYxQTk5OEU0
MkQyRTZDNTQwMDAwNzdBRUE5RkQ5QTE0MUQ2RUY0NzA5MkFEMDc1QjhFODE1ODFB
ODdBMjVDM0Y4QzA2NUM1NzUzQ0UxMDY1ODUyMjQxODA2ODE1RjJEMDlFNjNFREE4
N0ZBODg3NERGQThBMDMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2k0hqQWHXe6VcdnIeiu5/5Po67v3T3v8xo1XVdSQz3EMor6ne9XC
iNaCEjIQiiu+bNutraePlKUOr4zL5JiJpxaIR9R4t4381fwltCZvrUPOFES+sZln
lr83TOm6WWwzOQX/m25jZ6v6Lv5V00RHuYgG3hGuaP/UsDpPZ7yNOJSSl8MBdZNy
zlPFWxy3FpH3wIhpF4gvsIhwP2lg3KiqScVwabMV5kZzPe4TNH82V4zJpZK6r5am
tpZm+sKf2av4DPdHOyVhqZjkLS5sVAAAd66p/ZoUHW70cJKtB1uOgVgah6JcP4wG
XFdTzhBlhSJBgGgV8tCeY+2of6iHTfqKAwIDAQABo4ICOTCCAjUwHQYDVR0OBBYE
FAWSJHkgV/7CABCJf/25i4H6gSnRMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTYxMzkzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAz
MTM3MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAJASAAACpMA0GCSqGSIb3DQEBCwUAA4IBAQBm
J+EswblafPbam3CdPhZknj1KZM1owZJUdIqLylgBKqLidr8VKrbI69u4njAzIla/
alRbx55GBhdZ3Me7EgTpSnsw+KQThnQGM2nuh4GgIqq551Oly0L4uuju3a+3LDcw
A/EpTbtWE5LiOdZFOaO6BkNSGkQCsKQlnthPAeg4vjN+g4dG11z+UoPmNXYX6QGQ
15KL3gX+5O+uXqu4hkF8mdf10adALOVO91ljvPDslrnRXy2QWsktrwTgqFDtYOWc
TJPi6ON/mxF4xHKuAd5aJrdLYcBhckzP1jndr/87cKOXVhYpAqtdtSL781sq+l44
VWaoOVw3DItoYvBkz6s5
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:06 2024 by rpki-client on console-fra.rpki-client.org