Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61653a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a61653a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          98A7A0Kq7EiSTuRhgv6SVdGk1vPAj6gkwh4etZntf6M=
Subject key identifier:   36:4B:92:7D:45:72:BF:40:2C:9D:79:92:A1:23:E5:DE:C4:5A:D5:05
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       0F0C93C08DA80737B309332EC2CA5D09F6901204
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61653a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:18 +0000
ROA not before:           Wed 29 Sep 2021 23:56:18 +0000
ROA not after:            Fri 30 Sep 2022 00:01:18 +0000
asID:                     17451
IP address blocks:        2404:8000:ae::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:0c:93:c0:8d:a8:07:37:b3:09:33:2e:c2:ca:5d:09:f6:90:12:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:18 2021 GMT
            Not After : Sep 30 00:01:18 2022 GMT
        Subject: CN=3082010A0282010100FB8D24D5CB2E41822A354073CA1BCF61A23D20F1C0709D64B4F536262E4CC96A422AA5675A69DE5560EA2EB4459A8FC1D99B6EB1CC401C256170D86209461BE7BA442351A322419697A2C3F671A9B669ABE4369AE9D1DA8C83FD85F31B2EAA2012060B94AD7B5E5A11174AB7C03D04EE0E083105AAA904FF05B87BB3B159E99D66FB534DD5993564E339BA16744943E5CC1E8F45BD0A1B66F2D638BAB812DAB701E69B29BD72C5362614DE58A21283AA30B273FD0E67A28D40A27893619F3E61BE2AFB9B0DF04A7D9D658743ABD6F088960A32CBC43AAC384F532D6C1570730317A0FDB2AE47A55A9EA689042B33BC759A0956118D9A58537D71DB65E8D8FB210203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:8d:24:d5:cb:2e:41:82:2a:35:40:73:ca:1b:
                    cf:61:a2:3d:20:f1:c0:70:9d:64:b4:f5:36:26:2e:
                    4c:c9:6a:42:2a:a5:67:5a:69:de:55:60:ea:2e:b4:
                    45:9a:8f:c1:d9:9b:6e:b1:cc:40:1c:25:61:70:d8:
                    62:09:46:1b:e7:ba:44:23:51:a3:22:41:96:97:a2:
                    c3:f6:71:a9:b6:69:ab:e4:36:9a:e9:d1:da:8c:83:
                    fd:85:f3:1b:2e:aa:20:12:06:0b:94:ad:7b:5e:5a:
                    11:17:4a:b7:c0:3d:04:ee:0e:08:31:05:aa:a9:04:
                    ff:05:b8:7b:b3:b1:59:e9:9d:66:fb:53:4d:d5:99:
                    35:64:e3:39:ba:16:74:49:43:e5:cc:1e:8f:45:bd:
                    0a:1b:66:f2:d6:38:ba:b8:12:da:b7:01:e6:9b:29:
                    bd:72:c5:36:26:14:de:58:a2:12:83:aa:30:b2:73:
                    fd:0e:67:a2:8d:40:a2:78:93:61:9f:3e:61:be:2a:
                    fb:9b:0d:f0:4a:7d:9d:65:87:43:ab:d6:f0:88:96:
                    0a:32:cb:c4:3a:ac:38:4f:53:2d:6c:15:70:73:03:
                    17:a0:fd:b2:ae:47:a5:5a:9e:a6:89:04:2b:33:bc:
                    75:9a:09:56:11:8d:9a:58:53:7d:71:db:65:e8:d8:
                    fb:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:4B:92:7D:45:72:BF:40:2C:9D:79:92:A1:23:E5:DE:C4:5A:D5:05
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a61653a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:ae::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:5b:f8:4d:ce:36:38:6e:1c:9a:d1:84:ad:32:09:e8:a1:d4:
         7b:9e:eb:ac:b0:b7:dc:7e:65:66:c8:ff:df:a6:17:39:a1:d2:
         da:84:ba:0b:ff:46:3c:4a:32:b6:5d:74:3c:29:b2:ff:15:c7:
         b9:8d:70:c6:95:9e:8b:48:a3:90:ee:cb:44:4e:aa:a9:40:34:
         53:9a:7f:50:79:55:ff:cf:b7:9e:78:8e:69:c2:a6:44:e7:23:
         89:68:ac:c8:24:a8:85:36:d8:32:0c:5d:55:68:3e:84:36:da:
         14:77:a1:01:84:70:a8:43:59:c7:e2:2f:b5:20:64:54:f4:5b:
         6b:95:03:08:f2:b6:07:5f:64:5f:34:c2:79:00:cf:53:e8:13:
         fc:5a:36:a3:af:f3:47:1d:d2:0f:0b:75:43:3b:98:7e:55:cd:
         9a:69:56:79:c3:62:64:7b:e2:89:95:d2:23:49:ed:e7:90:bb:
         70:21:30:a5:2d:4a:69:1f:b5:62:f5:24:06:b5:c4:91:93:38:
         49:d0:34:dc:af:aa:02:5f:31:25:8a:99:d3:ae:90:1a:e4:70:
         07:86:e7:db:6f:8a:24:31:a0:74:c7:cf:6e:fe:6c:af:83:e1:
         ae:6b:3d:bc:af:27:d9:29:ee:3f:24:21:09:7b:27:ab:65:37:
         1b:ac:4c:f4
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIUDwyTwI2oBzezCTMuwspdCfaQEgQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MThaFw0yMjA5MzAwMDAxMThaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRkI4RDI0RDVDQjJFNDE4MjJB
MzU0MDczQ0ExQkNGNjFBMjNEMjBGMUMwNzA5RDY0QjRGNTM2MjYyRTRDQzk2QTQy
MkFBNTY3NUE2OURFNTU2MEVBMkVCNDQ1OUE4RkMxRDk5QjZFQjFDQzQwMUMyNTYx
NzBEODYyMDk0NjFCRTdCQTQ0MjM1MUEzMjI0MTk2OTdBMkMzRjY3MUE5QjY2OUFC
RTQzNjlBRTlEMURBOEM4M0ZEODVGMzFCMkVBQTIwMTIwNjBCOTRBRDdCNUU1QTEx
MTc0QUI3QzAzRDA0RUUwRTA4MzEwNUFBQTkwNEZGMDVCODdCQjNCMTU5RTk5RDY2
RkI1MzRERDU5OTM1NjRFMzM5QkExNjc0NDk0M0U1Q0MxRThGNDVCRDBBMUI2NkYy
RDYzOEJBQjgxMkRBQjcwMUU2OUIyOUJENzJDNTM2MjYxNERFNThBMjEyODNBQTMw
QjI3M0ZEMEU2N0EyOEQ0MEEyNzg5MzYxOUYzRTYxQkUyQUZCOUIwREYwNEE3RDlE
NjU4NzQzQUJENkYwODg5NjBBMzJDQkM0M0FBQzM4NEY1MzJENkMxNTcwNzMwMzE3
QTBGREIyQUU0N0E1NUE5RUE2ODkwNDJCMzNCQzc1OUEwOTU2MTE4RDlBNTg1MzdE
NzFEQjY1RThEOEZCMjEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA+40k1csuQYIqNUBzyhvPYaI9IPHAcJ1ktPU2Ji5MyWpCKqVnWmne
VWDqLrRFmo/B2ZtuscxAHCVhcNhiCUYb57pEI1GjIkGWl6LD9nGptmmr5Daa6dHa
jIP9hfMbLqogEgYLlK17XloRF0q3wD0E7g4IMQWqqQT/Bbh7s7FZ6Z1m+1NN1Zk1
ZOM5uhZ0SUPlzB6PRb0KG2by1ji6uBLatwHmmym9csU2JhTeWKISg6owsnP9Dmei
jUCieJNhnz5hvir7mw3wSn2dZYdDq9bwiJYKMsvEOqw4T1MtbBVwcwMXoP2yrkel
Wp6miQQrM7x1mglWEY2aWFN9cdtl6Nj7IQIDAQABo4ICOTCCAjUwHQYDVR0OBBYE
FDZLkn1Fcr9ALJ15kqEj5d7EWtUFMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTYxNjUzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAz
MTM3MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAJASAAACuMA0GCSqGSIb3DQEBCwUAA4IBAQB9
W/hNzjY4bhya0YStMgnoodR7nuussLfcfmVmyP/fphc5odLahLoL/0Y8SjK2XXQ8
KbL/Fce5jXDGlZ6LSKOQ7stETqqpQDRTmn9QeVX/z7eeeI5pwqZE5yOJaKzIJKiF
NtgyDF1VaD6ENtoUd6EBhHCoQ1nH4i+1IGRU9FtrlQMI8rYHX2RfNMJ5AM9T6BP8
Wjajr/NHHdIPC3VDO5h+Vc2aaVZ5w2Jke+KJldIjSe3nkLtwITClLUppH7Vi9SQG
tcSRkzhJ0DTcr6oCXzElipnTrpAa5HAHhufbb4okMaB0x89u/myvg+Guaz28ryfZ
Ke4/JCEJeyerZTcbrEz0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:39 2024 by rpki-client on console-ams.rpki-client.org