Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a62393a3a2f34382d3438203d3e203137343531.roa
File:                     323430343a383030303a62393a3a2f34382d3438203d3e203137343531.roa (raw, json)
Hash identifier:          7mmxALuOuczk310VUKJcf6k0//jjrS2ffNT9DCj+VhQ=
Subject key identifier:   C1:E6:D3:38:44:36:24:14:B9:4F:68:E6:9D:49:6E:44:2C:70:5E:39
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       4E57374087DA7F2DBF572951BBF7B8A46DAA97B8
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a62393a3a2f34382d3438203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:23 +0000
ROA not before:           Wed 29 Sep 2021 23:56:23 +0000
ROA not after:            Fri 30 Sep 2022 00:01:23 +0000
asID:                     17451
IP address blocks:        2404:8000:b9::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:57:37:40:87:da:7f:2d:bf:57:29:51:bb:f7:b8:a4:6d:aa:97:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:23 2021 GMT
            Not After : Sep 30 00:01:23 2022 GMT
        Subject: CN=3082010A0282010100BC042456F82414624E3337D55A31BCEF98FB994A093AE55E43CE86085B993D39805D247D1EAD6132DE6CB00F26F8C6B72E2A50F10B35291FF0CE6C9091BC1685868B717AFFA7622E122CE58E91DDE9178AA1AF20A8D02CCCEF8D8CBF2BB2ED6C45E640CFEB77EB3F2D9F8C6761806A2D4B3F5509E0FF8B019A079A3D1F8BF4793F7751B3D869A1A9D3DA3FD8FD7136921D79D4D5BFEA05D2D665F0AAF2CF7580D564A417E4CBBF6443FFB91C354B6C17419610B04425333AB7DF4B0ABC12EE9905D840823C419F2AE4AF0335A5F0F8371A83F3D9EABFB6736695DD53FCEAF75C3A27380C62B94A3200E86F3C9B8614A55FA0772F4551AB335C91EE09BCE3FFA70203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:04:24:56:f8:24:14:62:4e:33:37:d5:5a:31:
                    bc:ef:98:fb:99:4a:09:3a:e5:5e:43:ce:86:08:5b:
                    99:3d:39:80:5d:24:7d:1e:ad:61:32:de:6c:b0:0f:
                    26:f8:c6:b7:2e:2a:50:f1:0b:35:29:1f:f0:ce:6c:
                    90:91:bc:16:85:86:8b:71:7a:ff:a7:62:2e:12:2c:
                    e5:8e:91:dd:e9:17:8a:a1:af:20:a8:d0:2c:cc:ef:
                    8d:8c:bf:2b:b2:ed:6c:45:e6:40:cf:eb:77:eb:3f:
                    2d:9f:8c:67:61:80:6a:2d:4b:3f:55:09:e0:ff:8b:
                    01:9a:07:9a:3d:1f:8b:f4:79:3f:77:51:b3:d8:69:
                    a1:a9:d3:da:3f:d8:fd:71:36:92:1d:79:d4:d5:bf:
                    ea:05:d2:d6:65:f0:aa:f2:cf:75:80:d5:64:a4:17:
                    e4:cb:bf:64:43:ff:b9:1c:35:4b:6c:17:41:96:10:
                    b0:44:25:33:3a:b7:df:4b:0a:bc:12:ee:99:05:d8:
                    40:82:3c:41:9f:2a:e4:af:03:35:a5:f0:f8:37:1a:
                    83:f3:d9:ea:bf:b6:73:66:95:dd:53:fc:ea:f7:5c:
                    3a:27:38:0c:62:b9:4a:32:00:e8:6f:3c:9b:86:14:
                    a5:5f:a0:77:2f:45:51:ab:33:5c:91:ee:09:bc:e3:
                    ff:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:E6:D3:38:44:36:24:14:B9:4F:68:E6:9D:49:6E:44:2C:70:5E:39
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/323430343a383030303a62393a3a2f34382d3438203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8000:b9::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:48:50:08:ea:d9:1c:7a:68:1d:61:da:ba:eb:cc:c1:a9:ef:
         2d:8d:78:37:aa:6e:16:bc:38:7c:d7:44:de:1c:8c:b5:29:94:
         4d:ea:1c:ab:f6:dc:1f:36:45:f8:33:95:fd:21:bd:c4:04:e5:
         4c:40:b5:36:8e:a0:79:04:c7:06:20:47:01:ff:2c:7a:80:3b:
         f4:d0:7e:c8:e9:1d:3a:79:cf:43:27:03:a5:9d:b4:4a:73:c0:
         c2:93:2b:22:f5:50:b1:4e:8b:81:eb:45:86:c0:db:5d:9b:2b:
         47:1c:66:04:b8:54:83:4f:b8:bf:2e:10:ad:ae:40:52:3e:ab:
         78:ad:64:b9:8b:68:36:47:b7:05:a7:8a:87:38:53:2f:70:7e:
         db:f7:71:75:1f:f4:eb:59:0a:f9:d7:0d:a6:45:cf:4d:7a:de:
         7b:c2:d7:57:db:21:4b:98:ff:b5:47:84:b6:8a:a9:d1:ae:f1:
         e4:91:22:c9:15:dc:5b:1f:aa:8e:f7:51:b5:4b:35:fa:c5:c0:
         28:7e:1d:81:cf:64:5b:0a:d7:19:6b:27:20:f8:93:17:0b:c8:
         5b:d6:69:f0:b6:d2:d3:2a:6b:95:2e:d3:94:09:37:62:3b:f3:
         4b:05:ef:c1:ca:b7:d6:b7:2c:1c:e6:f5:b6:d6:8b:d5:a6:5d:
         5c:fd:b5:31
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIUTlc3QIfafy2/VylRu/e4pG2ql7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MjNaFw0yMjA5MzAwMDAxMjNaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkMwNDI0NTZGODI0MTQ2MjRF
MzMzN0Q1NUEzMUJDRUY5OEZCOTk0QTA5M0FFNTVFNDNDRTg2MDg1Qjk5M0QzOTgw
NUQyNDdEMUVBRDYxMzJERTZDQjAwRjI2RjhDNkI3MkUyQTUwRjEwQjM1MjkxRkYw
Q0U2QzkwOTFCQzE2ODU4NjhCNzE3QUZGQTc2MjJFMTIyQ0U1OEU5MURERTkxNzhB
QTFBRjIwQThEMDJDQ0NFRjhEOENCRjJCQjJFRDZDNDVFNjQwQ0ZFQjc3RUIzRjJE
OUY4QzY3NjE4MDZBMkQ0QjNGNTUwOUUwRkY4QjAxOUEwNzlBM0QxRjhCRjQ3OTNG
Nzc1MUIzRDg2OUExQTlEM0RBM0ZEOEZENzEzNjkyMUQ3OUQ0RDVCRkVBMDVEMkQ2
NjVGMEFBRjJDRjc1ODBENTY0QTQxN0U0Q0JCRjY0NDNGRkI5MUMzNTRCNkMxNzQx
OTYxMEIwNDQyNTMzM0FCN0RGNEIwQUJDMTJFRTk5MDVEODQwODIzQzQxOUYyQUU0
QUYwMzM1QTVGMEY4MzcxQTgzRjNEOUVBQkZCNjczNjY5NURENTNGQ0VBRjc1QzNB
MjczODBDNjJCOTRBMzIwMEU4NkYzQzlCODYxNEE1NUZBMDc3MkY0NTUxQUIzMzVD
OTFFRTA5QkNFM0ZGQTcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvAQkVvgkFGJOMzfVWjG875j7mUoJOuVeQ86GCFuZPTmAXSR9Hq1h
Mt5ssA8m+Ma3LipQ8Qs1KR/wzmyQkbwWhYaLcXr/p2IuEizljpHd6ReKoa8gqNAs
zO+NjL8rsu1sReZAz+t36z8tn4xnYYBqLUs/VQng/4sBmgeaPR+L9Hk/d1Gz2Gmh
qdPaP9j9cTaSHXnU1b/qBdLWZfCq8s91gNVkpBfky79kQ/+5HDVLbBdBlhCwRCUz
OrffSwq8Eu6ZBdhAgjxBnyrkrwM1pfD4NxqD89nqv7ZzZpXdU/zq91w6JzgMYrlK
MgDobzybhhSlX6B3L0VRqzNcke4JvOP/pwIDAQABo4ICOTCCAjUwHQYDVR0OBBYE
FMHm0zhENiQUuU9o5p1JbkQscF45MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MjM0MzAzNDNhMzgzMDMwMzAzYTYyMzkzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAz
MTM3MzQzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAJASAAAC5MA0GCSqGSIb3DQEBCwUAA4IBAQAx
SFAI6tkcemgdYdq668zBqe8tjXg3qm4WvDh810TeHIy1KZRN6hyr9twfNkX4M5X9
Ib3EBOVMQLU2jqB5BMcGIEcB/yx6gDv00H7I6R06ec9DJwOlnbRKc8DCkysi9VCx
TouB60WGwNtdmytHHGYEuFSDT7i/LhCtrkBSPqt4rWS5i2g2R7cFp4qHOFMvcH7b
93F1H/TrWQr51w2mRc9Net57wtdX2yFLmP+1R4S2iqnRrvHkkSLJFdxbH6qO91G1
SzX6xcAofh2Bz2RbCtcZaycg+JMXC8hb1mnwttLTKmuVLtOUCTdiO/NLBe/ByrfW
tywc5vW21ovVpl1c/bUx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:39 2024 by rpki-client on console-ams.rpki-client.org