Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/3eb07783-c6a5-352a-b7ea-8d4c7a6a08e3.roa
File:                     3eb07783-c6a5-352a-b7ea-8d4c7a6a08e3.roa (raw, json)
Hash identifier:          oRG4cf0rhUZ1RI7rIkambK/MHZWqAOWleEKAQSz51mQ=
Subject key identifier:   81:5B:FF:38:31:C5:FC:6D:A7:FA:01:0C:E3:73:BF:FF:D3:B7:40:88
Certificate issuer:       /CN=b2f0a061-78dd-4d61-988a-266b192d9caa
Certificate serial:       010D0C9F4328583BFDA6A3E97D592606371C7480
Authority key identifier: 65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/3eb07783-c6a5-352a-b7ea-8d4c7a6a08e3.roa
Signing time:             Sat 20 Nov 2021 05:00:00 +0000
ROA not before:           Sat 20 Nov 2021 05:00:00 +0000
ROA not after:            Fri 20 May 2022 04:00:00 +0000
asID:                     394996
IP address blocks:        74.82.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3b:fd:a6:a3:e9:7d:59:26:06:37:1c:74:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2f0a061-78dd-4d61-988a-266b192d9caa
        Validity
            Not Before: Nov 20 05:00:00 2021 GMT
            Not After : May 20 04:00:00 2022 GMT
        Subject: CN=11997f73-e9bb-444a-8d11-e1248e35ebd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:7b:da:23:31:ba:3a:84:3e:9f:9c:58:5c:be:
                    20:79:5a:31:ae:21:a7:02:52:f0:10:68:b6:4f:5c:
                    0f:66:17:3b:97:94:99:6d:76:bd:a2:dc:60:8a:d0:
                    61:23:40:b8:fc:b4:cd:80:b7:f2:a7:0d:97:e2:2e:
                    4e:c1:24:73:08:42:e8:49:ed:7b:7c:9b:17:ac:3e:
                    e8:09:ee:c2:cb:5f:57:be:07:8b:75:ed:c6:50:8d:
                    31:e4:cb:8f:22:f9:e4:96:c5:bf:cf:b7:c8:e7:6b:
                    f0:be:40:5a:b6:44:6b:c9:4d:7b:b4:95:df:44:5b:
                    2a:fa:59:47:04:e6:80:54:96:75:c9:01:c6:90:bd:
                    dc:82:c0:9b:1e:6b:5e:bd:8d:54:a5:f7:80:36:fd:
                    39:b4:d1:d3:96:88:9f:8d:69:a5:c0:96:8e:75:ec:
                    be:4b:4f:51:6c:d0:c0:be:30:f4:c8:06:cb:b9:66:
                    32:ed:6c:8d:97:2f:a9:9d:6d:ab:27:0c:1c:db:ca:
                    e2:31:60:52:91:aa:90:62:3d:a6:24:20:54:88:c9:
                    10:c1:53:9d:e1:4c:43:a1:f3:92:e7:fb:62:8f:3c:
                    1f:97:4d:c6:8f:fe:74:1f:99:95:55:c3:97:7d:a8:
                    3a:b2:d7:54:5c:65:a4:b5:98:54:7b:e4:14:a9:ac:
                    fa:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:5B:FF:38:31:C5:FC:6D:A7:FA:01:0C:E3:73:BF:FF:D3:B7:40:88
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/3eb07783-c6a5-352a-b7ea-8d4c7a6a08e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/b2f0a061-78dd-4d61-988a-266b192d9caa.crl

            X509v3 Authority Key Identifier:
                keyid:65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  74.82.53.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         b2:dd:1b:39:ae:67:a6:db:bc:68:9b:cd:fc:14:bc:10:b4:19:
         14:ee:38:a8:6b:a0:73:b9:03:02:90:c6:a8:3e:0d:eb:0b:37:
         0d:6f:62:6a:dd:da:26:e4:34:8e:0d:79:e0:0b:cb:3d:eb:0f:
         99:82:7f:08:46:42:95:86:2a:05:2e:e6:39:89:d4:2d:42:6e:
         74:25:ed:c5:64:e0:a7:97:97:6c:8d:5a:3e:de:04:ce:48:26:
         59:4c:03:7e:28:78:74:db:72:fa:40:57:f0:4c:2a:a5:86:52:
         a8:42:d4:64:18:f6:74:65:7c:ac:03:09:c2:52:74:8b:4f:6e:
         2a:88:63:f9:fc:e3:10:6f:f5:97:fd:38:79:ad:07:31:84:1d:
         a4:9c:d6:ab:ef:77:21:e4:5b:6e:b5:f6:c6:6d:47:a3:98:0b:
         2c:4b:40:2b:24:2a:d3:dc:29:4b:a5:84:84:e4:46:cd:42:6d:
         34:a2:23:44:45:a2:6b:5c:14:7d:d9:33:86:15:46:3a:79:17:
         49:29:17:d1:40:ca:82:b5:21:13:66:a8:cf:93:27:17:cf:2e:
         94:df:b5:27:f4:01:f4:0e:5a:8f:a3:93:5a:8f:b7:0c:2a:7f:
         ca:e8:a0:58:67:06:d3:02:ed:fd:56:2f:3f:6e:df:17:dc:f6:
         57:d2:85:b7
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWDv9pqPpfVkmBjccdIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjJmMGEwNjEtNzhkZC00ZDYxLTk4OGEtMjY2YjE5MmQ5
Y2FhMB4XDTIxMTEyMDA1MDAwMFoXDTIyMDUyMDA0MDAwMFowLzEtMCsGA1UEAxMk
MTE5OTdmNzMtZTliYi00NDRhLThkMTEtZTEyNDhlMzVlYmQ4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynvaIzG6OoQ+n5xYXL4geVoxriGnAlLwEGi2
T1wPZhc7l5SZbXa9otxgitBhI0C4/LTNgLfypw2X4i5OwSRzCELoSe17fJsXrD7o
Ce7Cy19XvgeLde3GUI0x5MuPIvnklsW/z7fI52vwvkBatkRryU17tJXfRFsq+llH
BOaAVJZ1yQHGkL3cgsCbHmtevY1UpfeANv05tNHTloifjWmlwJaOdey+S09RbNDA
vjD0yAbLuWYy7WyNly+pnW2rJwwc28riMWBSkaqQYj2mJCBUiMkQwVOd4UxDofOS
5/tijzwfl03Gj/50H5mVVcOXfag6stdUXGWktZhUe+QUqaz66QIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIFb/zgxxfxtp/oBDONzv//Tt0CIMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYw
YTA2MS03OGRkLTRkNjEtOTg4YS0yNjZiMTkyZDljYWEvM2ViMDc3ODMtYzZhNS0z
NTJhLWI3ZWEtOGQ0YzdhNmEwOGUzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYjJmMGEwNjEtNzhkZC00ZDYxLTk4
OGEtMjY2YjE5MmQ5Y2FhL2IyZjBhMDYxLTc4ZGQtNGQ2MS05ODhhLTI2NmIxOTJk
OWNhYS5jcmwwHwYDVR0jBBgwFoAUZadChq6v4snj6bkGK8ZGBZyYb88wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYwYTA2MS03OGRkLTRkNjEtOTg4YS0yNjZi
MTkyZDljYWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQASlI1MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBALLdGzmuZ6bbvGibzfwUvBC0GRTuOKhroHO5AwKQxqg+DesLNw1vYmrd
2ibkNI4NeeALyz3rD5mCfwhGQpWGKgUu5jmJ1C1CbnQl7cVk4KeXl2yNWj7eBM5I
JllMA34oeHTbcvpAV/BMKqWGUqhC1GQY9nRlfKwDCcJSdItPbiqIY/n84xBv9Zf9
OHmtBzGEHaSc1qvvdyHkW2619sZtR6OYCyxLQCskKtPcKUulhITkRs1CbTSiI0RF
omtcFH3ZM4YVRjp5F0kpF9FAyoK1IRNmqM+TJxfPLpTftSf0AfQOWo+jk1qPtwwq
f8rooFhnBtMC7f1WLz9u3xfc9lfShbc=
-----END CERTIFICATE-----