Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade80f1a80a0181f0f17541667f/1/3231362e3234372e3131312e302f32342d3234203d3e203439393939.roa
File:                     3231362e3234372e3131312e302f32342d3234203d3e203439393939.roa (raw, json)
Hash identifier:          QCPoSfIKBI6/BEovozSKJfhqhsuowBkfdSLWJhryOFY=
Subject key identifier:   F4:D9:04:8C:96:F2:61:D0:DC:59:3A:74:F0:1C:29:1E:FB:1F:E6:61
Certificate issuer:       /CN=718626eab73596f472dfb020a9c0f3b71ad9dd4fef9947e91c
Certificate serial:       70557E2209845DC63BE7A89AA79DD0910CE2AD60
Authority key identifier: 1D:1D:EB:CD:9F:2E:82:12:22:15:3A:C9:EF:50:37:6A:31:59:CB:90
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/f0b1b436-193c-4209-a695-f168f9f2b3b0/718626eab73596f472dfb020a9c0f3b71ad9dd4fef9947e91c.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade80f1a80a0181f0f17541667f/1/3231362e3234372e3131312e302f32342d3234203d3e203439393939.roa
Signing time:             Tue 13 Dec 2022 16:01:25 +0000
ROA not before:           Tue 13 Dec 2022 15:56:25 +0000
ROA not after:            Tue 12 Dec 2023 16:01:25 +0000
asID:                     49999
IP address blocks:        216.247.111.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:55:7e:22:09:84:5d:c6:3b:e7:a8:9a:a7:9d:d0:91:0c:e2:ad:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=718626eab73596f472dfb020a9c0f3b71ad9dd4fef9947e91c
        Validity
            Not Before: Dec 13 15:56:25 2022 GMT
            Not After : Dec 12 16:01:25 2023 GMT
        Subject: CN=F4D9048C96F261D0DC593A74F01C291EFB1FE661
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:08:31:7f:9f:04:7e:4d:8e:20:6e:6d:ff:47:
                    00:7a:6b:36:64:57:33:a5:ee:38:1a:3d:5d:d2:d4:
                    ed:33:3b:d6:a6:38:14:2b:49:da:eb:34:f6:ff:a1:
                    67:b7:24:a7:60:8b:ec:49:b7:2f:91:25:18:92:df:
                    db:b5:b2:95:79:a8:da:04:43:aa:cb:ac:2c:a4:0f:
                    81:4c:d6:ae:5e:e5:37:d4:6a:06:dc:af:76:83:3a:
                    84:ce:50:ed:ee:a9:bc:ac:5f:a9:ee:eb:ce:69:1c:
                    f8:f5:b5:ad:5e:f6:bb:cb:92:a1:ee:bb:7f:23:52:
                    aa:f7:ad:91:aa:3d:93:64:ec:06:4f:64:d8:ad:1d:
                    9e:f5:6e:a1:8a:40:92:ed:5a:7f:dc:f7:af:83:8e:
                    37:0a:25:68:72:af:7d:a8:b1:3d:b5:05:2a:19:01:
                    bd:c3:b6:f8:60:90:58:0a:15:39:4f:0d:c9:c0:ce:
                    cd:ed:71:8e:d8:76:a9:fa:8c:30:72:c7:ad:87:c4:
                    f7:ce:d8:04:d5:93:9f:cd:07:24:d6:68:1f:f2:a1:
                    08:ba:81:c5:e5:a4:e3:64:5d:1c:4c:20:b4:df:e4:
                    8b:42:f4:59:74:8a:2e:80:38:cf:f5:d7:cd:63:45:
                    9e:2a:f3:52:78:e7:d2:2e:09:98:04:6f:22:dd:1f:
                    a9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:D9:04:8C:96:F2:61:D0:DC:59:3A:74:F0:1C:29:1E:FB:1F:E6:61
            X509v3 Authority Key Identifier:
                keyid:1D:1D:EB:CD:9F:2E:82:12:22:15:3A:C9:EF:50:37:6A:31:59:CB:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade80f1a80a0181f0f17541667f/1/1D1DEBCD9F2E821222153AC9EF50376A3159CB90.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/f0b1b436-193c-4209-a695-f168f9f2b3b0/718626eab73596f472dfb020a9c0f3b71ad9dd4fef9947e91c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade80f1a80a0181f0f17541667f/1/3231362e3234372e3131312e302f32342d3234203d3e203439393939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.247.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:17:28:29:dd:01:aa:3d:70:26:54:4c:6e:1f:1a:7d:b1:19:
         5b:33:8e:60:34:14:56:c0:3d:1d:16:4b:64:8d:ad:85:f7:81:
         0d:8d:82:3f:08:3d:a2:19:f4:83:8c:ff:fc:18:c3:70:57:57:
         00:61:c8:cf:94:f5:22:86:72:28:a9:dc:de:49:f5:26:23:87:
         07:ac:81:d3:b5:7d:67:ee:2d:4c:12:03:ff:82:3f:73:24:c4:
         fa:0a:d8:26:9e:99:b1:96:5f:a6:4d:f5:d6:9d:1e:65:d1:90:
         1d:99:b9:d9:72:ad:13:43:40:e9:a4:fa:36:30:5b:72:b9:3f:
         30:85:08:84:c0:0d:a1:fc:ae:c1:c7:d4:91:f8:82:30:12:81:
         94:92:cc:b3:07:c4:35:c5:65:69:f3:52:7c:bd:a3:fa:b6:e2:
         8f:7e:07:39:07:ab:5d:e3:6a:85:43:ab:59:4c:d5:6b:06:79:
         4f:3b:ca:a8:32:1c:0a:65:06:cd:cc:1f:d4:b1:12:8e:a9:be:
         06:3d:de:21:e5:6b:75:ef:3d:4c:18:43:8f:97:c9:65:a3:07:
         66:91:db:8e:0a:19:aa:8b:d2:2a:55:ad:db:9f:03:cb:5e:8a:
         be:14:2d:f6:10:e3:5d:c0:e4:17:44:27:cd:41:85:08:ea:fd:
         43:d0:84:c9
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIUcFV+IgmEXcY756iap53QkQzirWAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzE4NjI2ZWFiNzM1OTZmNDcyZGZiMDIwYTljMGYzYjcx
YWQ5ZGQ0ZmVmOTk0N2U5MWMwHhcNMjIxMjEzMTU1NjI1WhcNMjMxMjEyMTYwMTI1
WjAzMTEwLwYDVQQDEyhGNEQ5MDQ4Qzk2RjI2MUQwREM1OTNBNzRGMDFDMjkxRUZC
MUZFNjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAgxf58Efk2O
IG5t/0cAems2ZFczpe44Gj1d0tTtMzvWpjgUK0na6zT2/6FntySnYIvsSbcvkSUY
kt/btbKVeajaBEOqy6wspA+BTNauXuU31GoG3K92gzqEzlDt7qm8rF+p7uvOaRz4
9bWtXva7y5Kh7rt/I1Kq962Rqj2TZOwGT2TYrR2e9W6hikCS7Vp/3Pevg443CiVo
cq99qLE9tQUqGQG9w7b4YJBYChU5Tw3JwM7N7XGO2Hap+owwcseth8T3ztgE1ZOf
zQck1mgf8qEIuoHF5aTjZF0cTCC03+SLQvRZdIougDjP9dfNY0WeKvNSeOfSLgmY
BG8i3R+p0QIDAQABo4ICtDCCArAwHQYDVR0OBBYEFPTZBIyW8mHQ3Fk6dPAcKR77
H+ZhMB8GA1UdIwQYMBaAFB0d682fLoISIhU6ye9QN2oxWcuQMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODBmMWE4MGEwMTgxZjBmMTc1NDE2NjdmLzEv
MUQxREVCQ0Q5RjJFODIxMjIyMTUzQUM5RUY1MDM3NkEzMTU5Q0I5MC5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi
MGI4NDE1L2YwYjFiNDM2LTE5M2MtNDIwOS1hNjk1LWYxNjhmOWYyYjNiMC83MTg2
MjZlYWI3MzU5NmY0NzJkZmIwMjBhOWMwZjNiNzFhZDlkZDRmZWY5OTQ3ZTkxYy5j
ZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgwZjFhODBhMDE4MWYw
ZjE3NTQxNjY3Zi8xLzMyMzEzNjJlMzIzNDM3MmUzMTMxMzEyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzNDM5MzkzOTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2PdvMA0GCSqGSIb3DQEB
CwUAA4IBAQC0Fygp3QGqPXAmVExuHxp9sRlbM45gNBRWwD0dFktkja2F94ENjYI/
CD2iGfSDjP/8GMNwV1cAYcjPlPUihnIoqdzeSfUmI4cHrIHTtX1n7i1MEgP/gj9z
JMT6Ctgmnpmxll+mTfXWnR5l0ZAdmbnZcq0TQ0DppPo2MFtyuT8whQiEwA2h/K7B
x9SR+IIwEoGUksyzB8Q1xWVp81J8vaP6tuKPfgc5B6td42qFQ6tZTNVrBnlPO8qo
MhwKZQbNzB/UsRKOqb4GPd4h5Wt17z1MGEOPl8llowdmkduOChmqi9IqVa3bnwPL
Xoq+FC32EONdwOQXRCfNQYUI6v1D0ITJ
-----END CERTIFICATE-----