Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS204535.roa
File:                     AS204535.roa (raw, json)
Hash identifier:          VlMF+aFkEPRqx26aSiHjMVCqpPLwQTQmnon9YTKfhRw=
Subject key identifier:   44:D8:A2:A6:65:14:C6:8C:73:EB:9F:DB:F6:89:16:03:C4:7F:94:0F
Certificate issuer:       /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
Certificate serial:       0F1CEE986728B606705DB49AA61AE0AAE36B47AA
Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS204535.roa
Signing time:             Tue 04 Apr 2023 10:14:14 +0000
ROA not before:           Tue 04 Apr 2023 10:09:14 +0000
ROA not after:            Tue 02 Apr 2024 10:14:14 +0000
asID:                     204535
IP address blocks:        206.53.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:1c:ee:98:67:28:b6:06:70:5d:b4:9a:a6:1a:e0:aa:e3:6b:47:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
        Validity
            Not Before: Apr  4 10:09:14 2023 GMT
            Not After : Apr  2 10:14:14 2024 GMT
        Subject: CN=44D8A2A66514C68C73EB9FDBF6891603C47F940F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:73:fe:71:d7:f7:2a:2e:ea:c8:ea:b8:5c:8f:
                    51:c7:5f:aa:1a:33:0f:a4:24:24:1a:c1:17:cd:af:
                    77:17:6b:1c:2c:47:69:69:8f:a6:b7:9d:bc:4a:5a:
                    8c:1d:2c:03:54:c1:84:6a:52:de:da:06:22:0d:28:
                    fd:e4:9f:69:ad:bc:70:60:18:cf:c9:20:a9:4c:91:
                    74:65:31:b0:4d:a8:9f:86:d3:b8:54:57:86:98:f8:
                    e9:ea:09:6e:ce:82:8f:7e:9e:c1:11:89:b6:c7:e4:
                    dc:f9:42:31:e8:d1:aa:65:66:26:b4:1f:3c:3a:d3:
                    fb:bd:8e:dc:45:b7:1f:80:a9:b2:89:a8:9c:fa:0b:
                    a1:bb:56:44:57:98:e3:51:16:42:03:e0:f5:9f:c9:
                    7c:59:c8:3d:05:e5:2c:e7:a8:c4:d8:b8:cb:35:8b:
                    b7:ff:c6:7c:e2:c6:fc:0c:cd:6c:42:d0:8f:94:84:
                    22:78:e6:d4:73:a9:52:78:ee:0e:33:92:e2:c8:61:
                    e8:b9:d9:2e:6e:24:30:8b:b3:9d:e9:d5:c5:74:19:
                    63:f7:de:71:8e:0b:5f:41:04:aa:e9:3f:5e:47:7f:
                    3c:f2:6e:e3:79:f0:cb:da:ac:71:7c:b8:f3:f6:2e:
                    5d:48:7e:e3:08:54:56:58:e0:6e:74:f0:1d:11:b7:
                    11:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:D8:A2:A6:65:14:C6:8C:73:EB:9F:DB:F6:89:16:03:C4:7F:94:0F
            X509v3 Authority Key Identifier:
                keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS204535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.53.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:e3:12:d1:13:0b:03:db:aa:f8:6f:20:62:7f:41:0e:45:6d:
         2e:b4:7f:4d:b2:67:2c:d5:b7:20:07:6c:69:d6:10:15:aa:6d:
         98:2b:b2:6c:b4:42:da:75:31:9e:ca:5b:8f:e4:10:89:3c:0a:
         21:7c:9d:01:6c:11:5d:e3:c2:b0:d8:f0:b1:f7:30:66:33:36:
         ad:c3:32:98:1c:54:f2:ad:6b:78:66:8e:5d:8d:9c:bd:54:7d:
         2b:ae:f2:e2:8b:e1:8a:15:73:8b:44:30:23:6d:54:f6:2b:aa:
         b9:56:11:36:ad:87:ae:6f:96:1a:67:c8:8d:83:49:57:f6:a4:
         56:c7:ed:76:b8:f2:b4:d1:d7:89:c6:0f:2e:9f:58:ec:6c:8f:
         4d:4e:b0:bb:1a:93:31:b0:5a:21:dd:42:91:97:3f:18:3e:30:
         ca:1c:87:66:53:57:ba:25:c5:42:d2:b1:42:26:7e:b1:81:44:
         0a:d6:7e:50:75:1f:96:3b:8a:3c:02:25:36:d5:24:88:7d:67:
         69:78:aa:24:80:6b:1a:c4:be:dd:9b:d3:1d:00:a0:23:8b:78:
         ef:c3:8e:cc:b0:52:5e:f4:a2:08:0b:50:84:d1:70:bc:96:74:
         40:c7:10:74:83:88:6d:91:71:4f:fa:b8:fc:5c:cc:7b:e1:aa:
         0e:41:de:81
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIUDxzumGcotgZwXbSaphrgquNrR6owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw
Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjMwNDA0MTAwOTE0WhcNMjQwNDAyMTAxNDE0
WjAzMTEwLwYDVQQDEyg0NEQ4QTJBNjY1MTRDNjhDNzNFQjlGREJGNjg5MTYwM0M0
N0Y5NDBGMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HP+cdf3Ki7q
yOq4XI9Rx1+qGjMPpCQkGsEXza93F2scLEdpaY+mt528SlqMHSwDVMGEalLe2gYi
DSj95J9prbxwYBjPySCpTJF0ZTGwTaifhtO4VFeGmPjp6gluzoKPfp7BEYm2x+Tc
+UIx6NGqZWYmtB88OtP7vY7cRbcfgKmyiaic+guhu1ZEV5jjURZCA+D1n8l8Wcg9
BeUs56jE2LjLNYu3/8Z84sb8DM1sQtCPlIQieObUc6lSeO4OM5LiyGHoudkubiQw
i7Od6dXFdBlj995xjgtfQQSq6T9eR3888m7jefDL2qxxfLjz9i5dSH7jCFRWWOBu
dPAdEbcRlwIDAQABo4ICfzCCAnswHQYDVR0OBBYEFETYoqZlFMaMc+uf2/aJFgPE
f5QPMB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv
QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi
MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj
MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j
ZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj
YjJiYWMvMC9BUzIwNDUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAM41NTANBgkqhkiG9w0BAQsFAAOC
AQEAv+MS0RMLA9uq+G8gYn9BDkVtLrR/TbJnLNW3IAdsadYQFaptmCuybLRC2nUx
nspbj+QQiTwKIXydAWwRXePCsNjwsfcwZjM2rcMymBxU8q1reGaOXY2cvVR9K67y
4ovhihVzi0QwI21U9iuquVYRNq2Hrm+WGmfIjYNJV/akVsftdrjytNHXicYPLp9Y
7GyPTU6wuxqTMbBaId1CkZc/GD4wyhyHZlNXuiXFQtKxQiZ+sYFECtZ+UHUfljuK
PAIlNtUkiH1naXiqJIBrGsS+3ZvTHQCgI4t478OOzLBSXvSiCAtQhNFwvJZ0QMcQ
dIOIbZFxT/q4/FzMe+GqDkHegQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:04 2024 by rpki-client on console-fra.rpki-client.org