Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/36342e35302e3137312e302f32342d3234203d3e203631313338.roa
File:                     36342e35302e3137312e302f32342d3234203d3e203631313338.roa (raw, json)
Hash identifier:          l3G1CwFv7RyQa+mNP8mu5Srn+LQd8U0fsuKi+XJ+qro=
Subject key identifier:   CA:A6:20:B8:1B:22:90:44:24:99:2E:4A:D4:4F:EC:D9:DF:BA:F4:DA
Certificate issuer:       /CN=44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed
Certificate serial:       560177D0624CCDE13C7957A8FE048A2DB2DB678A
Authority key identifier: 5B:40:D3:73:D6:71:7C:70:4C:48:3C:A0:65:8C:FB:52:57:C4:E9:3C
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/36342e35302e3137312e302f32342d3234203d3e203631313338.roa
Signing time:             Mon 28 Nov 2022 11:22:00 +0000
ROA not before:           Mon 28 Nov 2022 11:17:00 +0000
ROA not after:            Mon 27 Nov 2023 11:22:00 +0000
asID:                     61138
IP address blocks:        64.50.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:01:77:d0:62:4c:cd:e1:3c:79:57:a8:fe:04:8a:2d:b2:db:67:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed
        Validity
            Not Before: Nov 28 11:17:00 2022 GMT
            Not After : Nov 27 11:22:00 2023 GMT
        Subject: CN=CAA620B81B22904424992E4AD44FECD9DFBAF4DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:0f:29:c4:e2:68:69:6f:06:d0:32:25:22:2c:
                    9a:fc:1c:93:a6:32:d3:8c:a2:ba:03:9c:d9:7c:b1:
                    ea:38:23:17:2e:10:84:48:70:63:c8:b7:24:a0:53:
                    d2:ac:59:fe:f9:f0:2e:f9:c1:95:84:72:37:93:7a:
                    1c:f3:b0:a8:86:e5:f7:72:14:1f:7a:de:92:42:19:
                    86:c2:54:1c:2b:95:d2:1f:1b:4e:a5:a0:a3:84:7e:
                    2c:80:3c:21:8a:36:19:ab:7b:9f:da:dc:a4:cf:69:
                    d3:e0:d2:af:d0:f0:a6:1a:b0:c0:e1:f0:cd:91:43:
                    50:a4:e1:90:7f:29:c9:3c:af:b3:41:80:1a:07:73:
                    6a:1a:e5:84:ae:fc:fe:bb:ed:6d:23:83:30:d9:66:
                    8b:a5:e4:4e:c0:9f:e1:0d:bf:2a:e3:55:eb:90:59:
                    47:c0:50:17:97:07:6e:54:de:02:45:15:8e:88:06:
                    50:d0:d3:61:bc:c3:67:68:0c:54:bb:4d:10:be:90:
                    f5:fd:36:58:56:72:4c:ee:e7:e6:a9:5c:61:3f:ec:
                    df:27:67:b4:39:7f:26:e3:81:01:13:3a:03:ec:7b:
                    6a:24:21:7b:ed:a5:6e:b0:79:b0:34:d8:8e:08:42:
                    89:19:84:d9:b8:95:aa:eb:52:41:fe:45:87:a2:76:
                    a7:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:A6:20:B8:1B:22:90:44:24:99:2E:4A:D4:4F:EC:D9:DF:BA:F4:DA
            X509v3 Authority Key Identifier:
                keyid:5B:40:D3:73:D6:71:7C:70:4C:48:3C:A0:65:8C:FB:52:57:C4:E9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/5B40D373D6717C704C483CA0658CFB5257C4E93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/36342e35302e3137312e302f32342d3234203d3e203631313338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.50.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:57:29:cd:35:e0:99:18:95:28:7f:c7:a0:0f:b5:3c:52:8d:
         46:e9:02:6f:c3:48:3a:0f:20:ab:6e:02:f5:ad:05:45:93:99:
         f1:a8:db:a7:bb:07:96:89:24:ba:d3:ce:db:6f:95:44:f1:c6:
         de:a0:18:8c:9f:8c:66:4b:75:0f:90:57:c6:49:84:0b:b8:9d:
         dd:ba:5b:5b:55:0c:62:f3:50:0a:75:99:20:72:e7:3c:26:db:
         71:bf:ba:bd:82:e0:da:43:9f:c5:a6:a9:1c:e4:4b:25:43:38:
         8c:2f:af:e1:6f:d0:12:24:3a:5d:25:8b:24:45:71:a1:c5:72:
         d2:9a:ce:f2:bc:b7:7b:bf:d6:3c:62:d0:18:cb:93:87:dd:9e:
         f1:bb:bc:6c:dc:30:e2:0c:23:26:d7:7d:f9:c8:87:39:58:0f:
         7f:42:63:5d:88:3f:e2:cb:19:36:80:04:19:5a:12:68:dd:9c:
         e6:ca:35:04:be:47:33:e7:85:a2:98:ab:1f:c8:2b:b3:a7:19:
         3b:70:8a:f8:9b:34:52:b0:3a:f7:5f:d8:f0:62:d2:dd:d3:a2:
         da:c9:e4:ef:63:2c:0e:74:87:77:b8:ba:73:f1:01:47:f4:43:
         d9:59:66:da:8f:b2:38:59:3a:c3:07:28:d4:c1:83:a3:7d:18:
         ef:9a:24:91
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIUVgF30GJMzeE8eVeo/gSKLbLbZ4owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNDRkYTVkMTAzMjc3YzkzN2M1M2RjZTMwNWJkOWQ3OWMy
YmE3OTQyNTM1N2JiNTZlZWQwHhcNMjIxMTI4MTExNzAwWhcNMjMxMTI3MTEyMjAw
WjAzMTEwLwYDVQQDEyhDQUE2MjBCODFCMjI5MDQ0MjQ5OTJFNEFENDRGRUNEOURG
QkFGNERBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8A8pxOJoaW8G
0DIlIiya/ByTpjLTjKK6A5zZfLHqOCMXLhCESHBjyLckoFPSrFn++fAu+cGVhHI3
k3oc87CohuX3chQfet6SQhmGwlQcK5XSHxtOpaCjhH4sgDwhijYZq3uf2tykz2nT
4NKv0PCmGrDA4fDNkUNQpOGQfynJPK+zQYAaB3NqGuWErvz+u+1tI4Mw2WaLpeRO
wJ/hDb8q41XrkFlHwFAXlwduVN4CRRWOiAZQ0NNhvMNnaAxUu00QvpD1/TZYVnJM
7ufmqVxhP+zfJ2e0OX8m44EBEzoD7HtqJCF77aVusHmwNNiOCEKJGYTZuJWq61JB
/kWHonanYwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFMqmILgbIpBEJJkuStRP7Nnf
uvTaMB8GA1UdIwQYMBaAFFtA03PWcXxwTEg8oGWM+1JXxOk8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRmODE0M2JmNjIwMTgyMTEzZWVhNDkwZDMzLzEv
NUI0MEQzNzNENjcxN0M3MDRDNDgzQ0EwNjU4Q0ZCNTI1N0M0RTkzQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvZjYwYzlmMzItYTg3Yy00MzM5LWEyZjMtNjI5OWEz
YjAyZTI5LzJiZDBmYWM2LTFhNDYtNDBiNS1iZTY2LTllMGY3YjU0ZGY3Ny80NGRh
NWQxMDMyNzdjOTM3YzUzZGNlMzA1YmQ5ZDc5YzJiYTc5NDI1MzU3YmI1NmVlZC5j
ZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjgxNDNiZjYyMDE4MjEx
M2VlYTQ5MGQzMy8xLzM2MzQyZTM1MzAyZTMxMzczMTJlMzAyZjMyMzQyZDMyMzQy
MDNkM2UyMDM2MzEzMTMzMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABAMqswDQYJKoZIhvcNAQELBQAD
ggEBAIVXKc014JkYlSh/x6APtTxSjUbpAm/DSDoPIKtuAvWtBUWTmfGo26e7B5aJ
JLrTzttvlUTxxt6gGIyfjGZLdQ+QV8ZJhAu4nd26W1tVDGLzUAp1mSBy5zwm23G/
ur2C4NpDn8WmqRzkSyVDOIwvr+Fv0BIkOl0liyRFcaHFctKazvK8t3u/1jxi0BjL
k4fdnvG7vGzcMOIMIybXffnIhzlYD39CY12IP+LLGTaABBlaEmjdnObKNQS+RzPn
haKYqx/IK7OnGTtwivibNFKwOvdf2PBi0t3TotrJ5O9jLA50h3e4unPxAUf0Q9lZ
ZtqPsjhZOsMHKNTBg6N9GO+aJJE=
-----END CERTIFICATE-----