Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135342e302f32342d3234203d3e20383334.roa
File:                     3135372e3235342e3135342e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          ZcmZzNi4L/EsvRyzWuqnyrLtZwVv6vQQhNaes893G5c=
Subject key identifier:   88:B9:6B:49:C5:2E:F8:88:42:43:11:FB:9B:51:F5:EE:AC:19:81:9C
Certificate issuer:       /CN=ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2
Certificate serial:       011089978B277BA0AF31B65F56553F3CDCFF618A
Authority key identifier: D3:F9:CD:28:8A:96:34:B5:39:63:8F:E7:DF:A6:C8:54:27:C3:03:F9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/43b7fbf4-4def-4904-87fd-e598bf9cf2e3/ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135342e302f32342d3234203d3e20383334.roa
Signing time:             Fri 31 Mar 2023 00:00:09 +0000
ROA not before:           Thu 30 Mar 2023 23:55:09 +0000
ROA not after:            Fri 29 Mar 2024 00:00:09 +0000
asID:                     834
IP address blocks:        157.254.154.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:10:89:97:8b:27:7b:a0:af:31:b6:5f:56:55:3f:3c:dc:ff:61:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2
        Validity
            Not Before: Mar 30 23:55:09 2023 GMT
            Not After : Mar 29 00:00:09 2024 GMT
        Subject: CN=88B96B49C52EF888424311FB9B51F5EEAC19819C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7f:dd:bf:ed:ba:85:a9:b1:a6:c3:72:be:c7:
                    08:35:8a:52:63:ac:d1:74:aa:4c:e8:af:2e:5f:48:
                    fa:25:dd:d0:cd:5b:1e:99:93:b7:56:a7:6e:3e:a5:
                    07:96:1a:a0:6a:9d:0f:ed:21:a5:71:35:b0:ff:ce:
                    a7:16:ee:ad:94:ea:28:cf:5a:85:9c:af:da:ed:31:
                    f6:b8:56:a5:78:5b:32:4c:d7:71:76:bc:5e:6e:9e:
                    f7:ed:70:1a:8a:38:77:0a:04:64:98:56:e8:cf:6c:
                    7b:86:98:1d:12:ac:63:b7:d0:78:2b:cc:4b:da:ca:
                    9d:9c:69:72:a7:a2:26:a4:aa:4d:8c:2d:1c:74:7c:
                    73:84:4c:5d:b3:cb:cc:9e:cb:ae:16:38:c1:36:ba:
                    28:dd:49:6f:cb:cf:a4:e6:69:d0:94:f2:d3:ec:7f:
                    2a:63:db:cc:2e:56:fe:a1:e0:b6:5f:08:48:0d:ae:
                    0f:ce:9d:7f:58:5f:31:1a:4d:7f:62:c9:5e:f7:17:
                    99:fe:47:78:4c:06:fc:ca:f8:5e:2b:fe:aa:45:97:
                    78:11:89:4a:91:3b:6c:2f:28:7b:f6:38:d3:ea:1c:
                    80:f8:d1:91:44:60:42:87:be:f9:19:16:67:f2:d1:
                    cc:86:10:37:1d:1d:cf:42:01:40:09:64:5c:cf:f9:
                    23:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:B9:6B:49:C5:2E:F8:88:42:43:11:FB:9B:51:F5:EE:AC:19:81:9C
            X509v3 Authority Key Identifier:
                keyid:D3:F9:CD:28:8A:96:34:B5:39:63:8F:E7:DF:A6:C8:54:27:C3:03:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/D3F9CD288A9634B539638FE7DFA6C85427C303F9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/43b7fbf4-4def-4904-87fd-e598bf9cf2e3/ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135342e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.254.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:d9:d6:e6:6d:b9:d7:db:11:b0:91:27:b7:17:42:d3:98:d9:
         07:49:da:1f:f8:5e:81:28:30:5b:ab:85:11:d0:0f:d3:65:b4:
         63:49:a7:b1:ad:a3:3f:fb:55:d7:2c:16:ff:f9:e9:1a:cb:12:
         f6:ed:63:dc:86:46:bb:17:31:d5:dc:63:3d:89:c7:ad:d1:84:
         c0:50:fd:a6:16:1d:1d:dc:f6:2a:5c:9b:2e:4f:8c:23:38:c6:
         1f:c6:4d:3f:06:cd:ef:e6:91:6f:2f:55:04:69:4e:e3:ea:91:
         1d:37:3b:a6:e3:2b:81:8e:37:70:67:86:b5:1a:9b:57:51:7f:
         aa:6c:cb:e3:18:38:51:81:fd:67:8d:05:54:fa:f8:da:1c:b0:
         ea:45:71:c6:82:e8:84:32:25:27:8a:be:86:18:86:87:cc:2f:
         e9:bb:a1:44:26:2a:82:c4:de:c2:b6:7a:ad:a1:a6:5b:81:5d:
         80:ae:0a:99:46:1d:d4:dd:15:9c:50:3d:80:10:67:de:9a:ba:
         ce:3b:a8:38:28:c2:88:d0:3e:9b:66:f4:12:ce:e1:fb:e3:e9:
         51:00:35:8c:ff:86:f9:ae:4f:40:01:ac:52:78:24:bb:91:0b:
         af:22:e4:1f:cd:e7:ba:e4:9b:10:ab:8e:f5:bd:5d:5f:9c:2d:
         b5:33:6d:3e
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIUARCJl4sne6CvMbZfVlU/PNz/YYowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZWRlNzgxNjJjNzkwZjdhZTA5YzFmNTM0Y2M3YTJjZjQ4
NDcxYTI2M2Q5NGNjZjdmYjIwHhcNMjMwMzMwMjM1NTA5WhcNMjQwMzI5MDAwMDA5
WjAzMTEwLwYDVQQDEyg4OEI5NkI0OUM1MkVGODg4NDI0MzExRkI5QjUxRjVFRUFD
MTk4MTlDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun/dv+26hamx
psNyvscINYpSY6zRdKpM6K8uX0j6Jd3QzVsemZO3VqduPqUHlhqgap0P7SGlcTWw
/86nFu6tlOooz1qFnK/a7TH2uFaleFsyTNdxdrxebp737XAaijh3CgRkmFboz2x7
hpgdEqxjt9B4K8xL2sqdnGlyp6ImpKpNjC0cdHxzhExds8vMnsuuFjjBNroo3Ulv
y8+k5mnQlPLT7H8qY9vMLlb+oeC2XwhIDa4Pzp1/WF8xGk1/Ysle9xeZ/kd4TAb8
yvheK/6qRZd4EYlKkTtsLyh79jjT6hyA+NGRRGBCh775GRZn8tHMhhA3HR3PQgFA
CWRcz/kjnQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFIi5a0nFLviIQkMR+5tR9e6s
GYGcMB8GA1UdIwQYMBaAFNP5zSiKljS1OWOP59+myFQnwwP5MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NjQ5MGY0NDUzYjdiLzAv
RDNGOUNEMjg4QTk2MzRCNTM5NjM4RkU3REZBNkM4NTQyN0MzMDNGOS5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvMDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5
ZWYzMjIzLzQzYjdmYmY0LTRkZWYtNDkwNC04N2ZkLWU1OThiZjljZjJlMy9lZGU3
ODE2MmM3OTBmN2FlMDljMWY1MzRjYzdhMmNmNDg0NzFhMjYzZDk0Y2NmN2ZiMi5j
ZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTY0
OTBmNDQ1M2I3Yi8wLzMxMzUzNzJlMzIzNTM0MmUzMTM1MzQyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACd/powDQYJKoZIhvcNAQELBQAD
ggEBAE/Z1uZtudfbEbCRJ7cXQtOY2QdJ2h/4XoEoMFurhRHQD9NltGNJp7Gtoz/7
VdcsFv/56RrLEvbtY9yGRrsXMdXcYz2Jx63RhMBQ/aYWHR3c9ipcmy5PjCM4xh/G
TT8Gze/mkW8vVQRpTuPqkR03O6bjK4GON3BnhrUam1dRf6psy+MYOFGB/WeNBVT6
+NocsOpFccaC6IQyJSeKvoYYhofML+m7oUQmKoLE3sK2eq2hpluBXYCuCplGHdTd
FZxQPYAQZ96aus47qDgowojQPptm9BLO4fvj6VEANYz/hvmuT0ABrFJ4JLuRC68i
5B/N57rkmxCrjvW9XV+cLbUzbT4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:40 2024 by rpki-client on console-ams.rpki-client.org