Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135362e302f32342d3234203d3e203139343337.roa
File:                     3135372e3235342e3135362e302f32342d3234203d3e203139343337.roa (raw, json)
Hash identifier:          ELr43jCILu1+TzB7T22ss+o/JkysPTsIWFQaRc+Oc18=
Subject key identifier:   58:FA:C5:5C:0E:09:A5:C4:2E:F3:85:24:9E:32:FF:8A:B5:93:D0:73
Certificate issuer:       /CN=ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2
Certificate serial:       3BAF200A0CE549DA4FDA78C76527F25C74F7CEE1
Authority key identifier: D3:F9:CD:28:8A:96:34:B5:39:63:8F:E7:DF:A6:C8:54:27:C3:03:F9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/43b7fbf4-4def-4904-87fd-e598bf9cf2e3/ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135362e302f32342d3234203d3e203139343337.roa
Signing time:             Fri 05 May 2023 17:03:50 +0000
ROA not before:           Fri 05 May 2023 16:58:50 +0000
ROA not after:            Fri 03 May 2024 17:03:50 +0000
asID:                     19437
IP address blocks:        157.254.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:af:20:0a:0c:e5:49:da:4f:da:78:c7:65:27:f2:5c:74:f7:ce:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2
        Validity
            Not Before: May  5 16:58:50 2023 GMT
            Not After : May  3 17:03:50 2024 GMT
        Subject: CN=58FAC55C0E09A5C42EF385249E32FF8AB593D073
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1a:fd:e4:b3:4a:11:a0:2d:c2:a9:74:8a:b7:
                    cc:55:26:ee:27:54:ce:20:ad:64:6d:a3:c2:2b:75:
                    30:5a:9a:3f:66:e9:61:88:22:e1:8d:e6:4d:ea:7a:
                    b0:24:bd:58:63:e3:4a:43:7a:21:28:99:7e:20:34:
                    75:0f:d0:8e:ee:bd:24:d0:20:6e:fa:be:00:28:ce:
                    a8:c2:70:26:92:be:04:97:0a:08:5b:a0:2f:2d:19:
                    99:df:48:d6:3f:fb:37:fb:43:28:77:10:6a:05:45:
                    a1:7e:3d:40:ab:6f:4f:41:6f:87:0a:47:63:ed:c1:
                    60:b7:89:20:60:23:69:ea:66:98:25:fd:71:23:de:
                    91:26:d3:b7:43:83:27:45:fb:9f:47:b9:79:99:9f:
                    a8:c6:3d:f2:c7:13:e0:83:49:c5:78:b0:11:c6:87:
                    e9:da:3d:53:67:11:b0:c6:18:55:fd:35:34:71:d5:
                    d8:12:a7:23:c8:3b:ae:0d:bb:f1:a4:4c:20:35:30:
                    19:c7:8a:cd:82:e9:73:7c:08:39:ae:6b:e6:bc:f2:
                    05:ce:fb:91:14:9a:59:b6:98:60:f2:4a:a0:8d:f1:
                    79:7f:4e:c2:b0:88:ce:cc:3c:f9:ea:92:9a:72:a3:
                    51:8b:f4:17:a8:1a:b7:68:7a:b9:99:09:b0:2e:74:
                    a8:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:FA:C5:5C:0E:09:A5:C4:2E:F3:85:24:9E:32:FF:8A:B5:93:D0:73
            X509v3 Authority Key Identifier:
                keyid:D3:F9:CD:28:8A:96:34:B5:39:63:8F:E7:DF:A6:C8:54:27:C3:03:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/D3F9CD288A9634B539638FE7DFA6C85427C303F9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/43b7fbf4-4def-4904-87fd-e598bf9cf2e3/ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135362e302f32342d3234203d3e203139343337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.254.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:3f:3e:28:95:e6:e7:33:b2:3f:c7:58:09:8a:07:2f:30:36:
         ea:15:41:89:26:ca:26:11:cc:b0:37:2f:1a:f2:f8:07:43:c9:
         25:fc:8f:cd:a5:01:03:43:b2:ac:4c:7b:b3:51:08:95:da:34:
         3a:95:13:cd:3e:ac:05:71:87:72:37:2c:fa:3e:87:14:68:36:
         a0:2a:cc:fe:b1:a9:32:98:10:d8:87:7b:b8:35:15:2f:6d:86:
         11:0c:c0:4f:ce:66:ab:b6:2e:ec:25:5b:b6:ad:18:b3:ca:4b:
         33:9b:dc:c3:26:f7:77:23:61:cc:8b:32:ab:e5:b8:5d:b2:3e:
         d9:89:1f:9b:ed:61:33:6c:f4:6d:f4:19:15:60:25:e1:c1:66:
         28:29:c4:4b:6b:b9:19:1b:bd:15:61:e3:9a:9c:e5:b5:e1:63:
         d8:e5:aa:11:8f:e4:8f:af:b6:3a:99:64:75:9a:d6:94:cd:c5:
         00:59:2c:f9:d9:71:32:1b:f5:41:6a:e7:7a:3f:22:4d:ac:4c:
         91:e2:c9:49:8f:cf:be:4d:b7:07:06:fa:44:1c:dc:21:68:de:
         8b:18:e6:e5:bc:7b:45:a2:66:4f:6f:5f:1d:cb:a6:e7:cd:9a:
         fc:55:5d:91:7e:27:db:d3:d0:00:e9:5c:33:39:c8:fc:8d:83:
         cb:48:df:dc
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIUO68gCgzlSdpP2njHZSfyXHT3zuEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZWRlNzgxNjJjNzkwZjdhZTA5YzFmNTM0Y2M3YTJjZjQ4
NDcxYTI2M2Q5NGNjZjdmYjIwHhcNMjMwNTA1MTY1ODUwWhcNMjQwNTAzMTcwMzUw
WjAzMTEwLwYDVQQDEyg1OEZBQzU1QzBFMDlBNUM0MkVGMzg1MjQ5RTMyRkY4QUI1
OTNEMDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRr95LNKEaAt
wql0irfMVSbuJ1TOIK1kbaPCK3UwWpo/ZulhiCLhjeZN6nqwJL1YY+NKQ3ohKJl+
IDR1D9CO7r0k0CBu+r4AKM6ownAmkr4ElwoIW6AvLRmZ30jWP/s3+0ModxBqBUWh
fj1Aq29PQW+HCkdj7cFgt4kgYCNp6maYJf1xI96RJtO3Q4MnRfufR7l5mZ+oxj3y
xxPgg0nFeLARxofp2j1TZxGwxhhV/TU0cdXYEqcjyDuuDbvxpEwgNTAZx4rNgulz
fAg5rmvmvPIFzvuRFJpZtphg8kqgjfF5f07CsIjOzDz56pKacqNRi/QXqBq3aHq5
mQmwLnSoCQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFFj6xVwOCaXELvOFJJ4y/4q1
k9BzMB8GA1UdIwQYMBaAFNP5zSiKljS1OWOP59+myFQnwwP5MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NjQ5MGY0NDUzYjdiLzAv
RDNGOUNEMjg4QTk2MzRCNTM5NjM4RkU3REZBNkM4NTQyN0MzMDNGOS5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvMDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5
ZWYzMjIzLzQzYjdmYmY0LTRkZWYtNDkwNC04N2ZkLWU1OThiZjljZjJlMy9lZGU3
ODE2MmM3OTBmN2FlMDljMWY1MzRjYzdhMmNmNDg0NzFhMjYzZDk0Y2NmN2ZiMi5j
ZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTY0
OTBmNDQ1M2I3Yi8wLzMxMzUzNzJlMzIzNTM0MmUzMTM1MzYyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzMTM5MzQzMzM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnf6cMA0GCSqGSIb3DQEB
CwUAA4IBAQAUPz4olebnM7I/x1gJigcvMDbqFUGJJsomEcywNy8a8vgHQ8kl/I/N
pQEDQ7KsTHuzUQiV2jQ6lRPNPqwFcYdyNyz6PocUaDagKsz+sakymBDYh3u4NRUv
bYYRDMBPzmarti7sJVu2rRizykszm9zDJvd3I2HMizKr5bhdsj7ZiR+b7WEzbPRt
9BkVYCXhwWYoKcRLa7kZG70VYeOanOW14WPY5aoRj+SPr7Y6mWR1mtaUzcUAWSz5
2XEyG/VBaud6PyJNrEyR4slJj8++TbcHBvpEHNwhaN6LGOblvHtFomZPb18dy6bn
zZr8VV2Rfifb09AA6VwzOcj8jYPLSN/c
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:08 2024 by rpki-client on console-fra.rpki-client.org