Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135382e302f32332d3234203d3e2037303138.roa
File:                     3135372e3235342e3135382e302f32332d3234203d3e2037303138.roa (raw, json)
Hash identifier:          vkxAEHl6GHFG0vSW5yOb+IUlyzN6GX5KN2tokjqRoOY=
Subject key identifier:   2D:07:86:DA:85:02:AD:B6:88:00:CB:FE:EB:B0:46:1B:16:B4:2C:31
Certificate issuer:       /CN=ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2
Certificate serial:       46340145EEE554660144E97D076B9298B16750FD
Authority key identifier: D3:F9:CD:28:8A:96:34:B5:39:63:8F:E7:DF:A6:C8:54:27:C3:03:F9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/43b7fbf4-4def-4904-87fd-e598bf9cf2e3/ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135382e302f32332d3234203d3e2037303138.roa
Signing time:             Tue 28 Feb 2023 13:12:48 +0000
ROA not before:           Tue 28 Feb 2023 13:07:48 +0000
ROA not after:            Tue 27 Feb 2024 13:12:48 +0000
asID:                     7018
IP address blocks:        157.254.158.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:34:01:45:ee:e5:54:66:01:44:e9:7d:07:6b:92:98:b1:67:50:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2
        Validity
            Not Before: Feb 28 13:07:48 2023 GMT
            Not After : Feb 27 13:12:48 2024 GMT
        Subject: CN=2D0786DA8502ADB68800CBFEEBB0461B16B42C31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:90:f0:9e:1d:8f:14:22:eb:d0:64:0b:d4:31:
                    c8:43:6e:2c:5b:4f:70:1b:8f:f9:e2:3e:14:6a:07:
                    a9:f6:f8:e6:f1:09:0c:06:57:f7:b7:f6:c8:63:00:
                    a1:36:44:90:0c:03:b2:d5:97:2c:f7:d8:d6:53:13:
                    b7:08:6c:05:52:95:61:35:8c:46:6e:c9:1e:24:c0:
                    af:cf:61:cd:8e:36:9e:63:f8:28:9d:c4:5c:24:98:
                    1f:a9:55:b4:fa:22:b6:dd:c1:c7:b4:d0:ac:ee:be:
                    99:73:3d:86:4b:4a:a9:67:d6:c4:49:fb:3e:e3:8f:
                    d5:09:df:6a:e9:ad:fc:05:24:31:4a:18:19:e7:b4:
                    fc:75:68:5b:39:51:6d:7d:a8:8e:2a:30:c1:13:75:
                    da:62:ab:43:2b:34:87:07:32:1c:4e:6f:82:d9:90:
                    87:a5:26:02:24:10:39:26:49:02:04:06:ea:f5:e6:
                    84:1f:b7:70:23:53:5b:29:ab:b9:18:e2:68:ef:e9:
                    75:10:89:1a:c9:ec:2e:fb:f7:7d:26:cc:10:31:e4:
                    f5:e6:6a:04:d2:3c:35:11:a9:fa:d1:f2:eb:44:ea:
                    02:d2:7f:2e:bc:a7:92:a1:06:27:76:fc:57:d9:d4:
                    4e:b6:83:ec:7b:8b:b3:a1:12:2c:d0:9d:ef:b1:8a:
                    4c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:07:86:DA:85:02:AD:B6:88:00:CB:FE:EB:B0:46:1B:16:B4:2C:31
            X509v3 Authority Key Identifier:
                keyid:D3:F9:CD:28:8A:96:34:B5:39:63:8F:E7:DF:A6:C8:54:27:C3:03:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/D3F9CD288A9634B539638FE7DFA6C85427C303F9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/43b7fbf4-4def-4904-87fd-e598bf9cf2e3/ede78162c790f7ae09c1f534cc7a2cf48471a263d94ccf7fb2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e01856490f4453b7b/0/3135372e3235342e3135382e302f32332d3234203d3e2037303138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.254.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         14:c2:e8:5b:f3:75:ed:88:93:7a:ae:de:a7:ff:88:d5:a7:61:
         e5:57:86:27:c1:52:45:73:6b:df:3c:0f:2d:46:a9:df:1e:bc:
         9b:79:a1:d8:8d:2d:28:d6:71:0b:eb:7c:ee:62:ab:3b:92:e8:
         70:e6:99:92:82:39:34:11:7b:7c:ba:d8:e1:16:6c:43:6c:c5:
         e9:17:a4:6d:02:bb:8f:aa:68:dc:d9:f7:54:89:45:f8:c4:31:
         bc:b4:c4:1a:f0:ba:b7:30:88:d6:33:ae:84:aa:c8:d4:1b:c2:
         1c:78:71:d2:2c:68:51:5c:19:fd:c7:36:4d:db:35:ad:19:6a:
         59:4c:b4:b8:5d:b1:fa:c6:99:b9:3c:f9:0d:69:8d:f3:ce:49:
         06:6f:bb:90:32:9f:2f:06:f3:ab:ca:bc:cf:3d:7a:ec:1b:a1:
         95:35:c5:dd:cc:66:75:aa:d0:7d:d2:96:55:ad:e7:5e:6d:08:
         ff:80:7a:d8:92:4d:76:c0:98:8c:60:41:66:8d:68:62:da:cf:
         35:7c:37:98:04:59:48:76:39:d8:9e:4c:0a:4d:44:98:d3:e1:
         10:d7:5f:2c:69:89:08:0f:47:2b:05:65:b9:ee:1b:d8:2a:d1:
         10:06:c0:ae:75:df:67:45:c7:2f:fb:e1:a8:7a:32:71:dd:b0:
         bc:1c:2e:48
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIURjQBRe7lVGYBROl9B2uSmLFnUP0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZWRlNzgxNjJjNzkwZjdhZTA5YzFmNTM0Y2M3YTJjZjQ4
NDcxYTI2M2Q5NGNjZjdmYjIwHhcNMjMwMjI4MTMwNzQ4WhcNMjQwMjI3MTMxMjQ4
WjAzMTEwLwYDVQQDEygyRDA3ODZEQTg1MDJBREI2ODgwMENCRkVFQkIwNDYxQjE2
QjQyQzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJDwnh2PFCLr
0GQL1DHIQ24sW09wG4/54j4Uagep9vjm8QkMBlf3t/bIYwChNkSQDAOy1Zcs99jW
UxO3CGwFUpVhNYxGbskeJMCvz2HNjjaeY/goncRcJJgfqVW0+iK23cHHtNCs7r6Z
cz2GS0qpZ9bESfs+44/VCd9q6a38BSQxShgZ57T8dWhbOVFtfaiOKjDBE3XaYqtD
KzSHBzIcTm+C2ZCHpSYCJBA5JkkCBAbq9eaEH7dwI1NbKau5GOJo7+l1EIkayewu
+/d9JswQMeT15moE0jw1Ean60fLrROoC0n8uvKeSoQYndvxX2dROtoPse4uzoRIs
0J3vsYpMzwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFC0HhtqFAq22iADL/uuwRhsW
tCwxMB8GA1UdIwQYMBaAFNP5zSiKljS1OWOP59+myFQnwwP5MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NjQ5MGY0NDUzYjdiLzAv
RDNGOUNEMjg4QTk2MzRCNTM5NjM4RkU3REZBNkM4NTQyN0MzMDNGOS5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvMDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5
ZWYzMjIzLzQzYjdmYmY0LTRkZWYtNDkwNC04N2ZkLWU1OThiZjljZjJlMy9lZGU3
ODE2MmM3OTBmN2FlMDljMWY1MzRjYzdhMmNmNDg0NzFhMjYzZDk0Y2NmN2ZiMi5j
ZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTY0
OTBmNDQ1M2I3Yi8wLzMxMzUzNzJlMzIzNTM0MmUzMTM1MzgyZTMwMmYzMjMzMmQz
MjM0MjAzZDNlMjAzNzMwMzEzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZ3+njANBgkqhkiG9w0BAQsF
AAOCAQEAFMLoW/N17YiTeq7ep/+I1adh5VeGJ8FSRXNr3zwPLUap3x68m3mh2I0t
KNZxC+t87mKrO5LocOaZkoI5NBF7fLrY4RZsQ2zF6RekbQK7j6po3Nn3VIlF+MQx
vLTEGvC6tzCI1jOuhKrI1BvCHHhx0ixoUVwZ/cc2Tds1rRlqWUy0uF2x+saZuTz5
DWmN885JBm+7kDKfLwbzq8q8zz167BuhlTXF3cxmdarQfdKWVa3nXm0I/4B62JJN
dsCYjGBBZo1oYtrPNXw3mARZSHY52J5MCk1EmNPhENdfLGmJCA9HKwVlue4b2CrR
EAbArnXfZ0XHL/vhqHoycd2wvBwuSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:40 2024 by rpki-client on console-ams.rpki-client.org