Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202988.roa
File:                     AS202988.roa (raw, json)
Hash identifier:          rFxBXIe8roBhkHeS80rIfe5r4wu0DbYmq68syWeoevA=
Subject key identifier:   36:2B:40:03:F3:8D:32:D6:F6:8F:F6:E5:FF:97:1E:5B:47:16:F0:92
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2C6F923149895EEF54D3875BF0C5BCEA09FAB6F3
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202988.roa
Signing time:             Tue 03 Jan 2023 02:07:13 +0000
ROA not before:           Tue 03 Jan 2023 02:02:13 +0000
ROA not after:            Tue 02 Jan 2024 02:07:13 +0000
asID:                     202988
IP address blocks:        2a06:a005:857::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:6f:92:31:49:89:5e:ef:54:d3:87:5b:f0:c5:bc:ea:09:fa:b6:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan  3 02:02:13 2023 GMT
            Not After : Jan  2 02:07:13 2024 GMT
        Subject: CN=362B4003F38D32D6F68FF6E5FF971E5B4716F092
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ff:a5:f5:da:ee:25:0c:c7:eb:8b:a8:a3:5d:
                    b7:16:fd:ba:18:ee:7f:64:d4:e8:ef:38:0c:b4:c1:
                    c4:13:b7:88:03:fb:3f:31:29:60:52:5a:9c:fd:eb:
                    50:42:8f:36:75:a2:83:9b:1e:14:e8:9d:44:fa:de:
                    51:76:76:f3:88:1b:ce:a1:73:7b:72:d2:b7:cd:c0:
                    4e:6b:81:61:95:a0:45:cb:34:7a:4f:17:81:28:35:
                    23:bb:a7:f9:db:d4:d5:c7:e7:48:22:db:cd:f2:da:
                    f6:d9:70:89:bc:a1:3d:19:5c:f3:92:03:a6:1d:ab:
                    11:b8:1b:ff:56:02:c5:e3:7c:3f:71:d8:3f:29:78:
                    1f:d1:8e:d4:6a:f2:f1:74:d7:23:e2:f0:59:29:32:
                    94:4d:09:9e:46:cd:29:b0:1e:f6:4e:89:19:96:47:
                    f8:f6:cf:c6:29:76:aa:cc:3e:f2:46:ea:a9:50:d5:
                    37:6b:e7:e1:51:fd:b4:35:93:3e:c9:66:c6:01:71:
                    f2:6b:7c:0c:9e:75:41:30:17:a5:d6:4f:2d:32:d0:
                    ff:fc:fc:98:82:97:2f:28:66:51:9f:67:80:33:30:
                    9a:66:60:f0:68:5a:27:e8:34:92:31:96:8a:5d:f0:
                    47:47:91:a6:7c:78:e4:7a:68:37:aa:c0:df:cb:a8:
                    40:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:2B:40:03:F3:8D:32:D6:F6:8F:F6:E5:FF:97:1E:5B:47:16:F0:92
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202988.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:857::/48

    Signature Algorithm: sha256WithRSAEncryption
         a8:6c:99:4f:a5:47:e5:d3:d7:66:43:9f:51:da:ae:23:71:2b:
         a0:fc:5a:a6:24:7d:cb:cb:2d:e6:51:37:c5:ee:92:ba:b5:85:
         24:0f:21:76:75:a5:8a:52:65:d5:9f:d7:fd:44:a4:d1:64:4e:
         46:67:dd:e3:44:b6:4f:0c:ba:04:23:75:43:02:74:0b:98:17:
         16:9a:2e:5b:33:cf:ad:22:06:75:64:4b:8d:6c:80:90:fa:dc:
         29:44:fe:e2:76:f6:5a:80:f6:aa:82:9c:43:01:1b:34:4b:91:
         df:ff:23:ec:03:6e:a5:47:6d:00:b2:0a:c0:ac:3e:c0:a6:15:
         6e:c0:e8:f0:1f:4a:08:f1:fc:b6:49:95:cf:04:20:93:02:b4:
         73:8b:9b:f8:67:b7:c4:53:dc:7e:72:9c:b5:be:b2:b9:72:7a:
         d6:79:e8:8a:00:58:4e:af:46:a3:e0:17:20:70:61:0a:19:e1:
         0a:fe:03:e9:25:2e:98:cc:02:f2:fb:0c:f6:f4:25:3a:5a:f1:
         67:2a:ac:1f:a1:26:52:ea:4e:2d:12:73:cf:a1:c0:fd:16:ef:
         1d:c5:ac:cd:1e:e2:9a:74:f3:fa:7c:5a:60:8c:c6:35:ef:13:
         0f:9d:df:36:ed:a4:c9:3b:62:81:1c:88:7b:66:05:ff:c6:1d:
         18:4c:d9:b6
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIULG+SMUmJXu9U04db8MW86gn6tvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzAxMDMwMjAyMTNaFw0yNDAxMDIwMjA3MTNaMDMxMTAvBgNV
BAMTKDM2MkI0MDAzRjM4RDMyRDZGNjhGRjZFNUZGOTcxRTVCNDcxNkYwOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+/6X12u4lDMfri6ijXbcW/boY
7n9k1OjvOAy0wcQTt4gD+z8xKWBSWpz961BCjzZ1ooObHhTonUT63lF2dvOIG86h
c3ty0rfNwE5rgWGVoEXLNHpPF4EoNSO7p/nb1NXH50gi283y2vbZcIm8oT0ZXPOS
A6YdqxG4G/9WAsXjfD9x2D8peB/RjtRq8vF01yPi8FkpMpRNCZ5GzSmwHvZOiRmW
R/j2z8YpdqrMPvJG6qlQ1Tdr5+FR/bQ1kz7JZsYBcfJrfAyedUEwF6XWTy0y0P/8
/JiCly8oZlGfZ4AzMJpmYPBoWifoNJIxlopd8EdHkaZ8eOR6aDeqwN/LqEAlAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUNitAA/ONMtb2j/bl/5ceW0cW8JIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyOTg4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQhXMA0GCSqGSIb3DQEBCwUAA4IBAQCobJlP
pUfl09dmQ59R2q4jcSug/FqmJH3Lyy3mUTfF7pK6tYUkDyF2daWKUmXVn9f9RKTR
ZE5GZ93jRLZPDLoEI3VDAnQLmBcWmi5bM8+tIgZ1ZEuNbICQ+twpRP7idvZagPaq
gpxDARs0S5Hf/yPsA26lR20AsgrArD7AphVuwOjwH0oI8fy2SZXPBCCTArRzi5v4
Z7fEU9x+cpy1vrK5cnrWeeiKAFhOr0aj4BcgcGEKGeEK/gPpJS6YzALy+wz29CU6
WvFnKqwfoSZS6k4tEnPPocD9Fu8dxazNHuKadPP6fFpgjMY17xMPnd827aTJO2KB
HIh7ZgX/xh0YTNm2
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:08 2024 by rpki-client on console-fra.rpki-client.org