Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400818.roa
File:                     AS400818.roa (raw, json)
Hash identifier:          KEL4X+JLv3UmpXuqbDeG/3zZk3o1lW5eySnNInLc2p0=
Subject key identifier:   AC:E9:8E:01:BF:BA:A0:6E:B3:91:C3:DD:47:A2:3D:A7:8A:9F:70:FD
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5C8AEB3FDC8BB187B056B48AFC71E49EFBAD586A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400818.roa
Signing time:             Sat 28 Jan 2023 00:07:10 +0000
ROA not before:           Sat 28 Jan 2023 00:02:10 +0000
ROA not after:            Sat 27 Jan 2024 00:07:10 +0000
asID:                     400818
IP address blocks:        2a06:a005:26c2::/47 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:8a:eb:3f:dc:8b:b1:87:b0:56:b4:8a:fc:71:e4:9e:fb:ad:58:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 28 00:02:10 2023 GMT
            Not After : Jan 27 00:07:10 2024 GMT
        Subject: CN=ACE98E01BFBAA06EB391C3DD47A23DA78A9F70FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b8:34:f4:ea:cd:19:55:57:9b:8a:f7:b8:88:
                    80:58:4c:40:f0:b1:b1:1f:fe:33:8f:fc:cf:85:94:
                    f6:42:ac:a5:d6:d8:ff:a8:b1:02:03:e7:f6:4b:21:
                    10:78:25:0d:43:af:bf:f4:a9:32:61:d5:3e:94:00:
                    59:3d:6e:eb:89:c3:97:a3:80:a3:c8:ca:3a:36:6a:
                    23:d6:8e:76:54:15:4f:4a:4a:b0:db:42:18:b0:43:
                    88:7a:7e:e8:4f:4a:72:a0:cf:fd:6d:34:0f:e6:08:
                    90:04:75:80:5c:36:8e:da:a2:01:0a:65:db:15:29:
                    65:e1:1f:54:d2:03:b9:95:56:94:07:0b:7b:dc:60:
                    eb:ec:e8:22:a8:17:bb:ee:88:11:d2:22:77:1f:4d:
                    e8:d3:1f:06:a2:07:6b:ec:6d:4e:4d:67:9f:2c:c4:
                    c0:cb:8d:16:2f:3d:c3:21:02:dd:0e:e2:1f:23:b8:
                    04:92:27:c4:dd:17:64:0d:d0:a1:04:6c:22:60:68:
                    e4:58:61:36:58:30:24:01:f0:16:04:e9:53:21:78:
                    06:ff:0b:47:0b:5f:9a:eb:b9:1d:c7:e4:02:f1:86:
                    fb:4a:16:75:62:ee:bb:69:9d:e1:01:2a:34:ea:23:
                    c2:82:b6:9e:4e:a6:d7:96:78:87:8e:f7:f8:1b:ae:
                    04:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:E9:8E:01:BF:BA:A0:6E:B3:91:C3:DD:47:A2:3D:A7:8A:9F:70:FD
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400818.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:26c2::/47

    Signature Algorithm: sha256WithRSAEncryption
         04:6e:ee:df:97:84:22:47:49:55:51:bb:7f:6c:90:26:82:b8:
         1c:ca:9a:76:32:ae:a1:47:69:f1:59:ab:1f:96:6b:5b:3f:d5:
         b4:5f:95:64:20:fe:53:3e:6a:aa:eb:0c:ce:42:8d:3d:5e:f5:
         ec:32:ab:4a:f5:11:65:9f:dd:c4:0d:04:2d:21:df:16:81:ed:
         3f:d2:04:95:bc:22:5f:0e:46:b8:74:17:e0:36:dd:3d:9a:ae:
         5b:35:0d:19:bb:43:20:9d:b8:16:4a:de:d4:37:75:b2:60:2e:
         dc:8e:cf:e0:7c:38:54:1e:ad:1d:76:6d:dc:d6:2c:bb:c8:bf:
         d2:69:7c:0a:2d:81:a8:78:5f:28:3c:08:f6:0d:b9:06:38:86:
         3f:fb:e6:aa:a0:b4:b3:d6:8d:e0:01:fd:7a:a6:08:0d:38:80:
         b9:99:48:66:d7:90:8a:26:5d:3b:c5:ca:e1:6b:d4:bd:73:bd:
         c9:c6:1f:84:12:47:11:18:6f:dc:e7:6c:6a:15:4b:72:3c:2a:
         d8:98:f7:25:d5:4d:b0:c5:b6:16:b5:15:c9:2a:d4:4b:d4:0d:
         d3:f2:5d:d1:29:81:04:43:39:64:c8:4c:8d:ad:4f:78:b2:55:
         62:37:00:0c:15:9f:f9:8b:22:33:60:d3:53:d5:08:3c:7a:bc:
         bc:ec:ad:fe
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUXIrrP9yLsYewVrSK/HHknvutWGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzAxMjgwMDAyMTBaFw0yNDAxMjcwMDA3MTBaMDMxMTAvBgNV
BAMTKEFDRTk4RTAxQkZCQUEwNkVCMzkxQzNERDQ3QTIzREE3OEE5RjcwRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpuDT06s0ZVVebive4iIBYTEDw
sbEf/jOP/M+FlPZCrKXW2P+osQID5/ZLIRB4JQ1Dr7/0qTJh1T6UAFk9buuJw5ej
gKPIyjo2aiPWjnZUFU9KSrDbQhiwQ4h6fuhPSnKgz/1tNA/mCJAEdYBcNo7aogEK
ZdsVKWXhH1TSA7mVVpQHC3vcYOvs6CKoF7vuiBHSIncfTejTHwaiB2vsbU5NZ58s
xMDLjRYvPcMhAt0O4h8juASSJ8TdF2QN0KEEbCJgaORYYTZYMCQB8BYE6VMheAb/
C0cLX5rruR3H5ALxhvtKFnVi7rtpneEBKjTqI8KCtp5OpteWeIeO9/gbrgRZAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUrOmOAb+6oG6zkcPdR6I9p4qfcP0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDAwODE4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcBKgagBSbCMA0GCSqGSIb3DQEBCwUAA4IBAQAEbu7f
l4QiR0lVUbt/bJAmgrgcypp2Mq6hR2nxWasflmtbP9W0X5VkIP5TPmqq6wzOQo09
XvXsMqtK9RFln93EDQQtId8Wge0/0gSVvCJfDka4dBfgNt09mq5bNQ0Zu0MgnbgW
St7UN3WyYC7cjs/gfDhUHq0ddm3c1iy7yL/SaXwKLYGoeF8oPAj2DbkGOIY/++aq
oLSz1o3gAf16pggNOIC5mUhm15CKJl07xcrha9S9c73Jxh+EEkcRGG/c52xqFUty
PCrYmPcl1U2wxbYWtRXJKtRL1A3T8l3RKYEEQzlkyEyNrU94slViNwAMFZ/5iyIz
YNNT1Qg8ery87K3+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:41 2024 by rpki-client on console-ams.rpki-client.org