Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf86941d5c0186cd7a883142e0/1/3230342e36392e3231372e302f32342d3234203d3e203631333137.roa
File:                     3230342e36392e3231372e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier:          1rOTrf4akz4IFiS6+5dyjAubrCkfPiN0aBnjKXG4EoE=
Subject key identifier:   03:DE:94:D9:23:9C:FD:6D:83:EE:2B:3C:FA:A2:D9:16:7F:F7:10:82
Certificate issuer:       /CN=6f2db144ae1c8ae5b8619a5e09b4d9b5794d37e90612087220
Certificate serial:       04E3F6A81AD6E3BB755C12E54B198A7CD905B934
Authority key identifier: A2:8D:27:33:09:C9:FC:76:55:42:49:54:5D:29:D3:88:06:80:EA:7F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/d96df2c4-2bba-40e2-841d-8c7c0a8dee13/6f2db144ae1c8ae5b8619a5e09b4d9b5794d37e90612087220.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf86941d5c0186cd7a883142e0/1/3230342e36392e3231372e302f32342d3234203d3e203631333137.roa
Signing time:             Fri 17 Mar 2023 09:07:09 +0000
ROA not before:           Fri 17 Mar 2023 09:02:09 +0000
ROA not after:            Fri 15 Mar 2024 09:07:09 +0000
asID:                     61317
IP address blocks:        204.69.217.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:e3:f6:a8:1a:d6:e3:bb:75:5c:12:e5:4b:19:8a:7c:d9:05:b9:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f2db144ae1c8ae5b8619a5e09b4d9b5794d37e90612087220
        Validity
            Not Before: Mar 17 09:02:09 2023 GMT
            Not After : Mar 15 09:07:09 2024 GMT
        Subject: CN=03DE94D9239CFD6D83EE2B3CFAA2D9167FF71082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:a3:05:cc:35:cf:2b:bb:e3:3e:ab:ac:9a:b7:
                    ea:12:c7:86:90:53:34:e7:0d:1d:88:4c:af:ae:59:
                    3b:d8:dd:2e:2a:be:53:9a:be:fb:9d:ef:12:95:c5:
                    5c:80:d2:ea:3a:e2:d0:5b:29:88:fc:2a:6e:2f:24:
                    05:fa:29:38:02:01:3e:34:67:3b:72:1c:8a:f3:af:
                    ad:7a:f3:25:54:af:72:76:e5:c4:c2:c1:e5:67:ad:
                    9f:98:67:3c:96:6e:5f:3b:36:84:57:26:bb:57:6b:
                    a1:a7:85:34:9d:12:72:a5:4d:6f:32:26:78:a7:e3:
                    26:4c:f7:0b:02:c4:31:2d:b4:57:60:b9:0c:77:bc:
                    9e:9b:51:f6:ff:8b:42:06:7f:39:2e:f4:1c:96:8a:
                    89:68:61:3d:ba:07:48:9c:b7:bc:7d:1c:c9:b5:5b:
                    58:78:3d:05:47:9a:d1:1d:41:53:07:9a:34:ae:d9:
                    b6:9b:b5:e8:6c:a4:34:c3:0d:fd:e2:ef:15:fd:71:
                    8f:25:60:91:cc:88:a3:cb:82:47:b2:29:69:2a:5e:
                    aa:0d:38:ab:a3:e8:f8:0e:fa:70:aa:91:73:89:2f:
                    96:4c:9c:48:fa:09:85:ca:7b:c4:98:7f:11:fa:28:
                    f3:88:37:05:4e:d0:15:29:18:7d:3d:7f:96:34:bc:
                    7d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:DE:94:D9:23:9C:FD:6D:83:EE:2B:3C:FA:A2:D9:16:7F:F7:10:82
            X509v3 Authority Key Identifier:
                keyid:A2:8D:27:33:09:C9:FC:76:55:42:49:54:5D:29:D3:88:06:80:EA:7F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf86941d5c0186cd7a883142e0/1/A28D273309C9FC76554249545D29D3880680EA7F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/d96df2c4-2bba-40e2-841d-8c7c0a8dee13/6f2db144ae1c8ae5b8619a5e09b4d9b5794d37e90612087220.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf86941d5c0186cd7a883142e0/1/3230342e36392e3231372e302f32342d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.69.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:c2:3f:40:cf:27:71:03:52:a7:4a:e2:0b:3e:20:71:3c:6c:
         66:58:af:1e:52:c5:29:ff:6f:cc:e9:f5:d1:8c:ee:a5:ec:f8:
         8b:db:a2:ba:cf:c0:dc:67:b5:d1:75:d2:4f:2b:5e:69:69:ce:
         84:7d:b5:85:b1:06:d1:97:5c:de:84:63:ac:a9:eb:f8:c8:02:
         8c:6b:a7:73:01:10:58:83:4a:c6:06:5e:62:38:04:3d:5d:17:
         dd:27:2b:d8:47:5b:08:ae:20:72:75:6d:54:c0:9e:30:f3:2e:
         45:53:a4:fc:c1:40:0e:54:45:ea:a5:d4:a0:61:f3:d4:fc:16:
         94:fd:67:ff:a8:18:72:91:96:fa:6d:f4:99:2b:05:00:b7:c9:
         45:bc:6f:24:92:cf:02:7f:57:60:af:a0:0b:f2:7d:f7:3e:0f:
         04:ab:b5:38:28:0f:a3:b2:c9:96:f5:0a:84:ca:3d:89:4a:35:
         ab:e4:63:c9:97:30:c0:12:84:88:1c:25:5f:e5:48:40:d3:34:
         5d:00:d1:cf:3e:ea:49:57:ea:75:4f:15:28:ba:73:75:2e:b3:
         3a:92:f1:79:05:7e:44:99:f2:c6:0f:d7:34:48:2f:4e:3a:d8:
         cc:70:39:ed:2f:a0:7d:47:30:b5:73:37:52:be:2a:5e:0a:13:
         c0:bc:99:d5
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIUBOP2qBrW47t1XBLlSxmKfNkFuTQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmYyZGIxNDRhZTFjOGFlNWI4NjE5YTVlMDliNGQ5YjU3
OTRkMzdlOTA2MTIwODcyMjAwHhcNMjMwMzE3MDkwMjA5WhcNMjQwMzE1MDkwNzA5
WjAzMTEwLwYDVQQDEygwM0RFOTREOTIzOUNGRDZEODNFRTJCM0NGQUEyRDkxNjdG
RjcxMDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KMFzDXPK7vj
PqusmrfqEseGkFM05w0diEyvrlk72N0uKr5Tmr77ne8SlcVcgNLqOuLQWymI/Cpu
LyQF+ik4AgE+NGc7chyK86+tevMlVK9yduXEwsHlZ62fmGc8lm5fOzaEVya7V2uh
p4U0nRJypU1vMiZ4p+MmTPcLAsQxLbRXYLkMd7yem1H2/4tCBn85LvQcloqJaGE9
ugdInLe8fRzJtVtYeD0FR5rRHUFTB5o0rtm2m7XobKQ0ww394u8V/XGPJWCRzIij
y4JHsilpKl6qDTiro+j4DvpwqpFziS+WTJxI+gmFynvEmH8R+ijziDcFTtAVKRh9
PX+WNLx9gwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFAPelNkjnP1tg+4rPPqi2RZ/
9xCCMB8GA1UdIwQYMBaAFKKNJzMJyfx2VUJJVF0p04gGgOp/MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRmODY5NDFkNWMwMTg2Y2Q3YTg4MzE0MmUwLzEv
QTI4RDI3MzMwOUM5RkM3NjU1NDI0OTU0NUQyOUQzODgwNjgwRUE3Ri5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvYTczNDIwY2ItYjNjYy00YjAzLWJkYTctMWJlMjA0
OTMzYWU1L2Q5NmRmMmM0LTJiYmEtNDBlMi04NDFkLThjN2MwYThkZWUxMy82ZjJk
YjE0NGFlMWM4YWU1Yjg2MTlhNWUwOWI0ZDliNTc5NGQzN2U5MDYxMjA4NzIyMC5j
ZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg2OTQxZDVjMDE4NmNk
N2E4ODMxNDJlMC8xLzMyMzAzNDJlMzYzOTJlMzIzMTM3MmUzMDJmMzIzNDJkMzIz
NDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMxF2TANBgkqhkiG9w0BAQsF
AAOCAQEAY8I/QM8ncQNSp0riCz4gcTxsZlivHlLFKf9vzOn10Yzupez4i9uius/A
3Ge10XXSTyteaWnOhH21hbEG0Zdc3oRjrKnr+MgCjGuncwEQWINKxgZeYjgEPV0X
3Scr2EdbCK4gcnVtVMCeMPMuRVOk/MFADlRF6qXUoGHz1PwWlP1n/6gYcpGW+m30
mSsFALfJRbxvJJLPAn9XYK+gC/J99z4PBKu1OCgPo7LJlvUKhMo9iUo1q+RjyZcw
wBKEiBwlX+VIQNM0XQDRzz7qSVfqdU8VKLpzdS6zOpLxeQV+RJnyxg/XNEgvTjrY
zHA57S+gfUcwtXM3Ur4qXgoTwLyZ1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:44 2024 by rpki-client on console-ams.rpki-client.org