Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7/14bb44a0-e0af-367e-80bf-584411efa498.roa
File:                     14bb44a0-e0af-367e-80bf-584411efa498.roa (raw, json)
Hash identifier:          7LssJ1UiPiOaPcsztLcituYRy4Ijobg2wNuNRMZC+ag=
Subject key identifier:   02:F8:8B:F0:10:CB:9C:B6:93:CC:6F:BD:79:B0:17:7B:73:0C:77:E5
Certificate issuer:       /CN=b56f665d-3c28-457f-ab6f-a47444d6d1f7
Certificate serial:       010D0C9F4328584285DED310981EBD717102C500
Authority key identifier: FB:11:63:27:81:CE:E3:9A:28:74:74:C2:28:2C:2E:94:DD:83:08:C4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7/14bb44a0-e0af-367e-80bf-584411efa498.roa
Signing time:             Wed 12 Jul 2023 14:16:44 +0000
ROA not before:           Wed 12 Jul 2023 14:16:44 +0000
ROA not after:            Tue 10 Oct 2023 14:16:44 +0000
asID:                     61317
IP address blocks:        72.14.135.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:42:85:de:d3:10:98:1e:bd:71:71:02:c5:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56f665d-3c28-457f-ab6f-a47444d6d1f7
        Validity
            Not Before: Jul 12 14:16:44 2023 GMT
            Not After : Oct 10 14:16:44 2023 GMT
        Subject: CN=d42aac19-0f52-4faf-b803-86e697d33dbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:12:c8:a5:b6:4f:6a:bd:8a:41:f3:11:24:bd:
                    2c:8e:bc:62:1f:ff:05:53:d5:ca:2d:07:a6:2d:58:
                    f3:b6:96:d4:cd:fc:9e:2b:7e:af:03:28:e7:7b:b6:
                    cf:af:7c:ae:aa:6d:ae:be:c0:67:42:52:4a:30:2d:
                    24:ce:d4:41:d1:4c:29:a2:35:cf:3c:c8:18:6e:c5:
                    fd:fc:02:71:e2:f8:02:69:a6:60:c3:06:d0:65:e1:
                    4b:d6:c6:05:ed:d2:ac:44:51:58:12:df:d4:76:64:
                    e2:29:cb:44:64:8f:08:21:df:a6:26:1b:4b:1e:32:
                    9d:66:a7:8d:81:7c:13:ae:f7:d5:89:23:2b:a4:fa:
                    32:7a:88:ed:70:cb:e0:1e:b6:36:d7:b4:c4:b3:4f:
                    9c:a5:0a:73:55:26:aa:1f:78:b1:b5:2c:12:44:d0:
                    c8:1a:32:7d:23:b7:b8:cc:88:34:6f:1f:9f:22:a5:
                    92:91:7d:ab:35:91:db:e1:94:16:46:8e:76:ac:43:
                    cc:0c:5b:82:58:24:83:f6:c3:01:01:ba:6a:32:46:
                    e8:eb:fc:2a:3f:02:2e:50:e0:1c:fd:5c:49:bf:2b:
                    7d:f7:9f:1c:cc:32:72:f2:22:6c:f8:40:8c:29:dd:
                    ec:4d:d2:da:e0:95:0f:51:cc:75:62:0d:2d:52:93:
                    c9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:F8:8B:F0:10:CB:9C:B6:93:CC:6F:BD:79:B0:17:7B:73:0C:77:E5
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7/14bb44a0-e0af-367e-80bf-584411efa498.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7/b56f665d-3c28-457f-ab6f-a47444d6d1f7.crl

            X509v3 Authority Key Identifier:
                keyid:FB:11:63:27:81:CE:E3:9A:28:74:74:C2:28:2C:2E:94:DD:83:08:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.14.135.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         75:6d:08:5b:23:01:95:53:c4:77:46:7e:9b:17:f4:c8:04:a7:
         81:46:72:f6:7d:2d:03:84:aa:0c:5d:1c:ec:f9:8f:62:11:82:
         40:c2:54:6c:63:57:28:5d:b4:10:63:2a:f9:25:d7:b3:0e:bd:
         29:12:f3:c2:3c:0f:b6:1a:61:1a:7f:04:ff:08:46:ec:ab:5b:
         0e:15:77:fb:04:e1:c5:65:d9:9b:a6:75:00:7f:0a:e1:31:03:
         3a:e2:f9:4f:cf:04:1a:be:84:29:12:19:fb:53:45:5d:6f:bd:
         c4:bf:b1:7a:65:bc:1b:e9:44:b5:31:84:72:14:2f:f7:c0:40:
         0e:b3:16:43:61:03:12:49:51:8c:cb:93:4e:e1:be:1c:f3:37:
         49:7c:3e:12:dc:0e:c6:04:49:0b:95:cf:ac:ad:f3:61:72:2e:
         73:93:25:d3:f7:0f:22:25:88:96:44:9d:b8:73:46:c2:b3:7b:
         3a:11:4e:89:d0:22:35:bc:f2:5f:a6:5a:a6:b3:06:4b:24:eb:
         28:9b:03:c8:ce:ca:36:2c:5d:cc:be:49:14:67:27:1f:d6:8d:
         56:50:4d:11:e2:29:bf:9b:eb:c8:bc:04:dd:a0:a9:ad:fa:44:
         50:30:bc:30:32:e6:33:b2:38:df:cd:2f:c5:6c:ab:3f:e1:5d:
         68:16:f3:22
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEKF3tMQmB69cXECxQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjU2ZjY2NWQtM2MyOC00NTdmLWFiNmYtYTQ3NDQ0ZDZk
MWY3MB4XDTIzMDcxMjE0MTY0NFoXDTIzMTAxMDE0MTY0NFowLzEtMCsGA1UEAxMk
ZDQyYWFjMTktMGY1Mi00ZmFmLWI4MDMtODZlNjk3ZDMzZGJmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxLIpbZPar2KQfMRJL0sjrxiH/8FU9XKLQem
LVjztpbUzfyeK36vAyjne7bPr3yuqm2uvsBnQlJKMC0kztRB0UwpojXPPMgYbsX9
/AJx4vgCaaZgwwbQZeFL1sYF7dKsRFFYEt/UdmTiKctEZI8IId+mJhtLHjKdZqeN
gXwTrvfViSMrpPoyeojtcMvgHrY217TEs0+cpQpzVSaqH3ixtSwSRNDIGjJ9I7e4
zIg0bx+fIqWSkX2rNZHb4ZQWRo52rEPMDFuCWCSD9sMBAbpqMkbo6/wqPwIuUOAc
/VxJvyt9958czDJy8iJs+ECMKd3sTdLa4JUPUcx1Yg0tUpPJxwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAL4i/AQy5y2k8xvvXmwF3tzDHflMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9iNTZm
NjY1ZC0zYzI4LTQ1N2YtYWI2Zi1hNDc0NDRkNmQxZjcvMTRiYjQ0YTAtZTBhZi0z
NjdlLTgwYmYtNTg0NDExZWZhNDk4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3MjcyYy1h
NzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvYjU2ZjY2NWQtM2MyOC00NTdmLWFi
NmYtYTQ3NDQ0ZDZkMWY3L2I1NmY2NjVkLTNjMjgtNDU3Zi1hYjZmLWE0NzQ0NGQ2
ZDFmNy5jcmwwHwYDVR0jBBgwFoAU+xFjJ4HO45oodHTCKCwulN2DCMQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEtNDVi
Zi05NTg2LTkyZGQ0OWVmMzIyMy9iNTZmNjY1ZC0zYzI4LTQ1N2YtYWI2Zi1hNDc0
NDRkNmQxZjcuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQASA6HMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHVtCFsjAZVTxHdGfpsX9MgEp4FGcvZ9LQOEqgxdHOz5j2IRgkDCVGxj
VyhdtBBjKvkl17MOvSkS88I8D7YaYRp/BP8IRuyrWw4Vd/sE4cVl2ZumdQB/CuEx
Azri+U/PBBq+hCkSGftTRV1vvcS/sXplvBvpRLUxhHIUL/fAQA6zFkNhAxJJUYzL
k07hvhzzN0l8PhLcDsYESQuVz6yt82FyLnOTJdP3DyIliJZEnbhzRsKzezoRTonQ
IjW88l+mWqazBksk6yibA8jOyjYsXcy+SRRnJx/WjVZQTRHiKb+b68i8BN2gqa36
RFAwvDAy5jOyON/NL8Vsqz/hXWgW8yI=
-----END CERTIFICATE-----