Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3a41ce8f-26d9-3ec7-b787-54ded8fb7ea0.roa
File:                     3a41ce8f-26d9-3ec7-b787-54ded8fb7ea0.roa (raw, json)
Hash identifier:          sHznTJOzv5e9tBov8FQ9KRTyxEOefGVcdo+ywlB2AI8=
Subject key identifier:   38:CC:31:0C:5C:2F:FA:87:98:45:15:C6:E6:38:35:39:BB:73:AA:84
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858479C1121F0542DEE2367C4C000
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3a41ce8f-26d9-3ec7-b787-54ded8fb7ea0.roa
Signing time:             Mon 21 Oct 2024 01:00:31 +0000
ROA not before:           Mon 21 Oct 2024 01:00:31 +0000
ROA not after:            Sun 19 Jan 2025 02:00:31 +0000
asID:                     834
IP address blocks:        166.0.68.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:9c:11:21:f0:54:2d:ee:23:67:c4:c0:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Oct 21 01:00:31 2024 GMT
            Not After : Jan 19 02:00:31 2025 GMT
        Subject: CN=95603308-b1e2-4bdf-9079-41917601ac05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:12:3d:44:65:d6:37:4c:4c:08:d2:af:a4:1e:
                    8e:12:fb:24:52:ff:00:ca:f9:3b:a8:3e:e5:89:aa:
                    8a:62:2d:a2:1a:d6:41:62:1d:0c:a5:fc:98:e7:cc:
                    40:02:e3:bf:7d:87:d0:03:8f:12:e1:9e:06:ae:87:
                    f1:08:dc:a4:3f:cc:4d:4b:12:3f:91:92:8b:0d:5a:
                    1a:f6:d7:5e:72:77:28:a4:9c:dc:99:b8:dc:65:07:
                    62:e2:a7:0d:0a:d4:5a:4f:f1:e1:f4:3b:af:7f:fb:
                    47:ce:7f:44:d0:35:ae:de:6d:b8:0f:18:76:e9:69:
                    b4:36:89:7c:71:58:9e:78:ed:9c:48:b4:ff:85:81:
                    57:29:a7:45:9b:30:4b:87:17:61:c4:b7:4a:95:0e:
                    a0:19:4f:9e:83:42:f4:fd:41:65:a4:27:d4:b4:d9:
                    71:2d:41:1d:49:28:ce:57:95:46:72:0a:37:69:5a:
                    fb:87:66:19:7f:db:fb:57:61:68:11:10:f9:63:a0:
                    38:c1:80:1f:9b:f8:2b:e7:d6:50:8d:56:6e:fe:83:
                    82:7d:e7:1a:44:dd:75:62:9f:ef:4e:39:34:d1:dc:
                    a9:4b:21:e1:de:9e:1e:5e:88:18:82:ff:65:32:45:
                    33:a8:04:78:42:de:bc:5e:d6:10:e3:b9:93:dc:57:
                    c6:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:CC:31:0C:5C:2F:FA:87:98:45:15:C6:E6:38:35:39:BB:73:AA:84
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3a41ce8f-26d9-3ec7-b787-54ded8fb7ea0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.0.68.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         22:cc:6d:74:95:ac:85:b1:3c:33:96:30:09:9d:a3:c0:19:e1:
         a5:c8:3b:6f:df:7f:00:61:45:91:ff:3e:75:d6:d2:24:5b:e6:
         1a:04:0e:92:60:b2:af:9d:ee:ab:4b:51:a6:34:03:a8:e3:5d:
         b9:cb:23:50:62:40:25:03:97:68:8e:0f:c2:a6:6a:20:8b:6d:
         29:39:f1:0c:01:a9:95:77:6a:c4:0a:47:5e:14:8b:1e:80:c6:
         6e:fe:94:6f:47:c2:96:45:3b:84:00:2e:94:43:f9:37:e6:ea:
         7c:c1:54:f7:ad:bc:38:5a:e1:1d:d0:16:3c:ba:0f:0b:a3:29:
         17:77:ff:5f:6a:bc:ee:00:75:ad:a3:d1:8d:23:43:58:2a:5a:
         d6:f5:49:93:2d:ef:91:d3:e6:d9:1c:81:1b:4f:a8:28:d2:5d:
         7a:29:4b:69:a5:11:cf:03:da:00:bd:85:c1:59:5a:ae:52:05:
         83:70:50:0f:3b:d8:8d:e2:9f:8b:68:ab:bb:c0:b7:cd:e2:bd:
         90:f9:5a:40:08:db:d2:95:da:23:20:ed:4f:1f:bf:7a:b4:b6:
         00:89:64:3e:6a:25:69:75:05:fa:80:57:9d:d3:ff:14:3a:ad:
         e9:10:9f:d3:3a:93:46:25:36:24:86:90:2a:2b:17:97:08:c4:
         5e:65:d0:06
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEecESHwVC3uI2fEwAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MTAyMTAxMDAzMVoXDTI1MDExOTAyMDAzMVowLzEtMCsGA1UEAxMk
OTU2MDMzMDgtYjFlMi00YmRmLTkwNzktNDE5MTc2MDFhYzA1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxI9RGXWN0xMCNKvpB6OEvskUv8Ayvk7qD7l
iaqKYi2iGtZBYh0MpfyY58xAAuO/fYfQA48S4Z4GrofxCNykP8xNSxI/kZKLDVoa
9tdecncopJzcmbjcZQdi4qcNCtRaT/Hh9Duvf/tHzn9E0DWu3m24Dxh26Wm0Nol8
cVieeO2cSLT/hYFXKadFmzBLhxdhxLdKlQ6gGU+eg0L0/UFlpCfUtNlxLUEdSSjO
V5VGcgo3aVr7h2YZf9v7V2FoERD5Y6A4wYAfm/gr59ZQjVZu/oOCfecaRN11Yp/v
Tjk00dypSyHh3p4eXogYgv9lMkUzqAR4Qt68XtYQ47mT3FfG9wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDjMMQxcL/qHmEUVxuY4NTm7c6qEMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvM2E0MWNlOGYtMjZkOS0z
ZWM3LWI3ODctNTRkZWQ4ZmI3ZWEwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgBEMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACLMbXSVrIWxPDOWMAmdo8AZ4aXIO2/ffwBhRZH/PnXW0iRb5hoEDpJg
sq+d7qtLUaY0A6jjXbnLI1BiQCUDl2iOD8KmaiCLbSk58QwBqZV3asQKR14Uix6A
xm7+lG9HwpZFO4QALpRD+Tfm6nzBVPetvDha4R3QFjy6DwujKRd3/19qvO4Ada2j
0Y0jQ1gqWtb1SZMt75HT5tkcgRtPqCjSXXopS2mlEc8D2gC9hcFZWq5SBYNwUA87
2I3in4toq7vAt83ivZD5WkAI29KV2iMg7U8fv3q0tgCJZD5qJWl1BfqAV53T/xQ6
rekQn9M6k0YlNiSGkCorF5cIxF5l0AY=
-----END CERTIFICATE-----
Generated at Thu Mar 27 19:35:34 2025 by rpki-client