Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/9543e874-6ee3-36a7-b2e2-578e2e108112.roa
File:                     9543e874-6ee3-36a7-b2e2-578e2e108112.roa (raw, json)
Hash identifier:          jEJCH1G4jH9nKwpRZI22sgBcZXe10wPgCV4bhnxm6cM=
Subject key identifier:   42:A2:73:A1:22:EC:B4:34:F2:D5:EE:CF:94:7D:0B:FE:9B:3A:49:1E
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858420DE0F757B2F935CA0740FCC0
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/9543e874-6ee3-36a7-b2e2-578e2e108112.roa
Signing time:             Tue 30 May 2023 14:44:03 +0000
ROA not before:           Tue 30 May 2023 14:44:03 +0000
ROA not after:            Mon 28 Aug 2023 14:44:03 +0000
asID:                     60721
IP address blocks:        166.1.86.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:42:0d:e0:f7:57:b2:f9:35:ca:07:40:fc:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: May 30 14:44:03 2023 GMT
            Not After : Aug 28 14:44:03 2023 GMT
        Subject: CN=68a41f16-af20-487f-ad85-868984c01dfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:81:46:b6:7a:a8:14:ab:9b:f9:ee:0c:cb:a8:
                    b1:f0:31:5e:7c:a3:7e:d4:e4:a9:81:90:df:95:8e:
                    34:f0:bc:a0:cd:1d:e9:05:9b:be:33:6e:91:a6:0b:
                    18:99:43:ec:b8:5f:e3:2e:e4:35:ff:3f:f5:af:7b:
                    8f:7d:d2:52:7b:e5:33:d8:ac:47:7b:36:f5:d3:c2:
                    74:70:2d:ff:07:e1:8c:73:aa:39:60:d8:d2:6e:33:
                    22:34:30:f5:10:01:c9:d8:03:c3:44:07:1b:bc:ca:
                    b8:e8:62:11:69:e7:42:9d:2e:d0:ad:f8:67:9c:02:
                    30:de:68:66:15:c9:52:fd:d5:05:5d:3b:f8:5b:73:
                    ed:3a:82:40:6f:6b:73:20:4c:09:24:e6:f5:20:02:
                    c7:b4:0a:7a:6b:f5:e0:a8:40:b1:a1:c4:1d:7b:99:
                    6e:4c:72:81:33:90:04:ad:02:88:1a:f1:43:08:f0:
                    2f:ac:40:97:1e:14:f3:7f:33:6e:dd:41:89:8d:ea:
                    d9:28:2b:05:c6:cc:71:e4:cd:c5:bb:d8:83:85:bd:
                    c4:aa:38:12:3f:cf:a3:c7:f0:84:e5:b9:9e:7b:f0:
                    e2:6e:9a:99:c9:32:7d:9a:97:24:c0:23:45:28:1c:
                    12:d8:6a:e7:ec:d2:fb:b1:f0:6c:bc:c1:32:c3:ad:
                    d8:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:A2:73:A1:22:EC:B4:34:F2:D5:EE:CF:94:7D:0B:FE:9B:3A:49:1E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/9543e874-6ee3-36a7-b2e2-578e2e108112.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.1.86.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         0b:47:05:db:92:de:b4:71:e3:3c:fb:3d:7b:d2:ca:d9:1c:df:
         68:66:b7:d7:fd:ca:a5:58:e6:40:d9:fa:11:3b:9f:6b:86:30:
         f7:a9:16:af:00:55:95:5a:d1:af:d3:9b:d2:4c:01:ca:82:a2:
         00:05:0d:41:ea:b1:b1:8a:24:9b:ad:0d:52:cf:a2:7c:77:cd:
         b2:fd:d7:d2:ab:3a:71:81:e3:f2:46:37:0f:92:8a:38:eb:a7:
         e1:40:cc:75:32:54:b4:de:26:89:f6:32:51:2a:89:68:c8:36:
         b6:93:c2:e3:3a:6d:ba:4e:7a:75:ea:0f:88:01:b2:e2:b7:f1:
         63:64:f8:e7:91:ae:27:1a:c2:2a:b1:42:76:6c:d5:70:29:de:
         04:a5:81:22:16:0d:e2:8c:0c:0d:ec:df:6d:7b:fd:6f:df:fe:
         0f:34:7f:36:65:4f:be:c2:19:6c:c5:9e:da:ac:0d:2b:65:a5:
         65:8b:bc:0c:25:91:60:0d:a7:d1:f6:42:c7:18:6c:66:fd:36:
         06:11:62:74:66:3d:87:22:10:40:cd:42:d3:d6:f1:63:23:b7:
         d7:ee:95:d1:e6:78:ad:e7:f1:ad:af:76:81:78:0f:6b:18:b5:
         00:53:cf:5f:d8:5b:6f:87:a7:02:d1:0b:18:88:7c:fc:bd:81:
         31:0a:18:96
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEIN4PdXsvk1ygdA/MAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTIzMDUzMDE0NDQwM1oXDTIzMDgyODE0NDQwM1owLzEtMCsGA1UEAxMk
NjhhNDFmMTYtYWYyMC00ODdmLWFkODUtODY4OTg0YzAxZGZhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoFGtnqoFKub+e4My6ix8DFefKN+1OSpgZDf
lY408LygzR3pBZu+M26RpgsYmUPsuF/jLuQ1/z/1r3uPfdJSe+Uz2KxHezb108J0
cC3/B+GMc6o5YNjSbjMiNDD1EAHJ2APDRAcbvMq46GIRaedCnS7QrfhnnAIw3mhm
FclS/dUFXTv4W3PtOoJAb2tzIEwJJOb1IALHtAp6a/XgqECxocQde5luTHKBM5AE
rQKIGvFDCPAvrECXHhTzfzNu3UGJjerZKCsFxsxx5M3Fu9iDhb3EqjgSP8+jx/CE
5bmee/DibpqZyTJ9mpckwCNFKBwS2Grn7NL7sfBsvMEyw63YoQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFEKic6Ei7LQ08tXuz5R9C/6bOkkeMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvOTU0M2U4NzQtNmVlMy0z
NmE3LWIyZTItNTc4ZTJlMTA4MTEyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgFWMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAAtHBduS3rRx4zz7PXvSytkc32hmt9f9yqVY5kDZ+hE7n2uGMPepFq8A
VZVa0a/Tm9JMAcqCogAFDUHqsbGKJJutDVLPonx3zbL919KrOnGB4/JGNw+Sijjr
p+FAzHUyVLTeJon2MlEqiWjINraTwuM6bbpOenXqD4gBsuK38WNk+OeRricawiqx
QnZs1XAp3gSlgSIWDeKMDA3s3217/W/f/g80fzZlT77CGWzFntqsDStlpWWLvAwl
kWANp9H2QscYbGb9NgYRYnRmPYciEEDNQtPW8WMjt9fuldHmeK3n8a2vdoF4D2sY
tQBTz1/YW2+HpwLRCxiIfPy9gTEKGJY=
-----END CERTIFICATE-----
Generated at Fri Mar 28 12:45:16 2025 by rpki-client