Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/aad066f2-88be-3c85-bcbc-7d2a0e6d9445.roa
File:                     aad066f2-88be-3c85-bcbc-7d2a0e6d9445.roa (raw, json)
Hash identifier:          2OlwEH+400lybNxYKVvf95Q47NtzNRw//fySqDp/XQc=
Subject key identifier:   97:A9:ED:4F:E2:05:37:5B:F4:9E:62:BF:73:DD:36:54:E4:39:EC:87
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858437F951516820DD3DAB96B82C0
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/aad066f2-88be-3c85-bcbc-7d2a0e6d9445.roa
Signing time:             Tue 10 Oct 2023 01:00:14 +0000
ROA not before:           Tue 10 Oct 2023 01:00:14 +0000
ROA not after:            Mon 08 Jan 2024 02:00:14 +0000
asID:                     834
IP address blocks:        166.0.28.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:7f:95:15:16:82:0d:d3:da:b9:6b:82:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Oct 10 01:00:14 2023 GMT
            Not After : Jan  8 02:00:14 2024 GMT
        Subject: CN=fc4503b2-023f-4106-91a9-679081f151a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9e:c1:c1:48:92:be:16:c2:92:ef:1d:ca:22:
                    c5:26:37:6c:44:c5:6f:16:67:05:bb:f8:04:b7:22:
                    68:ae:12:f1:b2:3f:8e:ab:4c:b0:bb:f7:0b:2d:dc:
                    41:69:63:e7:af:d0:23:76:9f:64:3b:ab:78:80:f2:
                    3c:46:99:aa:48:63:18:63:93:94:44:45:01:43:4b:
                    24:1f:41:48:03:a1:f3:e1:87:a6:e2:86:81:45:74:
                    1b:07:ae:e8:b1:c8:2c:03:b1:d3:ab:f1:33:c6:db:
                    2d:5b:28:bd:a9:c6:d0:b3:46:55:84:db:c8:33:13:
                    b0:26:2a:cd:14:bd:ad:92:cf:43:f4:0f:73:4e:5b:
                    82:0b:f3:0d:83:42:ba:db:f3:ce:2c:e2:ed:9a:5b:
                    d0:62:1d:7f:4f:4c:76:b4:61:54:fe:21:3b:0b:cc:
                    1e:1a:c3:59:86:d1:46:8a:43:6f:21:ea:e6:6b:fe:
                    38:fe:6f:9a:ad:19:b8:1e:23:ba:6f:4e:50:32:77:
                    00:04:8e:f7:b8:ac:81:03:e4:2f:24:34:20:cc:b3:
                    fe:f2:7b:f4:41:95:f1:30:70:f9:b8:84:af:a7:e6:
                    45:21:7b:b5:10:52:d5:d0:78:80:7d:cd:df:ff:98:
                    ee:29:ec:7e:08:f1:4c:a4:fe:de:d1:b2:fa:a5:7d:
                    79:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:A9:ED:4F:E2:05:37:5B:F4:9E:62:BF:73:DD:36:54:E4:39:EC:87
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/aad066f2-88be-3c85-bcbc-7d2a0e6d9445.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.0.28.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         2d:4f:ab:9a:0a:16:e8:ea:3d:d6:59:c8:be:af:d8:86:61:a5:
         a6:9c:eb:87:a6:6f:dd:8f:d3:eb:49:73:e4:3f:54:f4:bd:b7:
         63:79:79:47:52:65:6c:7f:8c:ff:e7:65:a7:be:d5:3b:45:e8:
         7e:f4:ca:20:bb:6f:cc:bf:5d:c3:8a:2b:82:57:18:be:cc:0a:
         9b:1c:43:41:10:7a:d0:60:dd:40:01:ba:b2:81:4b:9b:b0:95:
         2b:84:f3:b7:34:5b:6e:74:95:bb:23:da:31:89:a1:37:06:12:
         14:35:ac:96:a4:06:a9:f6:1f:be:7e:88:e5:fb:a7:1f:77:4d:
         db:2f:b6:a2:22:21:2f:59:61:31:c7:06:e3:e0:76:7c:75:bf:
         c2:39:21:53:a9:38:96:fd:46:8b:62:11:31:4a:3f:f6:88:dd:
         05:4d:2b:9d:d2:0f:be:23:91:1a:c2:47:12:65:c9:d7:2d:2d:
         fe:a5:5f:66:d7:2e:0d:06:d1:86:d4:66:2d:b4:6b:09:76:74:
         d3:4d:26:53:6f:21:a8:31:70:24:a1:01:1e:42:5f:fd:27:48:
         c0:24:79:ce:88:d2:89:c6:3c:1b:dd:5c:23:c5:7c:b9:6b:47:
         41:b5:e2:6c:1f:4b:2d:d5:2f:ae:4d:85:b2:70:35:d7:24:da:
         4c:e2:c7:4f
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEN/lRUWgg3T2rlrgsAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTIzMTAxMDAxMDAxNFoXDTI0MDEwODAyMDAxNFowLzEtMCsGA1UEAxMk
ZmM0NTAzYjItMDIzZi00MTA2LTkxYTktNjc5MDgxZjE1MWEyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ7BwUiSvhbCku8dyiLFJjdsRMVvFmcFu/gE
tyJorhLxsj+Oq0ywu/cLLdxBaWPnr9Ajdp9kO6t4gPI8RpmqSGMYY5OUREUBQ0sk
H0FIA6Hz4Yem4oaBRXQbB67oscgsA7HTq/EzxtstWyi9qcbQs0ZVhNvIMxOwJirN
FL2tks9D9A9zTluCC/MNg0K62/POLOLtmlvQYh1/T0x2tGFU/iE7C8weGsNZhtFG
ikNvIerma/44/m+arRm4HiO6b05QMncABI73uKyBA+QvJDQgzLP+8nv0QZXxMHD5
uISvp+ZFIXu1EFLV0HiAfc3f/5juKex+CPFMpP7e0bL6pX152wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJep7U/iBTdb9J5iv3PdNlTkOeyHMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvYWFkMDY2ZjItODhiZS0z
Yzg1LWJjYmMtN2QyYTBlNmQ5NDQ1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgAcMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAC1Pq5oKFujqPdZZyL6v2IZhpaac64emb92P0+tJc+Q/VPS9t2N5eUdS
ZWx/jP/nZae+1TtF6H70yiC7b8y/XcOKK4JXGL7MCpscQ0EQetBg3UABurKBS5uw
lSuE87c0W250lbsj2jGJoTcGEhQ1rJakBqn2H75+iOX7px93TdsvtqIiIS9ZYTHH
BuPgdnx1v8I5IVOpOJb9RotiETFKP/aI3QVNK53SD74jkRrCRxJlydctLf6lX2bX
Lg0G0YbUZi20awl2dNNNJlNvIagxcCShAR5CX/0nSMAkec6I0onGPBvdXCPFfLlr
R0G14mwfSy3VL65NhbJwNdck2kzix08=
-----END CERTIFICATE-----