Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/d38dbd63-88f8-3ad8-abf1-1f14cb1d439e.roa
File:                     d38dbd63-88f8-3ad8-abf1-1f14cb1d439e.roa (raw, json)
Hash identifier:          FdFmtVdZE8gX6lU8OULzaXxPM8l6gB8sz5BCXqw4shU=
Subject key identifier:   A7:CB:9A:E6:E6:C0:3B:BE:45:A3:9D:60:09:E6:A0:3F:D4:AB:39:F0
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858479C11213AB1C7E9BB3E40CC20
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/d38dbd63-88f8-3ad8-abf1-1f14cb1d439e.roa
Signing time:             Mon 21 Oct 2024 01:00:31 +0000
ROA not before:           Mon 21 Oct 2024 01:00:31 +0000
ROA not after:            Sun 19 Jan 2025 02:00:31 +0000
asID:                     834
IP address blocks:        166.0.85.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:9c:11:21:3a:b1:c7:e9:bb:3e:40:cc:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Oct 21 01:00:31 2024 GMT
            Not After : Jan 19 02:00:31 2025 GMT
        Subject: CN=1469b8ab-44e6-4c37-a924-5b86e16ab173
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:86:f8:77:0e:81:a5:04:af:14:75:f6:17:13:
                    1c:bf:c0:f9:83:48:f3:30:15:82:18:6a:32:d0:73:
                    bb:46:32:68:5c:fb:ce:b1:a7:14:92:e9:08:2d:60:
                    c5:44:b1:31:3a:3e:8f:7b:20:af:0a:f0:3b:6b:9e:
                    f0:c6:41:32:52:00:2d:d1:50:47:25:69:79:d3:f3:
                    55:13:e9:b5:56:49:83:06:5c:3a:41:c1:bb:a4:06:
                    6a:48:95:e3:dd:0e:33:1e:5a:1c:6b:01:14:df:2d:
                    85:33:30:9f:5d:24:89:dc:7d:d3:e5:9c:e9:96:9b:
                    7a:45:31:66:2c:74:ff:be:2c:a7:4e:ba:f4:ba:48:
                    f1:1b:68:8f:24:00:98:0b:21:2b:fc:3f:39:de:31:
                    93:15:86:25:c0:0f:3e:86:65:99:9c:5b:ff:97:cc:
                    d9:45:ef:09:53:30:14:82:99:48:52:50:c1:9e:7b:
                    b9:d6:4d:47:35:93:8d:e9:fd:21:0e:ad:a9:bb:72:
                    d8:70:bd:3e:16:55:df:82:e1:fb:81:af:04:15:40:
                    c1:ba:b6:a3:db:5a:93:c1:77:6d:b9:6e:f6:e6:14:
                    d5:a0:e0:14:27:8a:6a:4e:48:5c:0f:f3:60:64:c7:
                    34:b3:f5:e4:23:ec:8a:0e:71:2c:e9:9f:14:1a:40:
                    c7:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:CB:9A:E6:E6:C0:3B:BE:45:A3:9D:60:09:E6:A0:3F:D4:AB:39:F0
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/d38dbd63-88f8-3ad8-abf1-1f14cb1d439e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.0.85.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         ad:bd:01:9a:14:6f:d9:20:6c:fc:e8:71:2c:01:57:62:3f:43:
         8d:75:74:a3:95:8a:51:95:4e:eb:49:b1:bc:e2:df:fd:13:1f:
         1a:e4:a7:01:1d:1f:55:f4:da:8a:04:0c:1f:83:40:7a:62:72:
         16:18:5c:dc:87:e2:9a:db:7c:2f:44:b5:0b:2f:2c:8f:34:d8:
         23:32:24:3a:9b:f0:37:be:9f:b9:c1:27:39:6a:d9:20:44:d9:
         38:a9:af:b0:e9:3f:21:1e:ed:be:ac:2b:80:f1:dc:bd:b5:52:
         0e:6e:09:40:85:68:81:22:41:d5:0b:68:c8:56:7b:05:42:fd:
         b9:6b:92:2f:c3:e9:63:c1:27:db:da:1f:2e:8c:51:5b:aa:6e:
         49:4b:51:4d:f8:0c:6c:f8:58:c3:6d:1e:3f:37:9c:1a:e6:c9:
         a0:ff:4c:12:eb:d8:b2:a6:77:2d:d2:a9:b1:10:8d:ab:0e:8a:
         1d:95:d0:78:71:58:da:19:51:3e:89:a5:29:e5:82:4e:48:ae:
         bb:c0:b0:e3:2a:1f:35:31:a1:6f:c6:61:b9:8c:6c:e4:55:bb:
         8c:e6:7b:08:82:e0:55:88:2b:5d:0b:d7:28:13:08:ff:ab:08:
         e9:f6:2c:c1:a8:4d:e3:c3:e7:dd:b8:a6:24:a8:df:92:19:44:
         8c:2c:c9:c6
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEecESE6scfpuz5AzCAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MTAyMTAxMDAzMVoXDTI1MDExOTAyMDAzMVowLzEtMCsGA1UEAxMk
MTQ2OWI4YWItNDRlNi00YzM3LWE5MjQtNWI4NmUxNmFiMTczMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnob4dw6BpQSvFHX2FxMcv8D5g0jzMBWCGGoy
0HO7RjJoXPvOsacUkukILWDFRLExOj6PeyCvCvA7a57wxkEyUgAt0VBHJWl50/NV
E+m1VkmDBlw6QcG7pAZqSJXj3Q4zHlocawEU3y2FMzCfXSSJ3H3T5Zzplpt6RTFm
LHT/viynTrr0ukjxG2iPJACYCyEr/D853jGTFYYlwA8+hmWZnFv/l8zZRe8JUzAU
gplIUlDBnnu51k1HNZON6f0hDq2pu3LYcL0+FlXfguH7ga8EFUDBuraj21qTwXdt
uW725hTVoOAUJ4pqTkhcD/NgZMc0s/XkI+yKDnEs6Z8UGkDHGwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKfLmubmwDu+RaOdYAnmoD/UqznwMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvZDM4ZGJkNjMtODhmOC0z
YWQ4LWFiZjEtMWYxNGNiMWQ0MzllLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgBVMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAK29AZoUb9kgbPzocSwBV2I/Q411dKOVilGVTutJsbzi3/0THxrkpwEd
H1X02ooEDB+DQHpichYYXNyH4prbfC9EtQsvLI802CMyJDqb8De+n7nBJzlq2SBE
2Tipr7DpPyEe7b6sK4Dx3L21Ug5uCUCFaIEiQdULaMhWewVC/blrki/D6WPBJ9va
Hy6MUVuqbklLUU34DGz4WMNtHj83nBrmyaD/TBLr2LKmdy3SqbEQjasOih2V0Hhx
WNoZUT6JpSnlgk5IrrvAsOMqHzUxoW/GYbmMbORVu4zmewiC4FWIK10L1ygTCP+r
COn2LMGoTePD5924piSo35IZRIwsycY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:00:26 2025 by rpki-client