Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/daedb020-b462-3380-acb9-abeadd5e11c0.roa
File:                     daedb020-b462-3380-acb9-abeadd5e11c0.roa (raw, json)
Hash identifier:          R8khJn698wFdeDRSoNW8ft/lEJ11yp6ZGILJXnX5tFc=
Subject key identifier:   5E:FB:A7:8B:D2:7D:B2:73:EF:E5:E5:70:A2:45:74:1D:75:33:C1:40
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858482395579A09B6175E802EC380
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/daedb020-b462-3380-acb9-abeadd5e11c0.roa
Signing time:             Sun 08 Dec 2024 14:00:51 +0000
ROA not before:           Sun 08 Dec 2024 14:00:51 +0000
ROA not after:            Sat 08 Mar 2025 14:00:51 +0000
asID:                     398355
IP address blocks:        166.0.153.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:23:95:57:9a:09:b6:17:5e:80:2e:c3:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Dec  8 14:00:51 2024 GMT
            Not After : Mar  8 14:00:51 2025 GMT
        Subject: CN=c92ce271-3a1a-496d-94b3-8b91e7414467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:f7:a8:c5:d3:4f:fb:2d:4c:2d:1a:e1:68:1f:
                    66:04:1c:ce:2d:5f:62:27:ca:02:9b:87:ec:cc:a7:
                    ab:3f:99:bf:ac:7b:be:e9:96:c5:c5:bc:cb:da:cf:
                    09:7d:bb:1a:be:71:87:57:54:1e:7c:72:08:67:d1:
                    47:3a:9b:92:49:14:d3:c9:2c:76:46:93:b3:53:1f:
                    28:c6:8c:35:26:93:03:31:c7:9a:47:c8:76:ae:cc:
                    1d:99:bc:25:0d:a0:5f:cb:59:d3:1c:c1:04:ef:99:
                    68:3d:d3:46:1d:58:25:88:8d:09:e1:5e:43:ee:ed:
                    86:0e:3a:d6:48:8c:79:1d:bb:a5:39:88:23:4e:6c:
                    c2:35:08:c2:55:b7:bd:fa:b0:37:c0:12:ec:28:ac:
                    62:2b:e8:0a:93:ca:fc:b8:c9:cc:0f:6f:05:c6:b6:
                    98:d3:5e:9f:4a:8c:b9:3e:52:3b:31:17:0e:29:a6:
                    86:4f:3a:7b:7a:f8:42:02:11:49:3b:d7:47:0f:50:
                    06:cb:a2:51:a3:f0:f7:59:64:cb:c2:a9:2a:46:a3:
                    2c:ae:a5:6b:92:5d:07:7c:26:e2:c4:47:47:17:72:
                    8d:c6:34:ae:be:d5:9c:88:ad:55:c4:28:a2:dc:d7:
                    bf:40:7b:78:0e:54:ff:4c:27:ce:aa:70:83:1a:60:
                    e1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:FB:A7:8B:D2:7D:B2:73:EF:E5:E5:70:A2:45:74:1D:75:33:C1:40
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/daedb020-b462-3380-acb9-abeadd5e11c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.0.153.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         41:cb:6c:ab:f8:97:6b:99:66:e9:89:0f:27:9c:3a:b1:d9:bb:
         b1:5e:38:4c:1b:c8:12:c7:d4:62:7b:2b:a8:9b:da:87:bb:73:
         85:c4:1c:da:0f:74:08:5b:a5:20:54:a1:e9:94:5d:47:0f:21:
         d6:d3:5e:3d:5d:42:a0:06:b2:93:80:f9:85:3e:81:c2:ea:df:
         c6:39:d4:1d:79:44:a2:b6:b9:31:31:8b:70:03:a3:33:36:03:
         37:c5:03:65:f9:73:0f:7c:fc:a0:35:10:20:c3:68:95:6f:df:
         fc:99:46:a9:e8:5a:2a:e6:b7:d2:20:8e:06:67:1b:db:26:9d:
         8b:98:52:47:10:25:1f:69:d6:38:35:94:41:be:f7:64:06:2d:
         1f:17:a5:f4:72:fc:9a:6a:9f:77:d7:55:39:73:05:41:c0:08:
         ac:56:b9:cd:ae:df:16:50:62:6e:1d:f1:7c:9c:ba:fb:77:a3:
         06:04:5c:bf:99:63:a2:aa:14:fc:4a:64:74:56:e0:2e:72:2b:
         40:17:00:c5:66:de:28:8b:58:60:73:c1:e3:e6:07:6f:e4:17:
         fe:0a:c0:ed:ad:04:42:41:9c:d7:73:ce:9c:a2:43:f8:0a:e0:
         95:fa:f2:20:ce:a8:c3:23:8f:83:d8:fc:b5:66:7f:ec:e8:42:
         e5:17:a0:f7
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEgjlVeaCbYXXoAuw4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MTIwODE0MDA1MVoXDTI1MDMwODE0MDA1MVowLzEtMCsGA1UEAxMk
YzkyY2UyNzEtM2ExYS00OTZkLTk0YjMtOGI5MWU3NDE0NDY3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPeoxdNP+y1MLRrhaB9mBBzOLV9iJ8oCm4fs
zKerP5m/rHu+6ZbFxbzL2s8JfbsavnGHV1QefHIIZ9FHOpuSSRTTySx2RpOzUx8o
xow1JpMDMceaR8h2rswdmbwlDaBfy1nTHMEE75loPdNGHVgliI0J4V5D7u2GDjrW
SIx5HbulOYgjTmzCNQjCVbe9+rA3wBLsKKxiK+gKk8r8uMnMD28FxraY016fSoy5
PlI7MRcOKaaGTzp7evhCAhFJO9dHD1AGy6JRo/D3WWTLwqkqRqMsrqVrkl0HfCbi
xEdHF3KNxjSuvtWciK1VxCii3Ne/QHt4DlT/TCfOqnCDGmDhlQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFF77p4vSfbJz7+XlcKJFdB11M8FAMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvZGFlZGIwMjAtYjQ2Mi0z
MzgwLWFjYjktYWJlYWRkNWUxMWMwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgCZMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAEHLbKv4l2uZZumJDyecOrHZu7FeOEwbyBLH1GJ7K6ib2oe7c4XEHNoP
dAhbpSBUoemUXUcPIdbTXj1dQqAGspOA+YU+gcLq38Y51B15RKK2uTExi3ADozM2
AzfFA2X5cw98/KA1ECDDaJVv3/yZRqnoWirmt9IgjgZnG9smnYuYUkcQJR9p1jg1
lEG+92QGLR8XpfRy/Jpqn3fXVTlzBUHACKxWuc2u3xZQYm4d8Xycuvt3owYEXL+Z
Y6KqFPxKZHRW4C5yK0AXAMVm3iiLWGBzwePmB2/kF/4KwO2tBEJBnNdzzpyiQ/gK
4JX68iDOqMMjj4PY/LVmf+zoQuUXoPc=
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:32:26 2025 by rpki-client