Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/de374996-b2c7-30f7-905b-ebf6f6cdc39c.roa
File:                     de374996-b2c7-30f7-905b-ebf6f6cdc39c.roa (raw, json)
Hash identifier:          252wYkVQy1OPp28yLzlEyQ0rLRMoQUgLbxqFJdxbT60=
Subject key identifier:   3F:E5:7C:8B:9A:DD:CC:A2:01:EF:23:40:B7:98:B5:14:E7:0F:36:DD
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F4328584636B98CA3A593D37879419A00
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/de374996-b2c7-30f7-905b-ebf6f6cdc39c.roa
Signing time:             Sat 15 Jun 2024 01:00:27 +0000
ROA not before:           Sat 15 Jun 2024 01:00:27 +0000
ROA not after:            Fri 13 Sep 2024 01:00:27 +0000
asID:                     58061
IP address blocks:        166.1.89.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:36:b9:8c:a3:a5:93:d3:78:79:41:9a:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Jun 15 01:00:27 2024 GMT
            Not After : Sep 13 01:00:27 2024 GMT
        Subject: CN=a8c82b94-2917-4920-8aa2-144cf9eeae98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:34:80:93:16:c7:ad:5d:3e:4f:2d:da:1c:7a:
                    62:03:23:da:f4:b3:51:80:72:b4:7c:ee:c6:c1:a3:
                    08:cd:b2:ec:5d:ee:9e:d9:b2:3e:15:48:5e:6c:a4:
                    f5:62:73:44:86:10:01:7f:e7:77:f2:c2:ce:42:a3:
                    7a:55:9b:d5:e1:17:ca:1b:a8:c3:74:08:dc:ce:93:
                    58:a4:13:da:92:8f:89:16:ac:f9:3a:1f:d7:e1:b4:
                    61:fa:68:c6:b7:b3:41:11:cf:1e:e3:17:bc:60:03:
                    61:bc:fd:2c:3a:39:10:15:01:8e:46:e9:1e:8c:d4:
                    2d:35:e0:a1:61:0d:b8:98:fb:ce:bb:e9:c1:f4:1d:
                    ba:4e:f6:ce:c3:bb:59:50:18:13:a9:59:d1:02:20:
                    b1:5c:58:72:16:2e:40:cb:7e:0e:8f:c6:6e:4d:17:
                    c1:a5:65:5c:d6:55:f8:a6:e2:b7:bb:b1:ad:dc:89:
                    51:70:41:92:72:67:54:9d:5e:90:3d:9e:0c:d5:06:
                    ed:ef:98:18:df:48:c8:be:09:b5:6d:e9:e9:ac:a5:
                    8c:14:09:d5:13:36:64:d9:70:4b:4c:81:02:89:34:
                    96:49:a1:eb:64:c9:0b:8a:fa:ed:c7:27:41:50:66:
                    65:26:a2:7c:fa:2f:b4:e1:68:88:15:5c:00:a3:b0:
                    6b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:E5:7C:8B:9A:DD:CC:A2:01:EF:23:40:B7:98:B5:14:E7:0F:36:DD
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/de374996-b2c7-30f7-905b-ebf6f6cdc39c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.1.89.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         39:3a:a0:16:87:9f:28:7e:35:bd:e4:c1:25:21:7f:ed:4f:dc:
         ac:3c:f1:f2:51:c9:f5:44:d8:f4:58:1c:93:33:a6:1b:8f:03:
         8b:aa:e7:11:4e:ee:57:4f:b2:04:d6:61:81:a6:93:f3:45:7c:
         9c:63:7f:d4:ad:7a:4e:95:e8:6c:cd:a2:6c:d0:4c:01:ef:fb:
         46:9b:76:37:ff:c0:32:a3:79:49:25:7f:f7:e3:5b:3b:9c:e1:
         c2:eb:e6:dc:11:04:b6:c0:36:13:12:99:ee:b8:13:27:0e:28:
         9c:0d:fc:e9:7f:e3:96:eb:69:83:96:ef:2b:7f:40:31:8e:11:
         97:ea:bf:bb:76:98:42:dc:48:cc:07:87:11:db:d0:eb:8f:a9:
         89:54:4d:c2:e5:71:53:73:b6:09:84:6a:cc:56:d9:7b:00:8e:
         57:e4:cb:0c:b6:f7:86:eb:01:42:fe:11:b7:16:06:ce:83:5b:
         d5:f3:75:6f:f5:5c:b4:0d:c1:c2:2c:89:dd:c2:f3:f7:c6:f3:
         98:dc:ab:48:a2:a2:9b:10:92:79:f2:bd:b4:0d:6c:4d:17:45:
         8e:c1:e4:69:c9:53:89:72:9d:af:ad:33:bd:d0:91:43:09:e7:
         b1:e8:67:78:d3:0a:b4:e5:36:76:d6:21:ed:53:79:80:ed:5f:
         17:44:33:32
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEY2uYyjpZPTeHlBmgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MDYxNTAxMDAyN1oXDTI0MDkxMzAxMDAyN1owLzEtMCsGA1UEAxMk
YThjODJiOTQtMjkxNy00OTIwLThhYTItMTQ0Y2Y5ZWVhZTk4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjSAkxbHrV0+Ty3aHHpiAyPa9LNRgHK0fO7G
waMIzbLsXe6e2bI+FUhebKT1YnNEhhABf+d38sLOQqN6VZvV4RfKG6jDdAjczpNY
pBPako+JFqz5Oh/X4bRh+mjGt7NBEc8e4xe8YANhvP0sOjkQFQGORukejNQtNeCh
YQ24mPvOu+nB9B26TvbOw7tZUBgTqVnRAiCxXFhyFi5Ay34Oj8ZuTRfBpWVc1lX4
puK3u7Gt3IlRcEGScmdUnV6QPZ4M1Qbt75gY30jIvgm1benprKWMFAnVEzZk2XBL
TIECiTSWSaHrZMkLivrtxydBUGZlJqJ8+i+04WiIFVwAo7BrdQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFD/lfIua3cyiAe8jQLeYtRTnDzbdMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvZGUzNzQ5OTYtYjJjNy0z
MGY3LTkwNWItZWJmNmY2Y2RjMzljLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgFZMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADk6oBaHnyh+Nb3kwSUhf+1P3Kw88fJRyfVE2PRYHJMzphuPA4uq5xFO
7ldPsgTWYYGmk/NFfJxjf9Stek6V6GzNomzQTAHv+0abdjf/wDKjeUklf/fjWzuc
4cLr5twRBLbANhMSme64EycOKJwN/Ol/45braYOW7yt/QDGOEZfqv7t2mELcSMwH
hxHb0OuPqYlUTcLlcVNztgmEasxW2XsAjlfkywy294brAUL+EbcWBs6DW9XzdW/1
XLQNwcIsid3C8/fG85jcq0iiopsQknnyvbQNbE0XRY7B5GnJU4lyna+tM73QkUMJ
57HoZ3jTCrTlNnbWIe1TeYDtXxdEMzI=
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:10:27 2025 by rpki-client