Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/3125fdd2-83e2-378b-b425-45da365faa17.roa
File:                     3125fdd2-83e2-378b-b425-45da365faa17.roa (raw, json)
Hash identifier:          f4tqM3LLecTTmmCl+h1CEksGlgjV3PByWWHPUCuLRX4=
Subject key identifier:   8A:A0:6A:F5:0A:2D:00:EC:BC:54:9C:6B:37:41:1B:EF:12:BD:6E:66
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553330F2B090BC36299521B00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/3125fdd2-83e2-378b-b425-45da365faa17.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        173.187.144.0/21 maxlen: 21
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:0f:2b:09:0b:c3:62:99:52:1b:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=99d0eef5-9263-43c1-acb6-fa40b958668a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ff:27:85:8e:9f:52:33:3c:77:70:a8:56:07:
                    c3:ef:7f:98:52:a0:b1:ab:e8:6a:1b:66:45:8f:bf:
                    b3:a1:06:45:8e:c5:df:ca:bf:65:fa:af:9a:6d:a2:
                    ab:6e:a6:93:6c:83:09:ad:5a:0f:3f:fa:83:25:ac:
                    4e:dd:82:3b:f2:97:58:7a:1c:7d:07:a3:1b:2b:44:
                    1e:bd:db:ee:e1:ba:b7:2e:94:a3:a7:95:7d:a1:c7:
                    9b:3b:fa:0b:43:d3:f0:fe:a0:ef:f4:27:5a:57:02:
                    e0:5c:12:dc:bb:e6:b7:c6:fc:56:fe:c5:83:1f:c2:
                    04:d2:4d:4d:4b:db:b3:a0:66:19:14:08:82:8f:00:
                    84:76:4a:1d:83:d5:75:1d:32:d9:f5:63:98:78:a2:
                    33:0a:53:d8:14:56:f2:0c:61:a2:2f:02:28:36:11:
                    de:af:2b:bb:b7:41:d3:95:33:d7:03:4e:b4:1e:9d:
                    62:c8:af:c9:29:1a:dd:a2:b2:84:fb:26:17:19:c4:
                    94:6c:ce:f7:89:49:ff:57:16:16:3b:6a:6e:c0:91:
                    e2:ca:d6:be:5d:bd:38:ad:27:6c:88:75:b1:11:13:
                    9c:2e:18:83:0b:71:3a:11:e1:9f:48:f8:40:f3:e7:
                    c8:c4:73:f6:a9:64:09:a1:f2:0e:be:0e:57:d0:a3:
                    65:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:A0:6A:F5:0A:2D:00:EC:BC:54:9C:6B:37:41:1B:EF:12:BD:6E:66
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/3125fdd2-83e2-378b-b425-45da365faa17.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.187.144.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         39:fb:09:f1:83:d9:35:81:1c:11:29:f1:62:7d:64:25:04:a2:
         55:89:6f:44:b2:85:a0:f2:cc:c9:05:37:df:b2:4c:7b:e1:eb:
         8a:cc:c0:5a:16:0e:3f:a6:cc:d9:c0:72:ee:9d:ec:d6:9f:e4:
         8a:72:6b:31:e1:8d:b9:04:8b:56:40:f2:20:66:fb:10:75:70:
         83:77:2c:66:a5:7d:45:55:36:74:3a:a8:40:61:46:d6:ef:7c:
         d7:77:ab:55:84:50:30:55:b1:5b:a1:2a:60:ba:a9:35:77:a0:
         4b:41:e3:ee:5c:92:ab:f5:ad:dc:fd:6b:11:65:10:15:ec:9d:
         12:a6:2a:a4:ff:1e:bf:56:53:07:a1:65:5a:f0:64:d4:b7:3e:
         95:f8:ac:b3:af:c1:a0:03:52:b3:75:04:98:0b:39:62:85:dc:
         08:cf:d5:8c:4f:54:58:0c:68:06:c9:52:0b:30:ad:40:8e:69:
         94:ab:5d:ab:a9:22:c1:ae:03:96:1d:47:01:7c:36:1d:aa:3d:
         9d:90:ea:28:23:2b:1d:53:f9:e9:97:80:d1:ef:2f:50:82:f5:
         a4:8f:83:f5:be:36:34:64:68:ed:f3:08:37:10:87:ac:b5:19:
         26:77:e9:d4:46:26:cb:1c:4c:b9:ff:7e:5b:ab:61:ef:d0:2f:
         48:fd:03:cc
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMw8rCQvDYplSGwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
OTlkMGVlZjUtOTI2My00M2MxLWFjYjYtZmE0MGI5NTg2NjhhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/8nhY6fUjM8d3CoVgfD73+YUqCxq+hqG2ZF
j7+zoQZFjsXfyr9l+q+abaKrbqaTbIMJrVoPP/qDJaxO3YI78pdYehx9B6MbK0Qe
vdvu4bq3LpSjp5V9ocebO/oLQ9Pw/qDv9CdaVwLgXBLcu+a3xvxW/sWDH8IE0k1N
S9uzoGYZFAiCjwCEdkodg9V1HTLZ9WOYeKIzClPYFFbyDGGiLwIoNhHeryu7t0HT
lTPXA060Hp1iyK/JKRrdorKE+yYXGcSUbM73iUn/VxYWO2puwJHiyta+Xb04rSds
iHWxEROcLhiDC3E6EeGfSPhA8+fIxHP2qWQJofIOvg5X0KNlGQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIqgavUKLQDsvFScazdBG+8SvW5mMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMzEyNWZkZDItODNlMi0z
NzhiLWI0MjUtNDVkYTM2NWZhYTE3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDrbuQMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADn7CfGD2TWBHBEp8WJ9ZCUEolWJb0SyhaDyzMkFN9+yTHvh64rMwFoW
Dj+mzNnAcu6d7Naf5IpyazHhjbkEi1ZA8iBm+xB1cIN3LGalfUVVNnQ6qEBhRtbv
fNd3q1WEUDBVsVuhKmC6qTV3oEtB4+5ckqv1rdz9axFlEBXsnRKmKqT/Hr9WUweh
ZVrwZNS3PpX4rLOvwaADUrN1BJgLOWKF3AjP1YxPVFgMaAbJUgswrUCOaZSrXaup
IsGuA5YdRwF8Nh2qPZ2Q6igjKx1T+emXgNHvL1CC9aSPg/W+NjRkaO3zCDcQh6y1
GSZ36dRGJsscTLn/flurYe/QL0j9A8w=
-----END CERTIFICATE-----