Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/37bce1a8-ad32-3a35-bc69-5afffa4af45b.roa
File:                     37bce1a8-ad32-3a35-bc69-5afffa4af45b.roa (raw, json)
Hash identifier:          idOEzoORhYxUj4+g3G9caaXGHcHQ0DvGCa4aoPLyeng=
Subject key identifier:   21:D8:BC:0C:55:CE:AA:CA:C8:0E:2D:A2:61:45:50:A5:18:0E:D9:39
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F432858455332EE8232AE1BC1F1BE0E00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/37bce1a8-ad32-3a35-bc69-5afffa4af45b.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        71.28.168.0/21 maxlen: 21
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:32:ee:82:32:ae:1b:c1:f1:be:0e:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=97191251-33c3-4108-b7e2-fb51a404a3d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:5d:5e:cb:44:9d:18:22:b3:2c:00:f3:eb:06:
                    41:16:11:bb:b9:c3:af:d3:0d:1e:df:6d:67:8c:ac:
                    8c:dd:9a:26:8c:1a:cc:aa:c8:8c:ec:78:c3:59:3d:
                    7d:ab:25:7b:82:0e:38:16:33:57:67:d4:d7:57:c3:
                    0e:c3:e9:7a:72:59:78:33:a1:41:bd:a9:89:ce:11:
                    f2:14:9c:77:8e:d3:5c:1b:a1:a6:fa:9c:35:eb:69:
                    17:e8:56:d0:0e:4c:45:df:22:da:2d:1e:61:f7:72:
                    1f:ee:70:31:b3:5d:08:b6:c1:30:88:42:af:8d:83:
                    41:ec:6d:3b:ea:2f:13:69:e8:04:02:28:ec:57:4b:
                    46:a5:cb:c3:62:30:fa:09:de:fe:6a:47:06:ba:be:
                    6e:00:9d:77:0d:1a:22:2a:c5:78:a7:dd:61:38:34:
                    cd:3d:77:ee:ef:3f:67:d8:ef:a4:42:65:31:e6:c3:
                    cf:20:a9:6f:04:a4:ab:cc:f5:07:8b:d4:e8:dc:10:
                    94:65:16:04:00:6e:fa:80:18:0d:3e:8f:34:a0:fd:
                    f3:f2:36:a4:26:75:59:83:8e:34:3c:4a:21:bf:32:
                    18:9d:7f:3f:bf:25:89:46:b4:13:08:58:bc:27:45:
                    f0:a3:b8:47:26:f3:a5:c0:9c:da:c6:38:47:48:08:
                    0a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:D8:BC:0C:55:CE:AA:CA:C8:0E:2D:A2:61:45:50:A5:18:0E:D9:39
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/37bce1a8-ad32-3a35-bc69-5afffa4af45b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  71.28.168.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         76:f6:94:fb:cb:49:87:2b:6d:97:fe:da:58:07:e6:2a:55:48:
         13:55:93:7b:53:29:48:0e:9c:50:69:8c:5a:7d:1b:e9:9a:d8:
         49:8e:12:b6:a0:2c:4c:1a:3a:0e:59:9d:61:81:27:07:01:ea:
         2e:94:e1:5f:f8:41:42:9c:33:ff:7b:38:b0:81:43:19:76:bb:
         38:ce:ae:6e:ec:dd:ed:47:ac:ed:d0:be:de:e7:e0:f9:2e:48:
         52:fa:fd:a6:11:d6:a2:b2:16:f9:17:ec:59:48:be:9e:ab:57:
         61:68:a6:c4:f7:6c:da:34:48:47:34:d1:37:64:c6:fb:81:a6:
         f3:56:e9:e9:ff:6d:50:fc:28:20:2e:1f:bf:04:d0:98:96:b9:
         83:a9:c9:4e:ab:31:c7:64:2f:98:f0:d2:48:c1:b5:b8:b9:40:
         47:5e:52:d6:33:5a:d0:39:c7:e5:a6:f3:c0:40:0d:b8:96:bf:
         06:99:d2:9a:c6:0b:da:c2:bc:6f:2c:00:62:db:ca:55:67:ee:
         5e:2e:88:30:26:0d:1d:3d:51:7a:90:86:0d:c0:21:a1:0a:d2:
         ae:93:7c:a0:5d:46:37:8e:1a:cb:3d:56:90:3a:64:fb:0e:00:
         fb:f9:f2:3c:a2:bf:f4:87:b3:d5:25:39:be:a4:15:67:01:cb:
         87:7c:77:77
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMu6CMq4bwfG+DgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
OTcxOTEyNTEtMzNjMy00MTA4LWI3ZTItZmI1MWE0MDRhM2Q2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn11ey0SdGCKzLADz6wZBFhG7ucOv0w0e321n
jKyM3ZomjBrMqsiM7HjDWT19qyV7gg44FjNXZ9TXV8MOw+l6cll4M6FBvamJzhHy
FJx3jtNcG6Gm+pw162kX6FbQDkxF3yLaLR5h93If7nAxs10ItsEwiEKvjYNB7G07
6i8TaegEAijsV0tGpcvDYjD6Cd7+akcGur5uAJ13DRoiKsV4p91hODTNPXfu7z9n
2O+kQmUx5sPPIKlvBKSrzPUHi9To3BCUZRYEAG76gBgNPo80oP3z8jakJnVZg440
PEohvzIYnX8/vyWJRrQTCFi8J0Xwo7hHJvOlwJzaxjhHSAgKKwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFCHYvAxVzqrKyA4tomFFUKUYDtk5MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMzdiY2UxYTgtYWQzMi0z
YTM1LWJjNjktNWFmZmZhNGFmNDViLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDRxyoMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHb2lPvLSYcrbZf+2lgH5ipVSBNVk3tTKUgOnFBpjFp9G+ma2EmOErag
LEwaOg5ZnWGBJwcB6i6U4V/4QUKcM/97OLCBQxl2uzjOrm7s3e1HrO3Qvt7n4Pku
SFL6/aYR1qKyFvkX7FlIvp6rV2FopsT3bNo0SEc00TdkxvuBpvNW6en/bVD8KCAu
H78E0JiWuYOpyU6rMcdkL5jw0kjBtbi5QEdeUtYzWtA5x+Wm88BADbiWvwaZ0prG
C9rCvG8sAGLbylVn7l4uiDAmDR09UXqQhg3AIaEK0q6TfKBdRjeOGss9VpA6ZPsO
APv58jyiv/SHs9UlOb6kFWcBy4d8d3c=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:03:32 2025 by rpki-client