Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/da8f76a4-a1f7-3fc3-97ac-6f66d7ec58a5.roa
File:                     da8f76a4-a1f7-3fc3-97ac-6f66d7ec58a5.roa (raw, json)
Hash identifier:          uj4Qroy/9AE525xmlJTEib5GxlcegBu7ZZ1ienPPwpk=
Subject key identifier:   13:CD:47:AE:7C:5D:E9:16:60:EC:F2:D6:45:BC:9A:C2:62:41:20:D0
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F432858463289AE5711DE3D217C76D5A0
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/da8f76a4-a1f7-3fc3-97ac-6f66d7ec58a5.roa
Signing time:             Thu 13 Jun 2024 13:00:34 +0000
ROA not before:           Thu 13 Jun 2024 13:00:34 +0000
ROA not after:            Wed 11 Sep 2024 13:00:34 +0000
asID:                     7029
IP address blocks:        173.185.64.0/20 maxlen: 20
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:32:89:ae:57:11:de:3d:21:7c:76:d5:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Jun 13 13:00:34 2024 GMT
            Not After : Sep 11 13:00:34 2024 GMT
        Subject: CN=db3e42c4-8db7-4ad6-995a-e5045785304d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:6a:25:dd:9a:e6:d8:ae:5c:af:0d:d3:9f:eb:
                    8e:06:eb:2b:11:5c:6a:f2:8a:c7:10:82:f3:e1:ce:
                    58:e1:0d:4b:91:8d:d2:0c:22:81:9f:25:09:e7:db:
                    cc:76:95:ca:50:a1:9b:0d:f7:1b:92:3b:83:a6:16:
                    4e:d7:02:71:d3:85:ae:bf:ee:ff:10:22:7b:1f:e2:
                    1b:8f:9e:19:98:1b:46:32:67:a5:17:e9:83:00:67:
                    9a:28:85:44:92:bf:56:42:3c:70:42:21:cc:86:cc:
                    26:da:7f:8c:14:56:15:26:21:00:df:dd:93:1f:88:
                    e9:c7:3c:16:92:32:ce:d0:ac:ee:ed:55:ad:b0:4a:
                    94:e0:33:b7:3c:22:c0:f9:cb:2a:b4:ea:b9:50:16:
                    a6:68:e3:8d:d3:22:4a:8a:e7:de:8d:da:99:22:6f:
                    a3:5f:96:8d:9d:d8:81:93:31:62:e0:65:4d:e4:8f:
                    90:cd:0b:b1:c9:0a:d0:bb:ca:f6:72:5d:d8:c7:d5:
                    c7:bf:33:79:94:20:95:b7:ce:43:06:37:20:5c:57:
                    07:4e:2d:81:f7:51:1a:34:0b:b0:57:b0:9d:f0:28:
                    57:65:81:bd:cb:cc:a3:a8:6b:9f:c8:75:52:83:e0:
                    88:51:97:b5:06:ff:35:ba:ff:06:3c:38:87:c9:97:
                    3d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:CD:47:AE:7C:5D:E9:16:60:EC:F2:D6:45:BC:9A:C2:62:41:20:D0
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/da8f76a4-a1f7-3fc3-97ac-6f66d7ec58a5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.185.64.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         81:d8:03:2d:9a:4e:11:64:7c:6a:59:d1:cc:59:12:af:b7:d7:
         05:f9:a2:6a:08:59:5d:72:ae:90:8a:b8:02:60:cc:8a:0a:5f:
         82:7a:74:fc:c2:a9:c4:a3:66:16:0c:01:2b:d1:6b:92:af:cc:
         b0:fc:e6:7b:26:40:bb:a8:bd:b4:2b:c3:02:f1:f1:75:5e:a0:
         6c:60:81:66:14:44:ba:e3:46:45:8f:b3:e3:fe:02:ed:22:4c:
         0f:ae:7a:46:f8:bd:93:41:5e:5a:55:f2:70:e5:aa:47:5d:d9:
         49:1f:ad:2b:12:e9:3a:53:51:26:d8:2a:73:87:89:7f:b6:cd:
         7d:0e:ba:8d:f3:4d:5b:63:34:89:8e:af:3a:73:b6:9b:81:55:
         89:21:b2:ed:3c:88:2f:57:a9:90:24:26:b4:68:e1:a7:07:75:
         eb:a2:0d:2f:11:c0:5b:79:70:39:2e:df:75:c0:3a:4b:34:86:
         34:9d:67:f9:46:06:f9:5e:a3:21:6f:08:14:42:af:fd:0d:27:
         78:a7:56:da:df:4b:b5:cf:60:8d:12:78:9a:16:3a:b8:0b:ca:
         a2:64:08:21:78:d1:6a:38:8e:bf:b0:1a:85:de:00:46:9b:30:
         fd:97:0a:61:51:42:01:63:8a:2b:d3:58:db:36:3b:e2:ed:3f:
         5c:20:41:d3
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEYyia5XEd49IXx21aAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDYxMzEzMDAzNFoXDTI0MDkxMTEzMDAzNFowLzEtMCsGA1UEAxMk
ZGIzZTQyYzQtOGRiNy00YWQ2LTk5NWEtZTUwNDU3ODUzMDRkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2ol3Zrm2K5crw3Tn+uOBusrEVxq8orHEILz
4c5Y4Q1LkY3SDCKBnyUJ59vMdpXKUKGbDfcbkjuDphZO1wJx04Wuv+7/ECJ7H+Ib
j54ZmBtGMmelF+mDAGeaKIVEkr9WQjxwQiHMhswm2n+MFFYVJiEA392TH4jpxzwW
kjLO0Kzu7VWtsEqU4DO3PCLA+csqtOq5UBamaOON0yJKiufejdqZIm+jX5aNndiB
kzFi4GVN5I+QzQuxyQrQu8r2cl3Yx9XHvzN5lCCVt85DBjcgXFcHTi2B91EaNAuw
V7Cd8ChXZYG9y8yjqGufyHVSg+CIUZe1Bv81uv8GPDiHyZc9aQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFBPNR658XekWYOzy1kW8msJiQSDQMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZGE4Zjc2YTQtYTFmNy0z
ZmMzLTk3YWMtNmY2NmQ3ZWM1OGE1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQErblAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIHYAy2aThFkfGpZ0cxZEq+31wX5omoIWV1yrpCKuAJgzIoKX4J6dPzC
qcSjZhYMASvRa5KvzLD85nsmQLuovbQrwwLx8XVeoGxggWYURLrjRkWPs+P+Au0i
TA+uekb4vZNBXlpV8nDlqkdd2UkfrSsS6TpTUSbYKnOHiX+2zX0Ouo3zTVtjNImO
rzpztpuBVYkhsu08iC9XqZAkJrRo4acHdeuiDS8RwFt5cDku33XAOks0hjSdZ/lG
BvleoyFvCBRCr/0NJ3inVtrfS7XPYI0SeJoWOrgLyqJkCCF40Wo4jr+wGoXeAEab
MP2XCmFRQgFjiivTWNs2O+LtP1wgQdM=
-----END CERTIFICATE-----