Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/51dcdcba-3766-4509-a479-bbf02514719f/ebbb5a3d-0b67-3783-a644-567c2b104e56.roa
File:                     ebbb5a3d-0b67-3783-a644-567c2b104e56.roa (raw, json)
Hash identifier:          HNO4eG1ojX7G6ZX8BFI6pT5vpkmEkK2NVB64qFBijak=
Subject key identifier:   DF:C4:7D:3D:A1:47:70:1C:B1:C5:DC:CB:AF:A0:C5:93:53:0E:54:57
Certificate issuer:       /CN=51dcdcba-3766-4509-a479-bbf02514719f
Certificate serial:       010D0C9F4328583CB7EFB997FCA921BB3FF8BB80
Authority key identifier: ED:B9:EC:F3:1C:12:4D:68:7A:77:73:BA:F0:21:76:8D:E7:2D:F2:6F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/51dcdcba-3766-4509-a479-bbf02514719f.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/51dcdcba-3766-4509-a479-bbf02514719f/ebbb5a3d-0b67-3783-a644-567c2b104e56.roa
Signing time:             Wed 12 Jan 2022 05:00:00 +0000
ROA not before:           Wed 12 Jan 2022 05:00:00 +0000
ROA not after:            Tue 30 Apr 2024 04:00:00 +0000
asID:                     1239
IP address blocks:        207.90.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3c:b7:ef:b9:97:fc:a9:21:bb:3f:f8:bb:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51dcdcba-3766-4509-a479-bbf02514719f
        Validity
            Not Before: Jan 12 05:00:00 2022 GMT
            Not After : Apr 30 04:00:00 2024 GMT
        Subject: CN=5757646e-2a4e-4768-b497-04592610805b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:d0:93:84:f4:44:88:a8:7a:ba:ab:7b:cb:6c:
                    40:10:70:eb:d2:f5:0d:88:0a:5a:3e:63:47:95:e0:
                    5c:98:43:6c:fa:21:ef:58:2a:a7:02:db:d2:14:3d:
                    fc:d3:e3:dd:26:ae:74:d0:7e:da:0d:a1:d7:46:2c:
                    d3:ef:50:5e:2a:a6:53:8f:33:18:01:9d:5e:36:b6:
                    5a:18:b8:1f:09:e0:11:55:5c:1d:3d:dd:ca:ca:bf:
                    dc:e1:7c:34:09:a1:1d:68:78:29:76:a2:0d:73:a8:
                    6b:e5:e2:fc:89:b1:b4:21:b2:12:92:54:ac:a9:d6:
                    2c:93:55:48:88:0f:8a:18:05:e5:3d:79:f3:1b:bb:
                    32:94:ce:42:76:3a:1f:95:8b:61:ca:ca:a5:99:97:
                    ac:d1:d8:7b:dd:6c:42:cc:15:fb:72:a9:cb:9e:ce:
                    57:a1:5d:59:6f:17:da:a4:1c:d4:57:27:61:29:ad:
                    11:3c:1b:9f:9f:80:ca:32:6e:28:a8:b2:a1:61:48:
                    b2:56:11:8e:7d:2e:cc:14:b4:27:84:e8:98:99:d1:
                    b3:8f:cb:18:d5:a6:ef:c2:30:92:6b:c4:52:87:2e:
                    60:b5:46:10:75:e6:2e:17:3a:90:38:9d:26:3a:a3:
                    b1:62:8d:7e:ca:49:7b:e0:17:ac:b2:9b:0b:2b:ce:
                    23:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:C4:7D:3D:A1:47:70:1C:B1:C5:DC:CB:AF:A0:C5:93:53:0E:54:57
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/51dcdcba-3766-4509-a479-bbf02514719f/ebbb5a3d-0b67-3783-a644-567c2b104e56.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/51dcdcba-3766-4509-a479-bbf02514719f/51dcdcba-3766-4509-a479-bbf02514719f.crl

            X509v3 Authority Key Identifier:
                keyid:ED:B9:EC:F3:1C:12:4D:68:7A:77:73:BA:F0:21:76:8D:E7:2D:F2:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/51dcdcba-3766-4509-a479-bbf02514719f.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.90.207.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         85:17:06:95:ec:c2:7f:be:0a:a1:a9:59:1e:27:16:e5:ed:71:
         e0:32:30:ab:b8:ce:1b:a4:e8:f0:b2:d8:a4:c1:a9:d0:fe:47:
         62:6f:7b:00:dc:23:f9:b0:52:9e:c6:8a:fb:d3:3d:0e:86:16:
         14:bd:8c:bd:23:4d:fb:a7:1e:c2:60:78:26:84:b2:de:27:46:
         c9:d0:a3:85:3d:a0:f8:d6:9b:fa:e5:08:57:6d:fc:f1:ed:ce:
         52:bc:75:18:5a:10:fa:96:50:ad:34:f1:db:97:60:f0:8d:d0:
         ed:d4:99:4e:0b:71:96:62:76:e0:1a:71:48:28:2f:3e:3f:df:
         c7:f2:89:cd:3a:d7:4f:f9:2a:8d:9b:ff:54:70:79:32:f4:d2:
         35:61:f7:b5:0b:a7:55:29:ba:52:74:c9:be:a4:c3:39:37:85:
         8c:d6:cf:38:f1:ca:d9:6e:d3:f0:66:18:49:b2:f0:9e:03:05:
         d6:e2:76:18:23:f5:4e:6b:8f:f7:ec:c0:e8:9d:b3:43:d0:d6:
         63:6b:63:5a:29:5d:05:c4:8d:7f:1b:f2:e5:6f:6f:e4:78:bd:
         a5:fc:4d:84:92:63:34:6a:40:21:85:a8:51:c3:27:94:78:f5:
         88:7f:a8:94:f3:67:06:05:e0:76:69:f3:ed:fb:1b:da:0e:6e:
         5e:39:c5:13
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWDy377mX/Kkhuz/4u4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNTFkY2RjYmEtMzc2Ni00NTA5LWE0NzktYmJmMDI1MTQ3
MTlmMB4XDTIyMDExMjA1MDAwMFoXDTI0MDQzMDA0MDAwMFowLzEtMCsGA1UEAxMk
NTc1NzY0NmUtMmE0ZS00NzY4LWI0OTctMDQ1OTI2MTA4MDViMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdCThPREiKh6uqt7y2xAEHDr0vUNiApaPmNH
leBcmENs+iHvWCqnAtvSFD380+PdJq500H7aDaHXRizT71BeKqZTjzMYAZ1eNrZa
GLgfCeARVVwdPd3Kyr/c4Xw0CaEdaHgpdqINc6hr5eL8ibG0IbISklSsqdYsk1VI
iA+KGAXlPXnzG7sylM5CdjoflYthysqlmZes0dh73WxCzBX7cqnLns5XoV1Zbxfa
pBzUVydhKa0RPBufn4DKMm4oqLKhYUiyVhGOfS7MFLQnhOiYmdGzj8sY1abvwjCS
a8RShy5gtUYQdeYuFzqQOJ0mOqOxYo1+ykl74BesspsLK84jBQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFN/EfT2hR3AcscXcy6+gxZNTDlRXMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy81MWRj
ZGNiYS0zNzY2LTQ1MDktYTQ3OS1iYmYwMjUxNDcxOWYvZWJiYjVhM2QtMGI2Ny0z
NzgzLWE2NDQtNTY3YzJiMTA0ZTU2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNTFkY2RjYmEtMzc2Ni00NTA5LWE0
NzktYmJmMDI1MTQ3MTlmLzUxZGNkY2JhLTM3NjYtNDUwOS1hNDc5LWJiZjAyNTE0
NzE5Zi5jcmwwHwYDVR0jBBgwFoAU7bns8xwSTWh6d3O68CF2ject8m8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy81MWRjZGNiYS0zNzY2LTQ1MDktYTQ3OS1iYmYw
MjUxNDcxOWYuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAz1rPMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIUXBpXswn++CqGpWR4nFuXtceAyMKu4zhuk6PCy2KTBqdD+R2JvewDc
I/mwUp7GivvTPQ6GFhS9jL0jTfunHsJgeCaEst4nRsnQo4U9oPjWm/rlCFdt/PHt
zlK8dRhaEPqWUK008duXYPCN0O3UmU4LcZZiduAacUgoLz4/38fyic0610/5Ko2b
/1RweTL00jVh97ULp1UpulJ0yb6kwzk3hYzWzzjxytlu0/BmGEmy8J4DBdbidhgj
9U5rj/fswOids0PQ1mNrY1opXQXEjX8b8uVvb+R4vaX8TYSSYzRqQCGFqFHDJ5R4
9Yh/qJTzZwYF4HZp8+37G9oObl45xRM=
-----END CERTIFICATE-----