Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8/83172903-881b-3f0e-becd-943004ff1363.roa
File:                     83172903-881b-3f0e-becd-943004ff1363.roa (raw, json)
Hash identifier:          nxY1jIqwhkrF0qY6pzMR9e5qzF85RKvU3FgTpY+kS6c=
Subject key identifier:   D2:61:8F:3E:4A:8C:04:32:6A:72:F7:57:A8:08:DE:FD:F3:76:1F:72
Certificate issuer:       /CN=5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8
Certificate serial:       010D0C9F43285848037B6C830C9B3B3A46AF4400
Authority key identifier: 79:3F:09:5A:31:A3:25:A4:40:91:6E:51:4D:CD:AD:D9:75:0B:A8:B4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8/83172903-881b-3f0e-becd-943004ff1363.roa
Signing time:             Wed 27 Nov 2024 02:00:39 +0000
ROA not before:           Wed 27 Nov 2024 02:00:39 +0000
ROA not after:            Tue 25 Feb 2025 02:00:39 +0000
asID:                     212238
IP address blocks:        172.94.49.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:03:7b:6c:83:0c:9b:3b:3a:46:af:44:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8
        Validity
            Not Before: Nov 27 02:00:39 2024 GMT
            Not After : Feb 25 02:00:39 2025 GMT
        Subject: CN=44673f42-d479-4216-a815-aa2c8de4b65e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e8:75:9c:85:93:87:cb:07:0b:2f:6b:25:34:
                    ab:41:af:cb:e9:01:8a:ae:04:a9:db:4d:4c:a7:3c:
                    b1:bf:f4:7e:1f:bd:c3:b0:9f:cd:16:a2:cd:97:37:
                    db:7f:73:3b:d7:ad:44:aa:8b:93:68:1f:fa:d1:0f:
                    fc:22:f0:4e:68:77:d9:f2:ef:3d:8d:c2:67:ce:75:
                    1c:4f:3d:93:78:cf:3d:60:3a:8c:19:87:45:6e:15:
                    23:44:df:f2:72:c0:e1:f9:66:30:0a:6a:ab:02:18:
                    42:54:54:84:13:50:ed:b6:35:46:2e:33:96:ea:cf:
                    be:c9:42:70:00:53:79:84:bd:b8:22:5c:9c:0b:9f:
                    c0:30:f1:e1:77:a4:f3:af:a2:eb:cc:19:d7:b5:bf:
                    4f:7c:40:77:60:05:79:b1:16:29:60:85:64:96:2a:
                    d2:d1:a3:67:12:52:aa:dc:9c:b2:20:51:7c:d4:7c:
                    66:d9:39:3b:62:83:3c:70:32:b0:d4:9d:af:a9:23:
                    92:31:4d:a5:c1:a3:2e:35:03:80:19:75:2a:db:93:
                    65:95:4f:ee:55:c2:13:b0:05:3f:fd:17:86:cb:4b:
                    69:35:3c:9e:75:96:ad:08:91:7e:38:4d:36:40:61:
                    9a:b0:9f:28:ca:ec:6a:1b:35:ef:48:b8:a1:0c:d2:
                    f7:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:61:8F:3E:4A:8C:04:32:6A:72:F7:57:A8:08:DE:FD:F3:76:1F:72
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8/83172903-881b-3f0e-becd-943004ff1363.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8/5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8.crl

            X509v3 Authority Key Identifier:
                keyid:79:3F:09:5A:31:A3:25:A4:40:91:6E:51:4D:CD:AD:D9:75:0B:A8:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5c5aa4b4-e30d-468f-bb68-bf7fe133b1b8.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  172.94.49.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4e:6a:a9:8c:47:74:96:0a:2f:72:09:14:57:d2:02:a8:9a:72:
         e0:f3:44:00:26:42:9e:37:5d:cf:8a:10:8f:c0:10:3f:de:cc:
         a3:70:90:7d:ae:81:19:9e:1d:fc:db:80:46:0a:85:0e:5a:0e:
         3b:87:ff:32:5b:60:5f:d9:7f:38:a1:39:07:44:05:00:05:41:
         31:61:fb:88:b8:08:d1:d1:f9:ca:40:d4:96:fa:01:c5:be:a9:
         b2:2f:af:22:d8:26:a8:9e:70:92:45:82:6f:48:7b:33:3b:6d:
         c7:93:d0:b7:82:4c:17:5f:e8:c3:d3:9a:79:95:43:1a:f7:7f:
         cb:f8:da:41:42:4f:ea:a2:55:d9:e1:31:2f:0e:11:42:9d:01:
         27:77:a9:cc:0b:d4:5a:a9:2e:fd:48:23:b5:e8:b1:f7:9a:17:
         fe:35:76:2f:f2:a6:af:03:45:e5:a9:8c:7e:24:52:f2:0b:92:
         0e:34:45:03:57:d9:45:67:e6:3d:b0:07:2d:a2:ae:ae:2b:98:
         92:40:af:aa:b7:ea:61:9a:69:6d:8f:cb:67:c9:18:b6:00:95:
         8d:79:83:8f:c1:bc:c8:da:54:35:13:51:89:d6:00:e1:a0:87:
         dc:28:9e:d6:50:39:e3:1c:c1:f5:cc:27:c4:77:6e:53:39:73:
         eb:42:db:16
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEgDe2yDDJs7OkavRAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNWM1YWE0YjQtZTMwZC00NjhmLWJiNjgtYmY3ZmUxMzNi
MWI4MB4XDTI0MTEyNzAyMDAzOVoXDTI1MDIyNTAyMDAzOVowLzEtMCsGA1UEAxMk
NDQ2NzNmNDItZDQ3OS00MjE2LWE4MTUtYWEyYzhkZTRiNjVlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseh1nIWTh8sHCy9rJTSrQa/L6QGKrgSp201M
pzyxv/R+H73DsJ/NFqLNlzfbf3M7161EqouTaB/60Q/8IvBOaHfZ8u89jcJnznUc
Tz2TeM89YDqMGYdFbhUjRN/ycsDh+WYwCmqrAhhCVFSEE1DttjVGLjOW6s++yUJw
AFN5hL24IlycC5/AMPHhd6Tzr6LrzBnXtb9PfEB3YAV5sRYpYIVklirS0aNnElKq
3JyyIFF81Hxm2Tk7YoM8cDKw1J2vqSOSMU2lwaMuNQOAGXUq25NllU/uVcITsAU/
/ReGy0tpNTyedZatCJF+OE02QGGasJ8oyuxqGzXvSLihDNL3hQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNJhjz5KjAQyanL3V6gI3v3zdh9yMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy81YzVh
YTRiNC1lMzBkLTQ2OGYtYmI2OC1iZjdmZTEzM2IxYjgvODMxNzI5MDMtODgxYi0z
ZjBlLWJlY2QtOTQzMDA0ZmYxMzYzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNWM1YWE0YjQtZTMwZC00NjhmLWJi
NjgtYmY3ZmUxMzNiMWI4LzVjNWFhNGI0LWUzMGQtNDY4Zi1iYjY4LWJmN2ZlMTMz
YjFiOC5jcmwwHwYDVR0jBBgwFoAUeT8JWjGjJaRAkW5RTc2t2XULqLQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy81YzVhYTRiNC1lMzBkLTQ2OGYtYmI2OC1iZjdm
ZTEzM2IxYjguY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQArF4xMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAE5qqYxHdJYKL3IJFFfSAqiacuDzRAAmQp43Xc+KEI/AED/ezKNwkH2u
gRmeHfzbgEYKhQ5aDjuH/zJbYF/ZfzihOQdEBQAFQTFh+4i4CNHR+cpA1Jb6AcW+
qbIvryLYJqiecJJFgm9IezM7bceT0LeCTBdf6MPTmnmVQxr3f8v42kFCT+qiVdnh
MS8OEUKdASd3qcwL1FqpLv1II7XosfeaF/41di/ypq8DReWpjH4kUvILkg40RQNX
2UVn5j2wBy2irq4rmJJAr6q36mGaaW2Py2fJGLYAlY15g4/BvMjaVDUTUYnWAOGg
h9wontZQOeMcwfXMJ8R3blM5c+tC2xY=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:06:13 2025 by rpki-client