Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/0f3a55f5-439a-326f-a668-b32e1fb8302c.roa
File:                     0f3a55f5-439a-326f-a668-b32e1fb8302c.roa (raw, json)
Hash identifier:          sUv0cqazOGvm4WYqNAxlqoHtqP7GQnMCqiGXRH22NzE=
Subject key identifier:   D9:7F:F8:E3:28:0D:EA:52:D8:12:9C:07:0F:94:34:D6:B5:6A:E5:C5
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F432858451F0EAEAEB5341FBA3B7B1060
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/0f3a55f5-439a-326f-a668-b32e1fb8302c.roa
Signing time:             Wed 06 Mar 2024 20:45:43 +0000
ROA not before:           Wed 06 Mar 2024 20:45:43 +0000
ROA not after:            Tue 04 Jun 2024 19:45:43 +0000
asID:                     44893
IP address blocks:        142.252.166.0/24 maxlen: 24
                          142.252.143.0/24 maxlen: 24
                          142.252.93.0/24 maxlen: 24
                          142.252.95.0/24 maxlen: 24
                          142.252.39.0/24 maxlen: 24
                          142.252.58.0/24 maxlen: 24
                          142.252.27.0/24 maxlen: 24
                          142.252.36.0/24 maxlen: 24
                          142.252.163.0/24 maxlen: 24
                          142.252.165.0/24 maxlen: 24
                          142.252.169.0/24 maxlen: 24
                          142.252.17.0/24 maxlen: 24
                          142.252.7.0/24 maxlen: 24
                          23.230.149.0/24 maxlen: 24
                          23.230.28.0/24 maxlen: 24
                          23.230.161.0/24 maxlen: 24
                          142.252.23.0/24 maxlen: 24
                          142.252.176.0/24 maxlen: 24
                          142.252.182.0/24 maxlen: 24
                          142.252.185.0/24 maxlen: 24
                          142.252.197.0/24 maxlen: 24
                          142.252.202.0/24 maxlen: 24
                          142.252.206.0/24 maxlen: 24
                          172.121.106.0/24 maxlen: 24
                          172.121.110.0/24 maxlen: 24
                          172.121.135.0/24 maxlen: 24
                          172.121.140.0/24 maxlen: 24
                          172.121.146.0/24 maxlen: 24
                          172.121.154.0/24 maxlen: 24
                          172.121.233.0/24 maxlen: 24
                          172.121.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:1f:0e:ae:ae:b5:34:1f:ba:3b:7b:10:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar  6 20:45:43 2024 GMT
            Not After : Jun  4 19:45:43 2024 GMT
        Subject: CN=02a5310a-28c9-4ff6-b581-80f7f829ee07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c2:77:9e:af:c9:f1:8b:e3:97:bd:3c:b8:21:
                    cb:13:ba:90:54:a6:3d:0e:59:23:a3:2f:48:e3:3a:
                    a4:ee:c4:53:db:f6:a8:25:e0:ca:90:b8:1a:2a:b0:
                    76:19:43:94:59:77:ee:54:d2:9a:78:90:0a:a5:6e:
                    fa:f3:39:38:10:7f:0a:1e:6b:61:d8:d9:f9:e5:82:
                    65:29:f0:45:bd:f7:64:82:f4:f3:42:3e:68:86:1c:
                    5e:99:2f:c6:1d:c8:cd:f3:86:9e:1b:62:4c:47:0d:
                    b1:2b:66:c1:69:35:87:20:18:a9:65:53:91:6f:17:
                    00:c4:87:0e:52:d8:08:a9:db:d8:fe:16:a2:78:0e:
                    38:36:ec:2e:25:7b:64:bf:5a:8d:27:02:db:62:39:
                    be:e5:14:ef:ab:be:f8:dc:f2:bd:4b:68:74:53:7c:
                    2b:f4:81:ee:d9:dd:79:ac:d9:83:a6:d2:40:b4:06:
                    37:e2:1e:fa:8b:c3:9d:0c:3d:67:3f:bf:87:e4:d2:
                    91:fe:4e:9a:ef:e3:a6:15:f9:9a:2f:a5:fd:86:d9:
                    35:79:72:f1:95:b5:8b:f7:02:83:23:68:64:75:1d:
                    64:15:2a:cd:51:5f:7d:d0:e0:11:1a:cb:6b:20:ff:
                    4f:29:26:db:6b:28:c4:25:a0:18:54:e1:af:3c:9c:
                    c0:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:7F:F8:E3:28:0D:EA:52:D8:12:9C:07:0F:94:34:D6:B5:6A:E5:C5
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/0f3a55f5-439a-326f-a668-b32e1fb8302c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.230.28.0/24
                  23.230.149.0/24
                  23.230.161.0/24
                  142.252.7.0/24
                  142.252.17.0/24
                  142.252.23.0/24
                  142.252.27.0/24
                  142.252.36.0/24
                  142.252.39.0/24
                  142.252.58.0/24
                  142.252.93.0/24
                  142.252.95.0/24
                  142.252.143.0/24
                  142.252.163.0/24
                  142.252.165.0-142.252.166.255
                  142.252.169.0/24
                  142.252.176.0/24
                  142.252.182.0/24
                  142.252.185.0/24
                  142.252.197.0/24
                  142.252.202.0/24
                  142.252.206.0/24
                  172.121.106.0/24
                  172.121.110.0/24
                  172.121.135.0/24
                  172.121.140.0/24
                  172.121.146.0/24
                  172.121.154.0/24
                  172.121.233.0/24
                  172.121.240.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         36:3e:c3:e0:2b:c7:23:3a:b0:c6:98:05:9b:a1:a7:73:3d:eb:
         54:a0:a7:97:03:32:53:2b:8c:69:e8:34:d8:4f:0a:9a:2e:d3:
         d2:a6:97:2e:ce:0d:3d:e0:3b:25:d3:2e:76:6d:35:fc:5b:d4:
         09:0f:15:f4:31:f2:ca:5b:00:a7:59:6b:d6:e0:31:00:bb:65:
         37:c9:17:d9:84:fc:57:df:21:79:df:81:6a:ec:b2:79:43:d6:
         75:09:9e:d3:40:46:4a:09:4b:30:1b:1d:86:1e:ad:53:72:9c:
         a0:56:90:73:25:d6:83:1e:87:fe:3e:6f:f7:f4:3a:42:aa:de:
         9b:34:52:20:58:64:f0:20:08:fc:36:9e:ad:7c:2c:28:5b:74:
         87:55:e5:54:ba:df:2c:de:1b:df:fc:96:fe:5c:81:77:4f:a1:
         11:92:30:3e:81:92:c9:76:fa:6e:cc:17:6b:02:82:8e:1d:e6:
         85:03:65:7d:f6:1b:e4:3f:09:72:0b:67:52:16:83:b9:f2:f4:
         0c:97:40:8a:7f:5b:c9:7c:fd:28:7b:8b:c6:64:ee:2b:15:70:
         23:dc:15:db:aa:c6:b1:91:e9:e1:10:62:09:a9:3b:77:75:70:
         a8:0f:5e:65:ce:ee:b1:a9:05:35:1e:e7:94:6b:1f:26:e3:66:
         ba:2c:6d:9a
-----BEGIN CERTIFICATE-----
MIIG/jCCBeagAwIBAgIUAQ0Mn0MoWEUfDq6utTQfujt7EGAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMwNjIwNDU0M1oXDTI0MDYwNDE5NDU0M1owLzEtMCsGA1UEAxMk
MDJhNTMxMGEtMjhjOS00ZmY2LWI1ODEtODBmN2Y4MjllZTA3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8J3nq/J8Yvjl708uCHLE7qQVKY9Dlkjoy9I
4zqk7sRT2/aoJeDKkLgaKrB2GUOUWXfuVNKaeJAKpW768zk4EH8KHmth2Nn55YJl
KfBFvfdkgvTzQj5ohhxemS/GHcjN84aeG2JMRw2xK2bBaTWHIBipZVORbxcAxIcO
UtgIqdvY/haieA44NuwuJXtkv1qNJwLbYjm+5RTvq7743PK9S2h0U3wr9IHu2d15
rNmDptJAtAY34h76i8OdDD1nP7+H5NKR/k6a7+OmFfmaL6X9htk1eXLxlbWL9wKD
I2hkdR1kFSrNUV990OARGstrIP9PKSbbayjEJaAYVOGvPJzAlwIDAQABo4IEEDCC
BAwwHQYDVR0OBBYEFNl/+OMoDepS2BKcBw+UNNa1auXFMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvMGYzYTU1ZjUtNDM5YS0z
MjZmLWE2NjgtYjMyZTFmYjgzMDJjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAX
5hwDBAAX5pUDBAAX5qEDBACO/AcDBACO/BEDBACO/BcDBACO/BsDBACO/CQDBACO
/CcDBACO/DoDBACO/F0DBACO/F8DBACO/I8DBACO/KMwDAMEAI78pQMEAI78pgME
AI78qQMEAI78sAMEAI78tgMEAI78uQMEAI78xQMEAI78ygMEAI78zgMEAKx5agME
AKx5bgMEAKx5hwMEAKx5jAMEAKx5kgMEAKx5mgMEAKx56QMEAKx58DBUBgNVHSAB
Af8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFy
aW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IB
AQA2PsPgK8cjOrDGmAWboadzPetUoKeXAzJTK4xp6DTYTwqaLtPSppcuzg094Dsl
0y52bTX8W9QJDxX0MfLKWwCnWWvW4DEAu2U3yRfZhPxX3yF534Fq7LJ5Q9Z1CZ7T
QEZKCUswGx2GHq1TcpygVpBzJdaDHof+Pm/39DpCqt6bNFIgWGTwIAj8Np6tfCwo
W3SHVeVUut8s3hvf/Jb+XIF3T6ERkjA+gZLJdvpuzBdrAoKOHeaFA2V99hvkPwly
C2dSFoO58vQMl0CKf1vJfP0oe4vGZO4rFXAj3BXbqsaxkenhEGIJqTt3dXCoD15l
zu6xqQU1HueUax8m42a6LG2a
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:02 2024 by rpki-client on console-ams.rpki-client.org