Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/86b35f71-51ac-43ff-b604-cba3552c4c8c/ed3c66b5-4d92-34b8-81fd-54be177f2d0b.roa
File:                     ed3c66b5-4d92-34b8-81fd-54be177f2d0b.roa (raw, json)
Hash identifier:          S+jfsPkC3aHUcQC0tSPv/ey2bd2wU80UwaOJ3ndRAIk=
Subject key identifier:   A9:D5:80:84:09:5E:10:C5:01:DE:61:36:F7:58:A4:61:49:55:48:82
Certificate issuer:       /CN=86b35f71-51ac-43ff-b604-cba3552c4c8c
Certificate serial:       010D0C9F43285845CBD4AA575BFCFA43C7BBEA00
Authority key identifier: 64:9C:3D:FE:D3:DF:3D:6B:67:BC:6D:BC:E9:05:BC:C0:6C:E6:1C:D7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/86b35f71-51ac-43ff-b604-cba3552c4c8c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/86b35f71-51ac-43ff-b604-cba3552c4c8c/ed3c66b5-4d92-34b8-81fd-54be177f2d0b.roa
Signing time:             Tue 07 May 2024 18:03:40 +0000
ROA not before:           Tue 07 May 2024 18:03:40 +0000
ROA not after:            Mon 05 Aug 2024 18:03:40 +0000
asID:                     209737
IP address blocks:        100.42.23.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:cb:d4:aa:57:5b:fc:fa:43:c7:bb:ea:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86b35f71-51ac-43ff-b604-cba3552c4c8c
        Validity
            Not Before: May  7 18:03:40 2024 GMT
            Not After : Aug  5 18:03:40 2024 GMT
        Subject: CN=2f6bee4e-7630-4c16-8f59-e92de80e67bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:65:4a:12:ac:9d:e6:5a:d5:04:36:73:4a:12:
                    98:ed:9e:73:d1:94:6f:25:03:44:7b:e0:43:90:2a:
                    a8:dd:a7:e0:e4:67:ef:17:52:8d:29:f6:44:a5:04:
                    31:c1:31:b9:5e:ee:fc:3c:83:48:bd:27:9f:7b:51:
                    2d:7f:aa:06:2e:e8:f4:9b:31:79:72:21:ee:14:be:
                    70:2b:e2:8c:b7:38:09:46:4b:76:e4:97:0e:45:91:
                    71:73:c8:ac:f7:90:94:f1:09:b3:e3:0d:2b:84:1e:
                    83:81:12:e7:1a:c8:3a:56:27:26:58:33:72:80:bb:
                    ff:4b:37:c2:9e:29:f0:3f:71:1c:b8:59:bc:d7:c6:
                    3b:ba:c8:87:1a:63:c5:eb:b3:01:20:30:c9:64:97:
                    88:a6:d2:c5:89:b2:68:cf:6e:d0:c7:14:c7:3d:17:
                    8b:58:ca:1f:27:39:6d:2c:76:a3:97:bd:f9:d8:8f:
                    d0:6f:1b:af:0f:4e:90:be:7e:c5:97:61:b0:39:07:
                    09:3b:d8:9d:70:16:b0:8d:ac:a2:54:63:7d:65:f9:
                    38:40:94:d0:ac:11:17:17:59:af:18:f1:a3:98:69:
                    03:e1:46:a6:10:4d:7b:de:3d:4d:14:63:0b:76:46:
                    67:b3:28:e4:4d:f5:54:ac:65:66:5d:c0:6c:41:ca:
                    f0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:D5:80:84:09:5E:10:C5:01:DE:61:36:F7:58:A4:61:49:55:48:82
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/86b35f71-51ac-43ff-b604-cba3552c4c8c/ed3c66b5-4d92-34b8-81fd-54be177f2d0b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/86b35f71-51ac-43ff-b604-cba3552c4c8c/86b35f71-51ac-43ff-b604-cba3552c4c8c.crl

            X509v3 Authority Key Identifier:
                keyid:64:9C:3D:FE:D3:DF:3D:6B:67:BC:6D:BC:E9:05:BC:C0:6C:E6:1C:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/86b35f71-51ac-43ff-b604-cba3552c4c8c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  100.42.23.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         68:c9:82:69:ef:08:61:3f:21:4e:8c:de:f7:27:39:a3:6d:db:
         e0:55:7d:12:a5:fd:f8:c7:ca:8a:9c:dd:08:0a:7e:2b:e7:dd:
         d1:23:08:25:de:21:75:34:69:d2:86:da:ad:aa:06:10:50:40:
         7d:37:39:9c:ec:53:b3:05:18:89:6d:11:60:70:cd:1c:b6:ce:
         11:af:7a:e1:4b:e7:1c:d7:01:52:21:c9:7e:11:46:3f:61:61:
         f3:70:bc:7f:18:f8:14:a5:4c:65:49:c2:35:79:5b:78:00:a3:
         13:9f:fe:c2:33:f8:91:27:42:99:36:7f:26:99:3a:90:fe:15:
         bd:34:8d:86:a2:ae:51:5a:5e:6e:27:67:93:88:f1:a4:c6:1c:
         95:af:a5:8f:43:6d:ac:d4:f8:2c:ad:e3:3a:52:4b:76:47:22:
         80:74:83:8f:b0:62:55:9f:d7:03:8e:e1:2a:1d:21:27:1d:ea:
         e2:c9:3b:e9:f2:dc:54:54:38:1e:8a:8c:8b:29:5c:0e:6c:41:
         27:c5:fc:58:9f:e7:61:8e:ea:a6:c2:36:f2:67:26:e2:e9:81:
         0b:0b:9a:86:1d:e3:d1:f6:bd:9b:79:25:43:cf:f8:9a:55:f5:
         e8:8a:d9:75:73:b7:8e:fb:76:a7:75:ca:f1:8a:51:d9:99:03:
         f1:fe:66:d2
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEXL1KpXW/z6Q8e76gAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkODZiMzVmNzEtNTFhYy00M2ZmLWI2MDQtY2JhMzU1MmM0
YzhjMB4XDTI0MDUwNzE4MDM0MFoXDTI0MDgwNTE4MDM0MFowLzEtMCsGA1UEAxMk
MmY2YmVlNGUtNzYzMC00YzE2LThmNTktZTkyZGU4MGU2N2JkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmVKEqyd5lrVBDZzShKY7Z5z0ZRvJQNEe+BD
kCqo3afg5GfvF1KNKfZEpQQxwTG5Xu78PINIvSefe1Etf6oGLuj0mzF5ciHuFL5w
K+KMtzgJRkt25JcORZFxc8is95CU8Qmz4w0rhB6DgRLnGsg6VicmWDNygLv/SzfC
ninwP3EcuFm818Y7usiHGmPF67MBIDDJZJeIptLFibJoz27QxxTHPReLWMofJzlt
LHajl7352I/QbxuvD06Qvn7Fl2GwOQcJO9idcBawjayiVGN9Zfk4QJTQrBEXF1mv
GPGjmGkD4UamEE173j1NFGMLdkZnsyjkTfVUrGVmXcBsQcrwpQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKnVgIQJXhDFAd5hNvdYpGFJVUiCMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS84NmIz
NWY3MS01MWFjLTQzZmYtYjYwNC1jYmEzNTUyYzRjOGMvZWQzYzY2YjUtNGQ5Mi0z
NGI4LTgxZmQtNTRiZTE3N2YyZDBiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvODZiMzVmNzEtNTFhYy00M2ZmLWI2
MDQtY2JhMzU1MmM0YzhjLzg2YjM1ZjcxLTUxYWMtNDNmZi1iNjA0LWNiYTM1NTJj
NGM4Yy5jcmwwHwYDVR0jBBgwFoAUZJw9/tPfPWtnvG286QW8wGzmHNcwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS84NmIzNWY3MS01MWFjLTQzZmYtYjYwNC1jYmEz
NTUyYzRjOGMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZCoXMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGjJgmnvCGE/IU6M3vcnOaNt2+BVfRKl/fjHyoqc3QgKfivn3dEjCCXe
IXU0adKG2q2qBhBQQH03OZzsU7MFGIltEWBwzRy2zhGveuFL5xzXAVIhyX4RRj9h
YfNwvH8Y+BSlTGVJwjV5W3gAoxOf/sIz+JEnQpk2fyaZOpD+Fb00jYairlFaXm4n
Z5OI8aTGHJWvpY9DbazU+Cyt4zpSS3ZHIoB0g4+wYlWf1wOO4SodIScd6uLJO+ny
3FRUOB6KjIspXA5sQSfF/Fif52GO6qbCNvJnJuLpgQsLmoYd49H2vZt5JUPP+JpV
9eiK2XVzt477dqd1yvGKUdmZA/H+ZtI=
-----END CERTIFICATE-----