Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d45613e1-c70f-4ce1-996e-e01d89469087/5f41ea45-1be8-3bbd-9f43-e0ffdffa8eec.roa
File:                     5f41ea45-1be8-3bbd-9f43-e0ffdffa8eec.roa (raw, json)
Hash identifier:          gIjMnM7aRlZBT6VokFVQdpQSZhPxREW7nsMlrwaW/tw=
Subject key identifier:   7F:40:93:C7:2D:E0:0D:0F:7A:C7:00:EE:71:E9:C3:9F:2A:C5:5D:AD
Certificate issuer:       /CN=d45613e1-c70f-4ce1-996e-e01d89469087
Certificate serial:       010D0C9F432858482C2C54094341C26765AA2B20
Authority key identifier: 34:11:E1:2A:8A:E9:1F:1E:95:8C:83:80:FC:89:10:FE:BF:E6:B9:C3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d45613e1-c70f-4ce1-996e-e01d89469087.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d45613e1-c70f-4ce1-996e-e01d89469087/5f41ea45-1be8-3bbd-9f43-e0ffdffa8eec.roa
Signing time:             Wed 11 Dec 2024 15:51:46 +0000
ROA not before:           Wed 11 Dec 2024 15:51:46 +0000
ROA not after:            Tue 11 Mar 2025 14:51:46 +0000
asID:                     396982
IP address blocks:        141.140.2.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:2c:2c:54:09:43:41:c2:67:65:aa:2b:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d45613e1-c70f-4ce1-996e-e01d89469087
        Validity
            Not Before: Dec 11 15:51:46 2024 GMT
            Not After : Mar 11 14:51:46 2025 GMT
        Subject: CN=b7fb8c16-8bb5-4cd4-8740-5e33ba97468c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:cb:1e:cd:19:60:2f:0c:73:26:5f:1c:b3:e1:
                    32:da:bb:ee:d6:b7:86:af:96:2f:20:6b:72:10:06:
                    77:d5:f7:91:f3:13:c6:02:65:05:bc:6a:ce:22:14:
                    9d:35:88:e7:89:86:43:94:23:6b:08:bb:93:06:fb:
                    da:f1:72:5a:15:c3:53:4f:d3:8e:df:b5:86:01:55:
                    51:59:d2:76:f3:92:9f:24:d6:e1:47:ff:6f:81:c9:
                    60:bb:50:4a:a4:42:d5:bf:70:e7:33:95:d1:65:61:
                    a7:10:9f:72:fa:08:f8:1b:31:2b:11:02:54:4e:ae:
                    96:59:c7:0f:07:65:51:43:5b:9d:9c:df:39:0c:36:
                    68:a1:5a:a2:86:6e:ec:56:cc:cc:a0:1d:17:55:41:
                    31:16:44:55:1f:73:17:1b:34:4f:d8:6d:26:96:4d:
                    12:16:63:4a:f7:e9:61:40:f1:7d:e0:42:69:08:17:
                    47:0f:14:0f:1c:d3:2e:16:51:23:ca:b9:1b:68:f9:
                    eb:1e:63:b6:d8:6a:5d:16:ba:0d:82:9f:8a:0c:e1:
                    05:49:d9:5e:69:be:ef:df:f6:b2:b3:fd:22:d1:55:
                    2d:3a:73:3f:83:b7:45:b4:e0:7c:b0:d2:b8:e7:d6:
                    2d:43:f6:b6:b4:56:96:f8:12:d6:7a:a6:92:e6:c8:
                    3f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:40:93:C7:2D:E0:0D:0F:7A:C7:00:EE:71:E9:C3:9F:2A:C5:5D:AD
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d45613e1-c70f-4ce1-996e-e01d89469087/5f41ea45-1be8-3bbd-9f43-e0ffdffa8eec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d45613e1-c70f-4ce1-996e-e01d89469087/d45613e1-c70f-4ce1-996e-e01d89469087.crl

            X509v3 Authority Key Identifier:
                keyid:34:11:E1:2A:8A:E9:1F:1E:95:8C:83:80:FC:89:10:FE:BF:E6:B9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d45613e1-c70f-4ce1-996e-e01d89469087.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.140.2.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         31:33:58:7c:86:78:c8:6e:1b:6e:81:7f:3c:9f:d2:64:e9:fa:
         e5:0b:30:b3:0e:0a:8e:20:34:ed:2b:0f:50:40:11:23:66:ed:
         15:f7:40:0f:8f:a6:ad:ce:87:f5:42:6e:cf:b1:29:ff:7e:f4:
         12:21:91:48:d8:b4:44:d7:0b:f3:22:9e:bb:26:52:38:3b:dd:
         0d:ba:74:b5:ed:54:1f:18:ab:48:dd:c5:b3:73:3c:d9:d7:bf:
         ab:95:36:7d:dc:64:c6:ef:da:d4:a2:49:8d:12:77:25:a2:3e:
         41:5b:9d:df:29:21:f6:1e:43:7c:b8:80:04:17:5d:3e:6a:6a:
         71:f8:eb:b9:7e:a8:4c:09:a2:f4:c8:d6:15:29:7c:48:4e:b8:
         96:2d:34:5e:f6:e6:fd:38:40:d9:85:7c:ef:94:02:d7:76:33:
         22:62:56:8a:43:25:d2:91:d8:68:5c:98:e1:89:fb:06:76:9b:
         81:5e:3a:a1:37:ab:c2:1e:b7:fa:5d:37:5b:e4:2e:54:fa:1f:
         2f:6a:78:bb:7f:1c:bd:f5:f3:53:db:74:ec:d5:41:30:2a:74:
         0c:1b:25:6c:16:05:78:73:0f:9f:b4:cd:d1:85:a9:28:47:38:
         2e:79:85:77:8b:0c:3f:10:4f:53:c3:4b:b4:ff:34:3f:b1:a6:
         68:19:63:a4
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEgsLFQJQ0HCZ2WqKyAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZDQ1NjEzZTEtYzcwZi00Y2UxLTk5NmUtZTAxZDg5NDY5
MDg3MB4XDTI0MTIxMTE1NTE0NloXDTI1MDMxMTE0NTE0NlowLzEtMCsGA1UEAxMk
YjdmYjhjMTYtOGJiNS00Y2Q0LTg3NDAtNWUzM2JhOTc0NjhjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MsezRlgLwxzJl8cs+Ey2rvu1reGr5YvIGty
EAZ31feR8xPGAmUFvGrOIhSdNYjniYZDlCNrCLuTBvva8XJaFcNTT9OO37WGAVVR
WdJ285KfJNbhR/9vgclgu1BKpELVv3DnM5XRZWGnEJ9y+gj4GzErEQJUTq6WWccP
B2VRQ1udnN85DDZooVqihm7sVszMoB0XVUExFkRVH3MXGzRP2G0mlk0SFmNK9+lh
QPF94EJpCBdHDxQPHNMuFlEjyrkbaPnrHmO22GpdFroNgp+KDOEFSdleab7v3/ay
s/0i0VUtOnM/g7dFtOB8sNK459YtQ/a2tFaW+BLWeqaS5sg/awIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFH9Ak8ct4A0PescA7nHpw58qxV2tMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS9kNDU2
MTNlMS1jNzBmLTRjZTEtOTk2ZS1lMDFkODk0NjkwODcvNWY0MWVhNDUtMWJlOC0z
YmJkLTlmNDMtZTBmZmRmZmE4ZWVjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvZDQ1NjEzZTEtYzcwZi00Y2UxLTk5
NmUtZTAxZDg5NDY5MDg3L2Q0NTYxM2UxLWM3MGYtNGNlMS05OTZlLWUwMWQ4OTQ2
OTA4Ny5jcmwwHwYDVR0jBBgwFoAUNBHhKorpHx6VjIOA/IkQ/r/mucMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS9kNDU2MTNlMS1jNzBmLTRjZTEtOTk2ZS1lMDFk
ODk0NjkwODcuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjYwCMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADEzWHyGeMhuG26Bfzyf0mTp+uULMLMOCo4gNO0rD1BAESNm7RX3QA+P
pq3Oh/VCbs+xKf9+9BIhkUjYtETXC/MinrsmUjg73Q26dLXtVB8Yq0jdxbNzPNnX
v6uVNn3cZMbv2tSiSY0SdyWiPkFbnd8pIfYeQ3y4gAQXXT5qanH467l+qEwJovTI
1hUpfEhOuJYtNF725v04QNmFfO+UAtd2MyJiVopDJdKR2GhcmOGJ+wZ2m4FeOqE3
q8Iet/pdN1vkLlT6Hy9qeLt/HL3181PbdOzVQTAqdAwbJWwWBXhzD5+0zdGFqShH
OC55hXeLDD8QT1PDS7T/ND+xpmgZY6Q=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:35:09 2025 by rpki-client