Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/77836eaa-7214-4a69-8b5a-41b55d93e689/99c06ea5-8c46-30a0-99cc-284b4670ab63.roa
File:                     99c06ea5-8c46-30a0-99cc-284b4670ab63.roa (raw, json)
Hash identifier:          zGEUtfVjwGHyhILIR6u/UI5BHH8nrZm6Dls2P9fIaj4=
Subject key identifier:   B2:68:12:75:F8:E6:D7:08:CD:CC:DD:30:67:52:1F:DD:3A:B7:2F:B5
Certificate issuer:       /CN=77836eaa-7214-4a69-8b5a-41b55d93e689
Certificate serial:       010D0C9F43285843AF9F3F34ED528FCE6898A680
Authority key identifier: 33:E4:62:D4:47:A7:41:15:52:A2:EF:26:A1:7C:09:93:89:29:43:15
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/77836eaa-7214-4a69-8b5a-41b55d93e689.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/77836eaa-7214-4a69-8b5a-41b55d93e689/99c06ea5-8c46-30a0-99cc-284b4670ab63.roa
Signing time:             Fri 27 Oct 2023 05:59:31 +0000
ROA not before:           Fri 27 Oct 2023 05:59:31 +0000
ROA not after:            Thu 25 Jan 2024 06:59:31 +0000
asID:                     16399
IP address blocks:        64.27.128.0/19 maxlen: 24
                          67.206.64.0/19 maxlen: 24
                          69.7.192.0/19 maxlen: 24
                          209.170.160.0/20 maxlen: 24
                          216.130.96.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:af:9f:3f:34:ed:52:8f:ce:68:98:a6:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77836eaa-7214-4a69-8b5a-41b55d93e689
        Validity
            Not Before: Oct 27 05:59:31 2023 GMT
            Not After : Jan 25 06:59:31 2024 GMT
        Subject: CN=5bc46cc6-483b-4aff-a4a6-b2999677c7da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d6:24:14:a7:b5:73:a8:17:25:86:64:be:5d:
                    3d:d3:14:11:55:5b:61:07:ba:69:65:bf:4b:ff:15:
                    92:80:46:25:c5:0e:25:03:d9:fc:fb:20:dd:6b:93:
                    00:a2:e9:d5:ce:c4:4b:89:82:88:ac:7f:37:be:59:
                    cb:1a:e4:a4:9c:f9:78:9e:2f:28:c5:ec:ff:39:9f:
                    7b:a1:f8:70:74:d1:c2:0b:77:48:79:35:2e:7d:70:
                    98:03:66:f2:8e:8a:30:76:b9:ac:02:0e:b8:c1:79:
                    9f:ae:40:44:39:e4:8f:ae:9d:2a:c4:46:82:c2:42:
                    4a:d2:28:40:6a:0d:5f:c3:66:b6:c8:33:34:b4:8d:
                    66:46:81:3a:f0:bb:28:42:ee:da:bf:c5:7a:6e:ed:
                    b9:55:70:38:75:a3:6a:b3:e0:29:03:b8:26:9d:c9:
                    8f:d9:17:35:46:0f:c5:e4:29:25:5f:87:4b:85:26:
                    cc:c3:71:34:06:0b:a3:69:c2:f3:51:52:fb:12:80:
                    6a:de:82:bf:b3:f4:47:6c:12:79:10:8f:48:e6:8c:
                    61:8e:0e:2a:df:48:a9:41:ce:2f:e7:34:a7:ce:49:
                    ff:51:bf:b8:2d:20:6e:d5:e2:40:51:d4:0a:9b:51:
                    8f:69:20:44:68:2f:99:eb:9b:f4:ca:cb:78:63:3a:
                    f8:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:68:12:75:F8:E6:D7:08:CD:CC:DD:30:67:52:1F:DD:3A:B7:2F:B5
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/77836eaa-7214-4a69-8b5a-41b55d93e689/99c06ea5-8c46-30a0-99cc-284b4670ab63.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/77836eaa-7214-4a69-8b5a-41b55d93e689/77836eaa-7214-4a69-8b5a-41b55d93e689.crl

            X509v3 Authority Key Identifier:
                keyid:33:E4:62:D4:47:A7:41:15:52:A2:EF:26:A1:7C:09:93:89:29:43:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/77836eaa-7214-4a69-8b5a-41b55d93e689.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.27.128.0/19
                  67.206.64.0/19
                  69.7.192.0/19
                  209.170.160.0/20
                  216.130.96.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         a2:02:d7:be:bd:0d:87:19:34:13:46:59:22:c8:38:18:84:df:
         5a:39:05:88:51:a3:fd:41:fb:43:02:ce:66:8c:88:ab:11:5c:
         4b:91:23:67:b7:b3:df:6a:4f:8c:93:9d:68:80:9b:cb:fe:eb:
         7b:f6:4e:b1:8f:81:1c:16:88:20:1b:5f:74:e8:74:d1:b9:67:
         06:bc:89:36:db:9f:8a:5d:cc:d8:2d:c3:8a:89:35:b9:03:b7:
         7e:93:66:bb:ea:0f:3c:78:85:80:90:42:4e:69:34:68:88:fd:
         e2:6a:80:43:bc:21:53:85:7b:32:35:2d:c9:6b:ae:ed:c3:3f:
         0d:8d:43:46:a1:20:f5:a8:be:e8:2d:23:2d:ef:5c:35:a5:6c:
         f5:15:49:ae:72:fa:82:42:75:1f:37:b9:f7:c1:80:82:64:3d:
         14:e8:e6:06:f8:f0:3d:da:42:39:9a:c8:65:1a:d1:66:44:50:
         78:27:d7:7c:5b:e4:04:e6:73:09:84:30:cf:bc:3b:71:07:8f:
         db:ac:a6:14:55:06:dc:f0:83:d2:39:11:a9:35:14:1d:33:c8:
         6e:10:d5:32:44:a2:f5:ee:bb:95:71:8b:4b:8e:78:e3:42:34:
         11:ee:f9:8c:bb:60:ec:f2:37:f9:0e:a5:af:8a:21:1b:e2:e1:
         bc:fb:f5:90
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgIUAQ0Mn0MoWEOvnz807VKPzmiYpoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzc4MzZlYWEtNzIxNC00YTY5LThiNWEtNDFiNTVkOTNl
Njg5MB4XDTIzMTAyNzA1NTkzMVoXDTI0MDEyNTA2NTkzMVowLzEtMCsGA1UEAxMk
NWJjNDZjYzYtNDgzYi00YWZmLWE0YTYtYjI5OTk2NzdjN2RhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dYkFKe1c6gXJYZkvl090xQRVVthB7ppZb9L
/xWSgEYlxQ4lA9n8+yDda5MAounVzsRLiYKIrH83vlnLGuSknPl4ni8oxez/OZ97
ofhwdNHCC3dIeTUufXCYA2byjoowdrmsAg64wXmfrkBEOeSPrp0qxEaCwkJK0ihA
ag1fw2a2yDM0tI1mRoE68LsoQu7av8V6bu25VXA4daNqs+ApA7gmncmP2Rc1Rg/F
5CklX4dLhSbMw3E0BgujacLzUVL7EoBq3oK/s/RHbBJ5EI9I5oxhjg4q30ipQc4v
5zSnzkn/Ub+4LSBu1eJAUdQKm1GPaSBEaC+Z65v0yst4Yzr4xQIDAQABo4IDbTCC
A2kwHQYDVR0OBBYEFLJoEnX45tcIzczdMGdSH906ty+1MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0NS1hMGE5LTk3ODE0ODMyMWEwNy83Nzgz
NmVhYS03MjE0LTRhNjktOGI1YS00MWI1NWQ5M2U2ODkvOTljMDZlYTUtOGM0Ni0z
MGEwLTk5Y2MtMjg0YjQ2NzBhYjYzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy84NzFkYTQwZi03
OTNhLTRhNDUtYTBhOS05NzgxNDgzMjFhMDcvNzc4MzZlYWEtNzIxNC00YTY5LThi
NWEtNDFiNTVkOTNlNjg5Lzc3ODM2ZWFhLTcyMTQtNGE2OS04YjVhLTQxYjU1ZDkz
ZTY4OS5jcmwwHwYDVR0jBBgwFoAUM+Ri1EenQRVSou8moXwJk4kpQxUwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0
NS1hMGE5LTk3ODE0ODMyMWEwNy83NzgzNmVhYS03MjE0LTRhNjktOGI1YS00MWI1
NWQ5M2U2ODkuY2VyMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFQBuAAwQF
Q85AAwQFRQfAAwQE0aqgAwQF2IJgMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIw
OjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jw
a2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAKIC1769DYcZNBNGWSLIOBiE
31o5BYhRo/1B+0MCzmaMiKsRXEuRI2e3s99qT4yTnWiAm8v+63v2TrGPgRwWiCAb
X3TodNG5Zwa8iTbbn4pdzNgtw4qJNbkDt36TZrvqDzx4hYCQQk5pNGiI/eJqgEO8
IVOFezI1Lclrru3DPw2NQ0ahIPWovugtIy3vXDWlbPUVSa5y+oJCdR83uffBgIJk
PRTo5gb48D3aQjmayGUa0WZEUHgn13xb5ATmcwmEMM+8O3EHj9usphRVBtzwg9I5
Eak1FB0zyG4Q1TJEovXuu5Vxi0uOeONCNBHu+Yy7YOzyN/kOpa+KIRvi4bz79ZA=
-----END CERTIFICATE-----