Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/61939bbc-e50f-4ced-8482-e7c4008e3583/f71f8f88-7923-3041-bf8b-0c2c3e47d422.roa
File:                     f71f8f88-7923-3041-bf8b-0c2c3e47d422.roa (raw, json)
Hash identifier:          JPzf8AQmLElIUofolghiN61UCTf6SpAWm2ZNODY2Mfg=
Subject key identifier:   52:4C:3D:12:8D:43:D9:56:74:A5:FA:E8:C2:36:41:18:0B:2D:9B:A7
Certificate issuer:       /CN=61939bbc-e50f-4ced-8482-e7c4008e3583
Certificate serial:       010D0C9F43285841EC75517E2A1EAD42AA261B40
Authority key identifier: 3F:8D:F8:51:B6:E3:53:FA:6A:C1:CF:4A:DD:0E:91:CE:C3:DE:49:16
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/61939bbc-e50f-4ced-8482-e7c4008e3583.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/61939bbc-e50f-4ced-8482-e7c4008e3583/f71f8f88-7923-3041-bf8b-0c2c3e47d422.roa
Signing time:             Thu 18 May 2023 15:25:29 +0000
ROA not before:           Thu 18 May 2023 15:25:29 +0000
ROA not after:            Wed 16 Aug 2023 15:25:29 +0000
asID:                     394907
IP address blocks:        137.83.60.0/22 maxlen: 24
                          141.193.238.0/24 maxlen: 24
                          159.112.224.0/21 maxlen: 24
                          161.38.160.0/20 maxlen: 24
                          199.103.16.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:41:ec:75:51:7e:2a:1e:ad:42:aa:26:1b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61939bbc-e50f-4ced-8482-e7c4008e3583
        Validity
            Not Before: May 18 15:25:29 2023 GMT
            Not After : Aug 16 15:25:29 2023 GMT
        Subject: CN=8c6315ab-dd4a-4c3e-8bfc-4425c25c8bed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2e:06:3c:3f:18:de:d4:d3:44:5a:b3:82:82:
                    ac:19:9f:59:38:b6:0e:ed:e5:37:fa:36:d1:01:1a:
                    b0:f6:c8:1b:41:b1:b7:1d:f4:70:35:e5:c9:95:c1:
                    d6:93:48:7b:d2:d6:f4:3d:d2:3e:80:66:b0:fd:c5:
                    00:7a:a8:95:e0:11:92:64:7c:c7:1b:83:ed:28:1e:
                    ef:79:17:ae:59:62:06:d8:a0:ae:44:0c:f8:1e:90:
                    0c:ee:3f:07:7e:da:6c:0a:80:43:00:03:03:22:0a:
                    8d:f1:a9:80:b9:c8:d3:93:a8:d6:cc:b4:90:36:f2:
                    a2:b5:82:3f:da:68:4d:82:63:47:24:00:aa:ef:29:
                    40:d3:5b:4d:db:f2:9b:3a:38:3f:5f:f3:f6:dc:44:
                    b1:22:26:a5:35:86:6a:cc:b0:1f:32:c2:55:f9:37:
                    70:2f:7e:8a:7e:08:01:d6:0a:8e:8d:96:58:83:64:
                    46:d7:f5:aa:ee:dd:7b:fb:78:88:f1:5c:40:5c:ac:
                    e5:89:32:a6:1d:91:4c:34:fa:15:b7:ec:fb:9e:61:
                    30:14:01:ae:2f:00:91:df:a8:4f:c1:32:3c:11:e5:
                    bb:0c:5e:55:89:bc:15:c0:9e:58:04:4d:31:e2:e6:
                    57:2b:85:ab:42:90:55:39:29:cc:83:da:c5:6b:71:
                    52:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:4C:3D:12:8D:43:D9:56:74:A5:FA:E8:C2:36:41:18:0B:2D:9B:A7
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/61939bbc-e50f-4ced-8482-e7c4008e3583/f71f8f88-7923-3041-bf8b-0c2c3e47d422.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/61939bbc-e50f-4ced-8482-e7c4008e3583/61939bbc-e50f-4ced-8482-e7c4008e3583.crl

            X509v3 Authority Key Identifier:
                keyid:3F:8D:F8:51:B6:E3:53:FA:6A:C1:CF:4A:DD:0E:91:CE:C3:DE:49:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/61939bbc-e50f-4ced-8482-e7c4008e3583.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.83.60.0/22
                  141.193.238.0/24
                  159.112.224.0/21
                  161.38.160.0/20
                  199.103.16.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         34:1f:c7:e3:c2:31:37:d0:6f:9b:89:ad:a3:c6:11:1c:5b:fe:
         7c:5e:7c:3a:d2:ac:bc:bd:50:01:e4:67:7d:5f:e1:2c:af:81:
         bb:01:6d:61:45:2c:de:b0:4d:35:18:80:6e:fb:67:b0:eb:3e:
         90:87:c3:3f:82:88:c2:ae:74:f5:55:a3:33:14:d9:eb:73:dd:
         50:23:23:8b:05:83:eb:42:c0:62:e4:cb:64:a4:7f:f2:97:a5:
         4b:dd:dc:93:61:c4:d9:ab:1d:d5:4b:d0:4c:39:5f:60:01:ee:
         f8:d9:6d:1c:6e:4f:f0:d1:7f:78:6b:aa:04:50:9f:02:16:61:
         43:68:cf:89:07:73:d7:db:2e:c3:9e:da:47:d7:fa:f5:e1:4c:
         1a:7d:77:76:55:d0:dd:5f:fd:d1:9e:f5:57:17:2d:f8:4f:ed:
         2a:3c:54:4d:34:dc:c2:86:51:3c:8f:38:95:fb:60:e8:b9:7d:
         92:0e:3b:54:06:1b:3e:28:eb:20:91:40:f4:9a:c4:ce:76:20:
         a6:6d:25:9c:c5:0f:96:52:57:42:4f:b7:ab:b9:25:6d:41:97:
         46:fa:d0:84:7a:a8:27:7b:26:50:82:4c:90:25:89:74:c7:3d:
         f9:d2:bc:8a:01:fd:f8:45:c1:65:88:b1:c4:33:f8:30:6c:b2:
         99:52:a0:55
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgIUAQ0Mn0MoWEHsdVF+Kh6tQqomG0AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjE5MzliYmMtZTUwZi00Y2VkLTg0ODItZTdjNDAwOGUz
NTgzMB4XDTIzMDUxODE1MjUyOVoXDTIzMDgxNjE1MjUyOVowLzEtMCsGA1UEAxMk
OGM2MzE1YWItZGQ0YS00YzNlLThiZmMtNDQyNWMyNWM4YmVkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2S4GPD8Y3tTTRFqzgoKsGZ9ZOLYO7eU3+jbR
ARqw9sgbQbG3HfRwNeXJlcHWk0h70tb0PdI+gGaw/cUAeqiV4BGSZHzHG4PtKB7v
eReuWWIG2KCuRAz4HpAM7j8HftpsCoBDAAMDIgqN8amAucjTk6jWzLSQNvKitYI/
2mhNgmNHJACq7ylA01tN2/KbOjg/X/P23ESxIialNYZqzLAfMsJV+TdwL36KfggB
1gqOjZZYg2RG1/Wq7t17+3iI8VxAXKzliTKmHZFMNPoVt+z7nmEwFAGuLwCR36hP
wTI8EeW7DF5VibwVwJ5YBE0x4uZXK4WrQpBVOSnMg9rFa3FSiQIDAQABo4IDbTCC
A2kwHQYDVR0OBBYEFFJMPRKNQ9lWdKX66MI2QRgLLZunMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS82MTkz
OWJiYy1lNTBmLTRjZWQtODQ4Mi1lN2M0MDA4ZTM1ODMvZjcxZjhmODgtNzkyMy0z
MDQxLWJmOGItMGMyYzNlNDdkNDIyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvNjE5MzliYmMtZTUwZi00Y2VkLTg0
ODItZTdjNDAwOGUzNTgzLzYxOTM5YmJjLWU1MGYtNGNlZC04NDgyLWU3YzQwMDhl
MzU4My5jcmwwHwYDVR0jBBgwFoAUP434UbbjU/pqwc9K3Q6RzsPeSRYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS82MTkzOWJiYy1lNTBmLTRjZWQtODQ4Mi1lN2M0
MDA4ZTM1ODMuY2VyMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCiVM8AwQA
jcHuAwQDn3DgAwQEoSagAwQCx2cQMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIw
OjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jw
a2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBADQfx+PCMTfQb5uJraPGERxb
/nxefDrSrLy9UAHkZ31f4SyvgbsBbWFFLN6wTTUYgG77Z7DrPpCHwz+CiMKudPVV
ozMU2etz3VAjI4sFg+tCwGLky2Skf/KXpUvd3JNhxNmrHdVL0Ew5X2AB7vjZbRxu
T/DRf3hrqgRQnwIWYUNoz4kHc9fbLsOe2kfX+vXhTBp9d3ZV0N1f/dGe9VcXLfhP
7So8VE003MKGUTyPOJX7YOi5fZIOO1QGGz4o6yCRQPSaxM52IKZtJZzFD5ZSV0JP
t6u5JW1Bl0b60IR6qCd7JlCCTJAliXTHPfnSvIoB/fhFwWWIscQz+DBssplSoFU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:14:13 2024 by rpki-client on console-fra.rpki-client.org