Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/70ddad33-55eb-4125-9221-0129168a645b/974e00be-2105-3701-bb28-f0b9e409be50.roa
File:                     974e00be-2105-3701-bb28-f0b9e409be50.roa (raw, json)
Hash identifier:          1yF7ekR4XIkzDddfLqCGfei2+69B4mjBSprt6vTwgW4=
Subject key identifier:   4B:B0:92:A1:23:EA:FF:93:BE:5A:94:68:D4:6C:90:0F:00:E4:55:7A
Certificate issuer:       /CN=70ddad33-55eb-4125-9221-0129168a645b
Certificate serial:       010D0C9F4328584425CEAF04D48B55C3E1695A80
Authority key identifier: 7F:4C:A4:22:A3:CB:BB:A5:D6:77:9C:25:01:F3:7F:E5:D9:0E:B4:BD
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/70ddad33-55eb-4125-9221-0129168a645b.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/70ddad33-55eb-4125-9221-0129168a645b/974e00be-2105-3701-bb28-f0b9e409be50.roa
Signing time:             Fri 08 Dec 2023 14:00:20 +0000
ROA not before:           Fri 08 Dec 2023 14:00:20 +0000
ROA not after:            Thu 07 Mar 2024 14:00:20 +0000
asID:                     16509
IP address blocks:        165.140.216.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:44:25:ce:af:04:d4:8b:55:c3:e1:69:5a:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70ddad33-55eb-4125-9221-0129168a645b
        Validity
            Not Before: Dec  8 14:00:20 2023 GMT
            Not After : Mar  7 14:00:20 2024 GMT
        Subject: CN=5ff36e78-b077-4e6e-a894-b84aea7a8ebf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:ba:5a:01:8f:86:7f:01:9a:64:db:c0:57:7f:
                    ac:2a:d9:0b:79:f9:b1:f4:0e:7b:01:69:8d:bb:ed:
                    98:76:d0:4e:42:05:79:e5:92:a2:d5:66:aa:f6:e8:
                    f1:16:00:75:2a:c4:58:0b:32:ce:c9:00:4c:92:96:
                    0d:d1:09:ea:b1:f6:27:48:00:e3:45:b2:20:07:97:
                    bf:60:52:10:64:a1:4d:6d:a6:c0:92:e6:c4:cf:37:
                    45:33:32:34:99:59:5a:c1:29:dc:a0:e1:be:85:b2:
                    86:92:3d:f5:ce:d0:d0:26:0b:4e:79:c1:95:e7:bd:
                    5e:64:94:01:56:52:fa:01:22:15:7a:49:29:de:36:
                    73:7f:2f:37:09:35:e9:f2:e4:61:5d:67:66:c8:38:
                    a6:11:22:5e:6f:bc:4c:ab:5e:d5:e8:16:51:e7:32:
                    b1:99:b4:16:1c:ef:b6:72:31:8d:16:da:50:dc:80:
                    f6:ad:c3:d9:b1:36:1c:6b:f0:ad:43:c6:9f:a8:60:
                    8c:52:34:ce:a4:98:34:63:3a:99:b9:db:dd:d2:50:
                    68:59:fd:5a:68:65:f1:46:84:97:59:72:fd:fd:14:
                    96:ba:51:f1:06:96:c4:31:22:87:57:67:d1:27:96:
                    2e:9a:7e:2b:a0:cd:cf:18:7e:5c:f7:e4:4c:90:fe:
                    8c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:B0:92:A1:23:EA:FF:93:BE:5A:94:68:D4:6C:90:0F:00:E4:55:7A
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/70ddad33-55eb-4125-9221-0129168a645b/974e00be-2105-3701-bb28-f0b9e409be50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/70ddad33-55eb-4125-9221-0129168a645b/70ddad33-55eb-4125-9221-0129168a645b.crl

            X509v3 Authority Key Identifier:
                keyid:7F:4C:A4:22:A3:CB:BB:A5:D6:77:9C:25:01:F3:7F:E5:D9:0E:B4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/70ddad33-55eb-4125-9221-0129168a645b.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.140.216.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         35:2e:df:6c:8a:4b:f3:45:fc:60:b9:2e:b9:04:61:82:7d:b7:
         9d:66:b9:47:37:5b:c6:e4:f1:a2:7c:bd:4c:53:2c:e2:2a:1b:
         4a:52:40:17:23:10:11:7b:6b:25:13:c4:72:10:41:a5:d9:a7:
         49:3c:09:1c:12:e2:08:4e:1d:01:30:61:12:89:4a:ab:91:97:
         75:52:65:d0:90:7b:3c:66:fc:d9:c3:c2:65:15:cd:c2:53:87:
         93:db:56:dd:b0:cd:6c:9d:c2:29:27:da:4a:2c:59:c3:7c:ab:
         b0:01:3f:25:e2:f4:0c:d1:e3:40:13:61:b6:ef:f5:f7:21:40:
         b0:97:04:19:24:ce:94:8a:e8:33:99:a3:3b:5a:a7:a1:a8:eb:
         54:68:e3:fb:a5:b6:2d:5a:73:6a:26:31:eb:32:dd:5d:b8:e2:
         a2:52:2f:8a:87:2d:9d:d5:da:6a:75:bd:30:08:c5:5f:e0:ef:
         b2:e1:23:cb:23:02:5b:dd:3a:d2:7f:3f:51:2b:5d:08:03:be:
         a0:68:38:e1:f1:2c:1e:10:63:bb:1c:33:26:9f:b5:94:21:57:
         9a:b9:14:76:c8:8d:d4:0d:3f:35:18:0d:39:3a:96:4b:0e:1b:
         fc:14:38:c7:d7:9d:c0:d4:d9:16:87:48:5b:78:36:08:88:e6:
         9d:16:3f:fe
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEQlzq8E1ItVw+FpWoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzBkZGFkMzMtNTVlYi00MTI1LTkyMjEtMDEyOTE2OGE2
NDViMB4XDTIzMTIwODE0MDAyMFoXDTI0MDMwNzE0MDAyMFowLzEtMCsGA1UEAxMk
NWZmMzZlNzgtYjA3Ny00ZTZlLWE4OTQtYjg0YWVhN2E4ZWJmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbpaAY+GfwGaZNvAV3+sKtkLefmx9A57AWmN
u+2YdtBOQgV55ZKi1Waq9ujxFgB1KsRYCzLOyQBMkpYN0QnqsfYnSADjRbIgB5e/
YFIQZKFNbabAkubEzzdFMzI0mVlawSncoOG+hbKGkj31ztDQJgtOecGV571eZJQB
VlL6ASIVekkp3jZzfy83CTXp8uRhXWdmyDimESJeb7xMq17V6BZR5zKxmbQWHO+2
cjGNFtpQ3ID2rcPZsTYca/CtQ8afqGCMUjTOpJg0YzqZudvd0lBoWf1aaGXxRoSX
WXL9/RSWulHxBpbEMSKHV2fRJ5Yumn4roM3PGH5c9+RMkP6M3wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFEuwkqEj6v+TvlqUaNRskA8A5FV6MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS83MGRk
YWQzMy01NWViLTQxMjUtOTIyMS0wMTI5MTY4YTY0NWIvOTc0ZTAwYmUtMjEwNS0z
NzAxLWJiMjgtZjBiOWU0MDliZTUwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvNzBkZGFkMzMtNTVlYi00MTI1LTky
MjEtMDEyOTE2OGE2NDViLzcwZGRhZDMzLTU1ZWItNDEyNS05MjIxLTAxMjkxNjhh
NjQ1Yi5jcmwwHwYDVR0jBBgwFoAUf0ykIqPLu6XWd5wlAfN/5dkOtL0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS83MGRkYWQzMy01NWViLTQxMjUtOTIyMS0wMTI5
MTY4YTY0NWIuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCpYzYMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADUu32yKS/NF/GC5LrkEYYJ9t51muUc3W8bk8aJ8vUxTLOIqG0pSQBcj
EBF7ayUTxHIQQaXZp0k8CRwS4ghOHQEwYRKJSquRl3VSZdCQezxm/NnDwmUVzcJT
h5PbVt2wzWydwikn2kosWcN8q7ABPyXi9AzR40ATYbbv9fchQLCXBBkkzpSK6DOZ
oztap6Go61Ro4/ulti1ac2omMesy3V244qJSL4qHLZ3V2mp1vTAIxV/g77LhI8sj
AlvdOtJ/P1ErXQgDvqBoOOHxLB4QY7scMyaftZQhV5q5FHbIjdQNPzUYDTk6lksO
G/wUOMfXncDU2RaHSFt4NgiI5p0WP/4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:14:13 2024 by rpki-client on console-fra.rpki-client.org