Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/3d7fb1c2-f387-482d-a6fe-dc5a844f85ef/27e2c5e1-e18d-35bb-a4d3-439d92815966.roa
File:                     27e2c5e1-e18d-35bb-a4d3-439d92815966.roa (raw, json)
Hash identifier:          t4knW8osIoX9VKimszH2uCQ7PexZEhmryXXBWa5qyq8=
Subject key identifier:   66:46:29:5C:6D:B8:A7:F5:04:D9:48:BD:C2:1D:AA:50:C9:A1:02:94
Certificate issuer:       /CN=3d7fb1c2-f387-482d-a6fe-dc5a844f85ef
Certificate serial:       010D0C9F43285845B53F107E4167D3E44C104200
Authority key identifier: DC:C9:08:36:55:E7:6E:5B:A5:B0:67:A1:E6:60:D3:23:A9:61:44:20
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/3d7fb1c2-f387-482d-a6fe-dc5a844f85ef.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/3d7fb1c2-f387-482d-a6fe-dc5a844f85ef/27e2c5e1-e18d-35bb-a4d3-439d92815966.roa
Signing time:             Mon 29 Apr 2024 15:54:27 +0000
ROA not before:           Mon 29 Apr 2024 15:54:27 +0000
ROA not after:            Sun 28 Jul 2024 15:54:27 +0000
asID:                     13576
IP address blocks:        216.106.199.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:b5:3f:10:7e:41:67:d3:e4:4c:10:42:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d7fb1c2-f387-482d-a6fe-dc5a844f85ef
        Validity
            Not Before: Apr 29 15:54:27 2024 GMT
            Not After : Jul 28 15:54:27 2024 GMT
        Subject: CN=5385afb6-bb9a-440e-926b-40641208410a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:18:de:8e:c3:ad:ba:21:a7:9d:80:ac:12:47:
                    1e:eb:b1:05:d0:83:be:36:44:32:6e:51:b9:c6:fa:
                    ed:74:83:0f:04:bf:6a:55:91:4b:4b:20:65:56:9f:
                    bf:93:92:75:3d:f3:2c:b7:9d:60:58:62:f6:58:e0:
                    dd:48:09:2b:30:76:f0:7d:1d:9b:ac:68:53:3e:2e:
                    31:6f:74:e0:fc:b2:10:4a:60:e5:1c:a6:3f:f0:1b:
                    e1:1f:fb:c3:5f:06:c4:2f:84:82:a2:67:55:e1:15:
                    57:33:1a:49:b0:26:1b:8f:51:77:50:b1:00:bd:b6:
                    b1:40:c0:12:12:18:f7:4d:b8:19:71:ee:09:1e:43:
                    52:4b:3d:ee:7b:ff:44:d7:03:99:f1:bf:ae:9c:ab:
                    53:10:1c:82:2d:64:f8:9c:be:db:fa:58:38:0a:f8:
                    e4:0e:5f:ab:a5:47:2e:a6:e2:ab:a5:90:f7:d7:e6:
                    99:85:22:7e:ef:65:91:63:bf:5c:36:31:04:eb:43:
                    d9:de:51:1c:66:c2:32:82:ab:54:96:85:5a:64:81:
                    90:f1:e6:0d:8e:f6:8c:39:d1:08:d4:07:29:80:49:
                    3c:7a:0e:67:6c:a9:b1:a2:4c:2c:cb:b7:41:14:5f:
                    10:2c:9b:8d:18:a3:60:64:9b:0e:3b:cc:52:fe:81:
                    ef:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:46:29:5C:6D:B8:A7:F5:04:D9:48:BD:C2:1D:AA:50:C9:A1:02:94
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/3d7fb1c2-f387-482d-a6fe-dc5a844f85ef/27e2c5e1-e18d-35bb-a4d3-439d92815966.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/3d7fb1c2-f387-482d-a6fe-dc5a844f85ef/3d7fb1c2-f387-482d-a6fe-dc5a844f85ef.crl

            X509v3 Authority Key Identifier:
                keyid:DC:C9:08:36:55:E7:6E:5B:A5:B0:67:A1:E6:60:D3:23:A9:61:44:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/3d7fb1c2-f387-482d-a6fe-dc5a844f85ef.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.106.199.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         23:95:a8:67:dd:01:99:16:4e:0d:81:dc:65:70:ad:a6:e9:0b:
         7e:5e:c0:42:96:ac:1a:4c:f6:f8:eb:6e:e1:42:18:57:84:48:
         db:ee:ae:cd:29:28:db:b6:d2:f9:d7:b5:48:bb:4b:92:ca:32:
         d1:76:c5:d7:b7:fc:b1:7b:1a:46:c5:63:a3:cc:70:db:66:d4:
         06:56:38:57:9f:69:6d:64:ff:11:9e:22:9c:7e:d2:46:c9:f5:
         e7:e2:36:0d:90:a1:4e:1b:70:32:68:27:0e:bf:a9:71:ce:0b:
         0b:69:e2:20:0f:f6:95:f8:94:23:54:03:30:f3:dd:5c:09:b9:
         aa:16:cf:d5:27:3f:f3:52:e6:e6:90:ae:7b:ff:e2:ff:fc:2a:
         63:78:ca:be:79:6e:a7:5f:e9:e9:7d:49:b9:88:6a:3c:57:2c:
         ae:d3:cc:1a:44:e9:7b:7d:d8:88:2f:65:f6:41:4d:7a:cf:e4:
         43:29:2a:01:c8:d7:02:c1:aa:57:b2:a5:c9:81:46:1a:28:86:
         b3:02:4d:1c:1a:db:96:cc:eb:83:e9:3a:e6:03:5c:89:19:96:
         ca:2a:3d:85:3e:14:5c:94:67:76:b9:f7:ed:f1:b6:cb:c1:e2:
         4e:22:99:3f:2d:31:8c:af:fa:36:23:b9:b0:64:65:6f:08:84:
         4d:54:91:eb
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEW1PxB+QWfT5EwQQgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkM2Q3ZmIxYzItZjM4Ny00ODJkLWE2ZmUtZGM1YTg0NGY4
NWVmMB4XDTI0MDQyOTE1NTQyN1oXDTI0MDcyODE1NTQyN1owLzEtMCsGA1UEAxMk
NTM4NWFmYjYtYmI5YS00NDBlLTkyNmItNDA2NDEyMDg0MTBhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRjejsOtuiGnnYCsEkce67EF0IO+NkQyblG5
xvrtdIMPBL9qVZFLSyBlVp+/k5J1PfMst51gWGL2WODdSAkrMHbwfR2brGhTPi4x
b3Tg/LIQSmDlHKY/8BvhH/vDXwbEL4SComdV4RVXMxpJsCYbj1F3ULEAvbaxQMAS
Ehj3TbgZce4JHkNSSz3ue/9E1wOZ8b+unKtTEByCLWT4nL7b+lg4CvjkDl+rpUcu
puKrpZD31+aZhSJ+72WRY79cNjEE60PZ3lEcZsIygqtUloVaZIGQ8eYNjvaMOdEI
1AcpgEk8eg5nbKmxokwsy7dBFF8QLJuNGKNgZJsOO8xS/oHvGQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFGZGKVxtuKf1BNlIvcIdqlDJoQKUMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS8zZDdm
YjFjMi1mMzg3LTQ4MmQtYTZmZS1kYzVhODQ0Zjg1ZWYvMjdlMmM1ZTEtZTE4ZC0z
NWJiLWE0ZDMtNDM5ZDkyODE1OTY2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvM2Q3ZmIxYzItZjM4Ny00ODJkLWE2
ZmUtZGM1YTg0NGY4NWVmLzNkN2ZiMWMyLWYzODctNDgyZC1hNmZlLWRjNWE4NDRm
ODVlZi5jcmwwHwYDVR0jBBgwFoAU3MkINlXnblulsGeh5mDTI6lhRCAwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS8zZDdmYjFjMi1mMzg3LTQ4MmQtYTZmZS1kYzVh
ODQ0Zjg1ZWYuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2GrHMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACOVqGfdAZkWTg2B3GVwrabpC35ewEKWrBpM9vjrbuFCGFeESNvurs0p
KNu20vnXtUi7S5LKMtF2xde3/LF7GkbFY6PMcNtm1AZWOFefaW1k/xGeIpx+0kbJ
9efiNg2QoU4bcDJoJw6/qXHOCwtp4iAP9pX4lCNUAzDz3VwJuaoWz9UnP/NS5uaQ
rnv/4v/8KmN4yr55bqdf6el9SbmIajxXLK7TzBpE6Xt92IgvZfZBTXrP5EMpKgHI
1wLBqleypcmBRhoohrMCTRwa25bM64PpOuYDXIkZlsoqPYU+FFyUZ3a59+3xtsvB
4k4imT8tMYyv+jYjubBkZW8IhE1Ukes=
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:16:46 2025 by rpki-client