Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/2d938178-9c38-38f1-b995-71faa59382b3.roa
File:                     2d938178-9c38-38f1-b995-71faa59382b3.roa (raw, json)
Hash identifier:          GdrFlZxB+FYZNy0NDN59QDZNNka9rqUwjMupoyUHFuE=
Subject key identifier:   D0:34:FC:60:97:B8:46:D3:87:FE:A1:3B:8B:61:DA:99:4E:CF:3A:B5
Certificate issuer:       /CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
Certificate serial:       010D0C9F43285846943F9BB61C3628414C9D1440
Authority key identifier: 86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/2d938178-9c38-38f1-b995-71faa59382b3.roa
Signing time:             Thu 18 Jul 2024 13:00:33 +0000
ROA not before:           Thu 18 Jul 2024 13:00:33 +0000
ROA not after:            Wed 16 Oct 2024 13:00:33 +0000
asID:                     16625
IP address blocks:        104.71.220.0/22 maxlen: 22
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:94:3f:9b:b6:1c:36:28:41:4c:9d:14:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
        Validity
            Not Before: Jul 18 13:00:33 2024 GMT
            Not After : Oct 16 13:00:33 2024 GMT
        Subject: CN=144e6be9-a6fd-4585-b2bf-b1bef4d9e476
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:09:ae:10:e3:ec:bf:c6:f8:3a:7f:b9:ba:f0:
                    03:04:93:e4:66:4e:1a:17:f4:91:a9:82:6c:27:73:
                    9f:b7:42:74:6f:34:11:97:1c:a7:79:24:e7:59:24:
                    68:98:ff:66:4b:27:5f:2c:06:c7:86:16:11:db:86:
                    bc:15:e0:6b:69:c7:0f:a9:65:00:7b:34:14:87:38:
                    53:f5:f5:dc:ae:b1:d1:9e:61:34:10:70:d1:1b:9e:
                    39:47:9c:de:e4:5f:05:0e:bf:1b:e5:56:07:c0:5b:
                    f5:8d:b3:2b:00:6e:b1:ac:39:1f:2b:70:59:4c:67:
                    7c:56:c9:b3:6e:53:09:8b:b9:bb:e4:8e:a0:78:cb:
                    61:87:39:0f:62:6e:06:96:30:bd:c6:57:3f:24:55:
                    27:9f:dc:54:e1:9a:ea:78:ff:c9:96:b6:54:05:6d:
                    16:8e:07:c6:7c:91:e0:b1:d0:5c:ee:e8:66:fe:17:
                    a7:cf:58:68:04:d7:69:9f:a0:6a:40:f3:89:e3:aa:
                    d0:f6:a6:59:ca:13:fe:ef:73:9f:00:be:95:c3:89:
                    10:e7:02:c8:6c:97:bb:2f:1f:7b:aa:cc:9b:88:34:
                    96:83:4f:39:ac:6c:b6:ad:42:bc:b8:4b:78:5a:40:
                    ea:fe:8a:7f:f4:11:f7:75:1c:2f:d3:32:43:12:4c:
                    69:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:34:FC:60:97:B8:46:D3:87:FE:A1:3B:8B:61:DA:99:4E:CF:3A:B5
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/2d938178-9c38-38f1-b995-71faa59382b3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.crl

            X509v3 Authority Key Identifier:
                keyid:86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.71.220.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         86:a3:dc:0f:aa:14:35:4f:80:94:0c:1b:52:ae:d4:23:06:64:
         ee:db:ab:7f:6d:0a:d9:3c:a4:fb:a8:95:80:62:50:70:bc:b1:
         b7:9d:e2:87:e2:10:ba:57:2a:74:8d:c0:79:9a:71:7a:89:38:
         5d:6d:d0:4c:e6:de:e4:af:0c:43:50:17:16:b4:9b:aa:eb:72:
         0e:88:0e:b1:94:ae:d0:f5:b8:3b:0c:a1:ff:1f:65:83:9b:56:
         a1:bb:bb:30:24:c0:e0:db:4a:a4:13:e8:cb:41:56:48:34:c4:
         f6:d2:14:d1:78:a0:8b:4b:2d:d5:6b:d1:1f:bd:ba:7d:ae:09:
         14:41:05:d0:66:0b:78:53:8b:4b:fb:c3:d9:e2:e5:17:dd:d0:
         fe:57:be:90:4e:06:7d:07:63:79:a8:5a:02:a6:8f:1f:20:68:
         f5:52:c5:e2:9b:b5:e7:94:af:24:60:2e:62:77:b0:30:52:a8:
         76:99:12:57:74:8c:91:91:7d:32:1e:31:71:2f:d9:f0:9c:60:
         6b:5f:86:10:cd:b9:fc:b2:20:14:1d:f2:60:08:68:0c:d5:be:
         bd:87:5d:14:6f:42:ad:62:70:a1:6a:f4:29:55:74:b0:cc:c9:
         26:91:19:7b:cb:a0:4a:4a:08:f2:e3:f2:80:a8:6c:6b:31:52:
         8e:e5:0f:8d
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEaUP5u2HDYoQUydFEAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNWQ5YzllZjUtYjk2MC00MTJkLWFmNWUtMmRmMThjMjFm
ODA5MB4XDTI0MDcxODEzMDAzM1oXDTI0MTAxNjEzMDAzM1owLzEtMCsGA1UEAxMk
MTQ0ZTZiZTktYTZmZC00NTg1LWIyYmYtYjFiZWY0ZDllNDc2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQmuEOPsv8b4On+5uvADBJPkZk4aF/SRqYJs
J3Oft0J0bzQRlxyneSTnWSRomP9mSydfLAbHhhYR24a8FeBraccPqWUAezQUhzhT
9fXcrrHRnmE0EHDRG545R5ze5F8FDr8b5VYHwFv1jbMrAG6xrDkfK3BZTGd8Vsmz
blMJi7m75I6geMthhzkPYm4GljC9xlc/JFUnn9xU4ZrqeP/JlrZUBW0WjgfGfJHg
sdBc7uhm/henz1hoBNdpn6BqQPOJ46rQ9qZZyhP+73OfAL6Vw4kQ5wLIbJe7Lx97
qsybiDSWg085rGy2rUK8uEt4WkDq/op/9BH3dRwv0zJDEkxp/QIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNA0/GCXuEbTh/6hO4th2plOzzq1MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS81ZDlj
OWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYxOGMyMWY4MDkvMmQ5MzgxNzgtOWMzOC0z
OGYxLWI5OTUtNzFmYWE1OTM4MmIzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNWQ5YzllZjUtYjk2MC00MTJkLWFm
NWUtMmRmMThjMjFmODA5LzVkOWM5ZWY1LWI5NjAtNDEyZC1hZjVlLTJkZjE4YzIx
ZjgwOS5jcmwwHwYDVR0jBBgwFoAUhqQ31G26knrmjZ1q8zXGRprdF+0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS81ZDljOWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYx
OGMyMWY4MDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCaEfcMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIaj3A+qFDVPgJQMG1Ku1CMGZO7bq39tCtk8pPuolYBiUHC8sbed4ofi
ELpXKnSNwHmacXqJOF1t0Ezm3uSvDENQFxa0m6rrcg6IDrGUrtD1uDsMof8fZYOb
VqG7uzAkwODbSqQT6MtBVkg0xPbSFNF4oItLLdVr0R+9un2uCRRBBdBmC3hTi0v7
w9ni5Rfd0P5XvpBOBn0HY3moWgKmjx8gaPVSxeKbteeUryRgLmJ3sDBSqHaZEld0
jJGRfTIeMXEv2fCcYGtfhhDNufyyIBQd8mAIaAzVvr2HXRRvQq1icKFq9ClVdLDM
ySaRGXvLoEpKCPLj8oCobGsxUo7lD40=
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:09:38 2025 by rpki-client