Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/8c68ecf1-e558-31fb-bfb7-d39e51199de5.roa
File:                     8c68ecf1-e558-31fb-bfb7-d39e51199de5.roa (raw, json)
Hash identifier:          jn6JOUbkoq42EH1jq4KTtWuMEueA5QRGX4Xl9rpl7J0=
Subject key identifier:   65:F4:9D:6A:AD:5B:88:06:D7:C1:0F:C4:CB:1A:89:D8:01:AE:BD:7F
Certificate issuer:       /CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
Certificate serial:       010D0C9F43285846943F98287CB3C92F2A6E1800
Authority key identifier: 86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/8c68ecf1-e558-31fb-bfb7-d39e51199de5.roa
Signing time:             Thu 18 Jul 2024 13:00:33 +0000
ROA not before:           Thu 18 Jul 2024 13:00:33 +0000
ROA not after:            Wed 16 Oct 2024 13:00:33 +0000
asID:                     16625
IP address blocks:        104.67.0.0/20 maxlen: 20
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:94:3f:98:28:7c:b3:c9:2f:2a:6e:18:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
        Validity
            Not Before: Jul 18 13:00:33 2024 GMT
            Not After : Oct 16 13:00:33 2024 GMT
        Subject: CN=2ba68c7c-d759-4408-a0af-4d6a31ded022
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:0f:9c:58:9c:91:00:d0:27:19:0b:72:6d:6f:
                    29:58:4a:c7:fd:77:8f:40:05:87:d7:6d:57:70:cf:
                    ef:ec:47:ab:ad:77:28:b4:e3:d6:39:1a:03:6e:84:
                    97:e3:d6:c1:e8:9c:c9:81:bb:38:f7:0b:90:48:6b:
                    a8:2a:06:5a:96:1e:75:77:5e:b4:6d:a9:04:0e:0b:
                    a2:2b:eb:d3:dd:71:57:62:d2:dd:f6:e3:8c:b9:3e:
                    4c:a6:43:74:68:d6:b7:17:53:27:9f:5b:74:fe:30:
                    de:60:7e:58:79:2f:8e:99:b3:32:4c:d1:14:c5:01:
                    92:fb:e5:c0:fc:50:4f:11:e9:ba:13:dd:f4:7d:e1:
                    3d:6e:5e:d5:56:fd:56:ad:92:55:03:78:7e:3a:3d:
                    0c:72:45:ab:22:7f:4a:31:9c:ff:df:1f:ed:6e:ef:
                    09:21:e7:2a:8b:f1:c5:a2:fc:81:c3:44:85:0a:dd:
                    86:4b:e2:a7:d8:82:39:e4:2c:63:36:2c:89:02:54:
                    06:af:df:db:28:0c:66:86:08:d9:c1:8e:30:6d:e8:
                    49:c7:89:0b:d5:4e:29:a4:2d:63:dd:0c:31:5f:02:
                    fd:86:f0:12:57:a5:a5:fb:e5:10:2d:af:79:a9:0f:
                    60:61:2b:c8:da:43:c7:75:c7:02:da:5f:7e:18:d8:
                    3a:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:F4:9D:6A:AD:5B:88:06:D7:C1:0F:C4:CB:1A:89:D8:01:AE:BD:7F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/8c68ecf1-e558-31fb-bfb7-d39e51199de5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.crl

            X509v3 Authority Key Identifier:
                keyid:86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.67.0.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         0f:e8:e2:dd:84:c1:15:ba:39:10:4b:7b:a4:2a:69:b1:7d:46:
         72:98:57:94:9e:ae:5a:d4:73:2a:93:3c:61:62:a5:2b:27:71:
         92:f9:24:c3:e6:c3:29:05:88:37:04:4f:b9:48:c9:df:19:85:
         5e:04:a6:3a:92:26:35:1d:e2:4f:fe:7b:5a:8e:1c:21:24:12:
         ea:5c:42:34:73:62:26:cb:c4:04:7d:d1:04:f0:25:1e:b8:e6:
         7c:5d:d6:7e:a2:6a:09:5b:34:fa:ba:43:d3:61:27:f9:e3:50:
         12:84:21:cd:91:27:f0:69:2a:04:15:03:74:18:4a:cf:fa:f5:
         fc:3f:e9:d2:8f:d6:ef:84:52:5e:64:d9:c9:c4:e1:d2:91:69:
         00:5b:c8:77:4f:4b:17:98:d5:9c:8e:62:ee:64:d3:ff:27:3c:
         98:cc:a3:6b:1f:b9:24:c5:b7:e6:4d:1c:ae:00:f3:d5:83:a2:
         40:98:c1:3a:57:4b:72:5f:9e:0f:97:b0:04:f3:5e:7d:dc:75:
         e2:05:d8:c5:34:1b:76:cb:e3:93:a0:51:e1:72:30:9f:7b:69:
         0f:87:ca:b1:4e:bb:ac:e6:24:b8:5a:41:4f:65:7a:1f:16:4e:
         f6:a3:84:eb:59:35:31:77:bb:5f:0c:63:a5:23:3a:99:e5:66:
         9b:44:8f:f4
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEaUP5gofLPJLypuGAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNWQ5YzllZjUtYjk2MC00MTJkLWFmNWUtMmRmMThjMjFm
ODA5MB4XDTI0MDcxODEzMDAzM1oXDTI0MTAxNjEzMDAzM1owLzEtMCsGA1UEAxMk
MmJhNjhjN2MtZDc1OS00NDA4LWEwYWYtNGQ2YTMxZGVkMDIyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA+cWJyRANAnGQtybW8pWErH/XePQAWH121X
cM/v7EerrXcotOPWORoDboSX49bB6JzJgbs49wuQSGuoKgZalh51d160bakEDgui
K+vT3XFXYtLd9uOMuT5MpkN0aNa3F1Mnn1t0/jDeYH5YeS+OmbMyTNEUxQGS++XA
/FBPEem6E930feE9bl7VVv1WrZJVA3h+Oj0MckWrIn9KMZz/3x/tbu8JIecqi/HF
ovyBw0SFCt2GS+Kn2II55CxjNiyJAlQGr9/bKAxmhgjZwY4wbehJx4kL1U4ppC1j
3QwxXwL9hvASV6Wl++UQLa95qQ9gYSvI2kPHdccC2l9+GNg6oQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFGX0nWqtW4gG18EPxMsaidgBrr1/MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS81ZDlj
OWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYxOGMyMWY4MDkvOGM2OGVjZjEtZTU1OC0z
MWZiLWJmYjctZDM5ZTUxMTk5ZGU1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNWQ5YzllZjUtYjk2MC00MTJkLWFm
NWUtMmRmMThjMjFmODA5LzVkOWM5ZWY1LWI5NjAtNDEyZC1hZjVlLTJkZjE4YzIx
ZjgwOS5jcmwwHwYDVR0jBBgwFoAUhqQ31G26knrmjZ1q8zXGRprdF+0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS81ZDljOWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYx
OGMyMWY4MDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEaEMAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAA/o4t2EwRW6ORBLe6QqabF9RnKYV5SerlrUcyqTPGFipSsncZL5JMPm
wykFiDcET7lIyd8ZhV4EpjqSJjUd4k/+e1qOHCEkEupcQjRzYibLxAR90QTwJR64
5nxd1n6iaglbNPq6Q9NhJ/njUBKEIc2RJ/BpKgQVA3QYSs/69fw/6dKP1u+EUl5k
2cnE4dKRaQBbyHdPSxeY1ZyOYu5k0/8nPJjMo2sfuSTFt+ZNHK4A89WDokCYwTpX
S3Jfng+XsATzXn3cdeIF2MU0G3bL45OgUeFyMJ97aQ+HyrFOu6zmJLhaQU9leh8W
TvajhOtZNTF3u18MY6UjOpnlZptEj/Q=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:35:06 2025 by rpki-client