Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/df91d79c-7d35-3d92-857e-402a482d713e.roa
File:                     df91d79c-7d35-3d92-857e-402a482d713e.roa (raw, json)
Hash identifier:          2JLnxL7oktQF1B9VsZyxeP51rnrNGC39VvDG9gWDsWg=
Subject key identifier:   BC:74:FF:78:C7:1F:67:8A:25:82:CE:96:50:3F:D7:49:E5:B0:D3:96
Certificate issuer:       /CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
Certificate serial:       010D0C9F43285846864A23C6C98C7E5689DA8300
Authority key identifier: 86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/df91d79c-7d35-3d92-857e-402a482d713e.roa
Signing time:             Sat 13 Jul 2024 13:00:33 +0000
ROA not before:           Sat 13 Jul 2024 13:00:33 +0000
ROA not after:            Fri 11 Oct 2024 13:00:33 +0000
asID:                     16625
IP address blocks:        23.14.144.0/20 maxlen: 20
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:86:4a:23:c6:c9:8c:7e:56:89:da:83:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
        Validity
            Not Before: Jul 13 13:00:33 2024 GMT
            Not After : Oct 11 13:00:33 2024 GMT
        Subject: CN=950634c7-d569-431b-b739-585c9a326394
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f9:6c:6b:d5:27:13:07:33:6a:03:fe:10:50:
                    d7:72:bb:ab:84:ca:80:c3:72:21:af:23:07:18:76:
                    8d:be:9b:14:32:50:14:f5:ac:d9:50:e4:1d:02:a7:
                    29:f7:40:9f:53:d8:85:77:aa:b0:d4:be:5e:d5:6b:
                    fa:36:0d:3e:2e:7b:38:70:13:a6:09:d5:c4:dd:d1:
                    e1:28:58:98:40:af:bf:53:b3:54:30:12:ed:36:3e:
                    cb:7f:a7:15:4e:d7:5d:fc:16:58:80:9d:61:08:33:
                    ce:fb:16:37:2c:6a:44:fb:0f:4f:db:67:5c:70:64:
                    82:ea:c5:05:44:a5:47:f0:73:f5:79:65:88:97:9c:
                    18:ba:ff:b9:41:6f:b7:69:d0:f1:b6:20:28:49:2c:
                    c6:02:b9:87:4f:ad:db:9f:6d:79:a8:44:97:18:67:
                    27:15:7e:c6:49:39:1b:61:de:1e:fa:df:46:76:4a:
                    4d:b1:72:9f:3c:88:66:8b:a3:cf:b5:18:7d:9f:e9:
                    1b:b2:ac:ff:e4:7f:bd:3f:c9:38:2e:17:68:43:2a:
                    30:bc:0b:f0:52:e8:15:4a:e0:a6:cd:4c:a7:e6:5f:
                    34:69:92:c4:af:25:82:ca:a7:6f:ef:19:e7:79:39:
                    8e:a4:5b:f1:5f:e1:93:39:cf:8e:51:0c:47:92:5d:
                    8b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:74:FF:78:C7:1F:67:8A:25:82:CE:96:50:3F:D7:49:E5:B0:D3:96
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/df91d79c-7d35-3d92-857e-402a482d713e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.crl

            X509v3 Authority Key Identifier:
                keyid:86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.14.144.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         35:63:2d:2e:d1:f7:ea:4a:51:fa:6e:a5:14:e0:79:94:4b:6b:
         f3:f6:54:b7:e9:9f:dd:b9:ff:55:d2:a1:97:1b:ad:12:fa:5d:
         7c:3c:7a:2f:cf:5d:74:a9:45:cb:fb:85:d1:a0:11:39:51:74:
         51:b1:fb:fa:c9:2e:39:b2:fe:a8:a2:0a:f6:85:dd:b2:b0:92:
         2b:f5:fe:18:23:01:6e:8e:16:20:30:e9:40:44:df:70:b7:90:
         ad:9e:bf:8e:4f:0a:a1:a8:95:a0:6a:e8:10:54:bc:33:76:11:
         37:d1:a2:bb:f1:cd:c6:ff:9f:a9:d2:59:7b:8a:03:ca:28:48:
         31:45:d7:ef:42:84:5d:84:3c:84:56:29:06:ff:5d:9c:d5:55:
         22:29:9f:db:9c:8f:da:86:99:20:8d:8f:cc:c4:70:7c:cc:8c:
         61:e0:6c:5d:16:b2:a0:80:95:32:af:47:5a:6a:41:e7:6f:51:
         03:98:ed:2e:44:aa:41:4f:26:d3:2f:8f:10:90:03:37:5b:23:
         62:fb:4b:5f:0c:8e:4d:93:b5:4d:fa:c4:04:c7:9d:8b:d1:1a:
         d7:9d:27:d4:a5:ce:3e:7e:a7:f4:c6:db:a8:b6:1b:d3:89:7b:
         1c:3e:35:1a:96:60:b7:0d:25:f4:8a:2c:f2:42:01:51:af:2f:
         68:9f:9d:b0
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEaGSiPGyYx+VonagwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNWQ5YzllZjUtYjk2MC00MTJkLWFmNWUtMmRmMThjMjFm
ODA5MB4XDTI0MDcxMzEzMDAzM1oXDTI0MTAxMTEzMDAzM1owLzEtMCsGA1UEAxMk
OTUwNjM0YzctZDU2OS00MzFiLWI3MzktNTg1YzlhMzI2Mzk0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvlsa9UnEwczagP+EFDXcrurhMqAw3IhryMH
GHaNvpsUMlAU9azZUOQdAqcp90CfU9iFd6qw1L5e1Wv6Ng0+Lns4cBOmCdXE3dHh
KFiYQK+/U7NUMBLtNj7Lf6cVTtdd/BZYgJ1hCDPO+xY3LGpE+w9P22dccGSC6sUF
RKVH8HP1eWWIl5wYuv+5QW+3adDxtiAoSSzGArmHT63bn215qESXGGcnFX7GSTkb
Yd4e+t9GdkpNsXKfPIhmi6PPtRh9n+kbsqz/5H+9P8k4LhdoQyowvAvwUugVSuCm
zUyn5l80aZLEryWCyqdv7xnneTmOpFvxX+GTOc+OUQxHkl2L1QIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFLx0/3jHH2eKJYLOllA/10nlsNOWMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS81ZDlj
OWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYxOGMyMWY4MDkvZGY5MWQ3OWMtN2QzNS0z
ZDkyLTg1N2UtNDAyYTQ4MmQ3MTNlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNWQ5YzllZjUtYjk2MC00MTJkLWFm
NWUtMmRmMThjMjFmODA5LzVkOWM5ZWY1LWI5NjAtNDEyZC1hZjVlLTJkZjE4YzIx
ZjgwOS5jcmwwHwYDVR0jBBgwFoAUhqQ31G26knrmjZ1q8zXGRprdF+0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS81ZDljOWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYx
OGMyMWY4MDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEFw6QMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADVjLS7R9+pKUfpupRTgeZRLa/P2VLfpn925/1XSoZcbrRL6XXw8ei/P
XXSpRcv7hdGgETlRdFGx+/rJLjmy/qiiCvaF3bKwkiv1/hgjAW6OFiAw6UBE33C3
kK2ev45PCqGolaBq6BBUvDN2ETfRorvxzcb/n6nSWXuKA8ooSDFF1+9ChF2EPIRW
KQb/XZzVVSIpn9ucj9qGmSCNj8zEcHzMjGHgbF0WsqCAlTKvR1pqQedvUQOY7S5E
qkFPJtMvjxCQAzdbI2L7S18Mjk2TtU36xATHnYvRGtedJ9Slzj5+p/TG26i2G9OJ
exw+NRqWYLcNJfSKLPJCAVGvL2ifnbA=
-----END CERTIFICATE-----
Generated at Sat Apr 12 14:54:18 2025 by rpki-client