Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/ea8725b6-b0e7-33d5-a1d4-4bb4ae7b2a1f.roa
File:                     ea8725b6-b0e7-33d5-a1d4-4bb4ae7b2a1f.roa (raw, json)
Hash identifier:          AAzFW7T3ebZL/qFWYe132yVPMDlH8TLRxbAAJUOFwC4=
Subject key identifier:   39:05:70:53:70:7B:1A:36:6C:90:6C:91:C3:BF:F1:89:7A:13:20:D4
Certificate issuer:       /CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
Certificate serial:       010D0C9F43285847643B7AD3DB13D127630D2A80
Authority key identifier: 86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/ea8725b6-b0e7-33d5-a1d4-4bb4ae7b2a1f.roa
Signing time:             Tue 01 Oct 2024 01:00:31 +0000
ROA not before:           Tue 01 Oct 2024 01:00:31 +0000
ROA not after:            Mon 30 Dec 2024 02:00:31 +0000
asID:                     20940
IP address blocks:        23.8.32.0/20 maxlen: 20
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:64:3b:7a:d3:db:13:d1:27:63:0d:2a:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
        Validity
            Not Before: Oct  1 01:00:31 2024 GMT
            Not After : Dec 30 02:00:31 2024 GMT
        Subject: CN=20f6a21f-f060-4a8b-8dd5-61a79151a221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:1a:d0:2c:9a:af:99:1c:96:58:00:53:0d:65:
                    a7:5f:5f:61:ee:44:92:65:d6:7b:40:c9:62:10:9f:
                    a6:fa:aa:ec:97:09:3d:d9:7c:44:b7:89:03:4f:ea:
                    40:a0:7f:29:31:2c:be:cd:fb:ca:bc:23:29:e1:1b:
                    c8:6a:8d:c4:d6:c3:3e:17:a9:f6:3f:5b:9d:76:b7:
                    53:9b:b7:71:f3:84:e4:1c:61:47:44:03:77:d5:3a:
                    eb:c8:cc:09:2b:26:29:b5:74:52:29:6b:63:9f:cb:
                    2b:61:0d:12:87:61:26:df:ed:2d:a2:85:fb:f2:5a:
                    c9:e5:61:a9:f5:08:33:01:ef:42:91:11:25:a8:93:
                    b7:b8:b4:d2:d9:07:30:be:4c:1f:f4:0d:fd:b4:10:
                    b1:21:59:b5:a9:a1:32:26:a4:68:07:93:74:13:0f:
                    3d:85:b1:31:61:09:39:4f:40:f2:be:99:6c:00:49:
                    4d:e7:1b:ae:07:7a:cc:6e:1d:ab:5d:bd:77:44:1e:
                    d2:92:a6:01:79:86:a4:a2:59:c1:c2:e1:d0:0e:36:
                    e3:02:d7:0f:fa:99:2c:0f:ea:66:64:5c:71:c4:26:
                    a5:5c:d1:35:18:4d:fa:e0:77:f3:19:b0:04:01:7d:
                    16:23:40:11:70:57:ee:37:fd:f9:45:00:3d:80:f4:
                    db:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:05:70:53:70:7B:1A:36:6C:90:6C:91:C3:BF:F1:89:7A:13:20:D4
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/ea8725b6-b0e7-33d5-a1d4-4bb4ae7b2a1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.crl

            X509v3 Authority Key Identifier:
                keyid:86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.8.32.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         91:de:30:70:c0:28:d8:a0:2f:02:9c:f0:ca:ef:6e:1f:d7:ec:
         e3:6d:46:65:c3:09:1e:1d:c9:42:dc:4b:c9:b9:a5:8c:9f:8a:
         71:6a:31:93:ad:91:29:db:eb:1d:25:b5:a7:43:3e:84:02:09:
         31:25:b1:68:6d:eb:5e:0b:d0:0e:df:3f:41:a0:7b:ad:39:58:
         ad:51:3b:2b:0d:f6:18:18:ac:64:19:16:5d:5e:03:78:bf:eb:
         82:04:56:30:28:76:27:4b:6f:bb:53:c6:4b:35:35:51:5c:26:
         77:89:aa:08:7e:76:c4:c9:d8:ae:7f:88:aa:14:83:3a:36:68:
         4e:f0:4d:5b:c2:c3:a8:21:aa:72:62:df:35:ca:e0:90:35:b3:
         ee:0a:f6:9b:cd:4b:25:56:de:f6:71:72:5a:19:d5:39:a1:ce:
         18:aa:c4:c4:42:7a:66:73:16:aa:16:ae:c9:a3:cf:d5:0a:f1:
         8a:ac:6a:80:f4:42:1a:ac:f0:41:74:be:c4:6e:59:31:4c:ea:
         3f:69:20:a0:08:57:40:5d:d3:35:59:58:09:0e:6e:ef:95:9c:
         a1:27:0e:53:cc:ae:59:62:28:bb:c3:83:ee:36:bd:81:9f:fd:
         43:a1:68:7d:46:50:fd:33:55:01:98:ae:53:9d:eb:4b:68:73:
         48:7c:1c:73
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEdkO3rT2xPRJ2MNKoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNWQ5YzllZjUtYjk2MC00MTJkLWFmNWUtMmRmMThjMjFm
ODA5MB4XDTI0MTAwMTAxMDAzMVoXDTI0MTIzMDAyMDAzMVowLzEtMCsGA1UEAxMk
MjBmNmEyMWYtZjA2MC00YThiLThkZDUtNjFhNzkxNTFhMjIxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxrQLJqvmRyWWABTDWWnX19h7kSSZdZ7QMli
EJ+m+qrslwk92XxEt4kDT+pAoH8pMSy+zfvKvCMp4RvIao3E1sM+F6n2P1uddrdT
m7dx84TkHGFHRAN31TrryMwJKyYptXRSKWtjn8srYQ0Sh2Em3+0tooX78lrJ5WGp
9QgzAe9CkRElqJO3uLTS2Qcwvkwf9A39tBCxIVm1qaEyJqRoB5N0Ew89hbExYQk5
T0DyvplsAElN5xuuB3rMbh2rXb13RB7SkqYBeYakolnBwuHQDjbjAtcP+pksD+pm
ZFxxxCalXNE1GE364HfzGbAEAX0WI0ARcFfuN/35RQA9gPTbxQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDkFcFNwexo2bJBskcO/8Yl6EyDUMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS81ZDlj
OWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYxOGMyMWY4MDkvZWE4NzI1YjYtYjBlNy0z
M2Q1LWExZDQtNGJiNGFlN2IyYTFmLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNWQ5YzllZjUtYjk2MC00MTJkLWFm
NWUtMmRmMThjMjFmODA5LzVkOWM5ZWY1LWI5NjAtNDEyZC1hZjVlLTJkZjE4YzIx
ZjgwOS5jcmwwHwYDVR0jBBgwFoAUhqQ31G26knrmjZ1q8zXGRprdF+0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS81ZDljOWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYx
OGMyMWY4MDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEFwggMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJHeMHDAKNigLwKc8Mrvbh/X7ONtRmXDCR4dyULcS8m5pYyfinFqMZOt
kSnb6x0ltadDPoQCCTElsWht614L0A7fP0Gge605WK1ROysN9hgYrGQZFl1eA3i/
64IEVjAodidLb7tTxks1NVFcJneJqgh+dsTJ2K5/iKoUgzo2aE7wTVvCw6ghqnJi
3zXK4JA1s+4K9pvNSyVW3vZxcloZ1TmhzhiqxMRCemZzFqoWrsmjz9UK8YqsaoD0
Qhqs8EF0vsRuWTFM6j9pIKAIV0Bd0zVZWAkObu+VnKEnDlPMrlliKLvDg+42vYGf
/UOhaH1GUP0zVQGYrlOd60toc0h8HHM=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:35:13 2025 by rpki-client