Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5e3e99cc-7992-4ac1-a256-917cce07532e/8aeb90e8-225d-3a6e-8523-ddaef596df6a.roa
File:                     8aeb90e8-225d-3a6e-8523-ddaef596df6a.roa (raw, json)
Hash identifier:          G3r5B+9srAskoko92f3DbzesNwkoSy4Zano0l1nmN90=
Subject key identifier:   9D:D1:1C:FC:50:C9:A2:11:85:CF:93:4C:7A:3C:90:BE:F4:D0:71:8F
Certificate issuer:       /CN=5e3e99cc-7992-4ac1-a256-917cce07532e
Certificate serial:       010D0C9F43285844A973929263ABF6B9D4F17140
Authority key identifier: D9:13:62:72:B7:F8:E6:B5:7D:9F:F0:E0:BA:85:7F:B6:3D:CD:C0:DF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5e3e99cc-7992-4ac1-a256-917cce07532e.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5e3e99cc-7992-4ac1-a256-917cce07532e/8aeb90e8-225d-3a6e-8523-ddaef596df6a.roa
Signing time:             Wed 24 Jan 2024 17:43:37 +0000
ROA not before:           Wed 24 Jan 2024 17:43:37 +0000
ROA not after:            Tue 23 Apr 2024 16:43:37 +0000
asID:                     43260
IP address blocks:        74.80.144.0/24 maxlen: 24
                          67.214.179.0/24 maxlen: 24
                          67.214.180.0/24 maxlen: 24
                          67.214.181.0/24 maxlen: 24
                          74.80.146.0/24 maxlen: 24
                          74.80.147.0/24 maxlen: 24
                          74.80.151.0/24 maxlen: 24
                          74.80.152.0/24 maxlen: 24
                          74.80.153.0/24 maxlen: 24
                          74.80.156.0/24 maxlen: 24
                          74.80.158.0/24 maxlen: 24
                          74.80.166.0/24 maxlen: 24
                          74.80.167.0/24 maxlen: 24
                          74.80.173.0/24 maxlen: 24
                          74.80.176.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:44:a9:73:92:92:63:ab:f6:b9:d4:f1:71:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e3e99cc-7992-4ac1-a256-917cce07532e
        Validity
            Not Before: Jan 24 17:43:37 2024 GMT
            Not After : Apr 23 16:43:37 2024 GMT
        Subject: CN=ac404e33-3daf-4014-a381-3cf772f2b600
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:7e:59:89:0e:c4:a3:5d:88:0b:4f:e6:6c:51:
                    8c:18:04:94:aa:98:5d:a8:85:cd:45:2a:73:fa:99:
                    f2:06:ae:01:ac:1b:cb:23:f5:5c:01:8d:55:a0:c3:
                    38:a0:32:b8:79:fe:a3:ca:40:c1:2b:b2:1e:22:26:
                    82:37:2c:32:71:5e:bd:b7:7e:07:74:54:d1:45:49:
                    72:45:30:71:f0:84:14:37:a2:f7:6c:3f:1a:e3:37:
                    fc:e4:c3:d6:6b:1b:14:40:13:d0:64:91:1f:8c:09:
                    c6:65:3b:0e:92:ea:7a:46:64:21:77:f7:66:d6:64:
                    fa:e6:ec:75:4b:b9:6d:ad:f7:3d:50:c0:d1:8a:0f:
                    5d:37:a7:dc:82:b1:d7:73:31:d1:97:fc:7a:8d:08:
                    92:b3:d4:95:88:40:d2:85:36:d2:de:4d:33:16:e9:
                    e3:92:05:71:4e:4e:40:6c:cd:29:71:82:89:3d:9c:
                    cf:99:a9:b9:8d:2a:7c:15:de:b9:cf:b6:bf:32:94:
                    d7:81:64:a6:ce:87:21:b7:55:83:d3:7c:2d:3b:36:
                    82:42:05:13:86:6f:49:84:06:de:f5:44:14:d2:4c:
                    cc:0b:81:6c:5d:a0:83:eb:a0:0a:fc:03:45:4e:d1:
                    d0:bf:a0:23:c8:c1:59:79:55:b6:bd:80:e4:07:f1:
                    1a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:D1:1C:FC:50:C9:A2:11:85:CF:93:4C:7A:3C:90:BE:F4:D0:71:8F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5e3e99cc-7992-4ac1-a256-917cce07532e/8aeb90e8-225d-3a6e-8523-ddaef596df6a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5e3e99cc-7992-4ac1-a256-917cce07532e/5e3e99cc-7992-4ac1-a256-917cce07532e.crl

            X509v3 Authority Key Identifier:
                keyid:D9:13:62:72:B7:F8:E6:B5:7D:9F:F0:E0:BA:85:7F:B6:3D:CD:C0:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5e3e99cc-7992-4ac1-a256-917cce07532e.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  67.214.179.0-67.214.181.255
                  74.80.144.0/24
                  74.80.146.0/23
                  74.80.151.0-74.80.153.255
                  74.80.156.0/24
                  74.80.158.0/24
                  74.80.166.0/23
                  74.80.173.0/24
                  74.80.176.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         7a:31:d5:84:92:4b:49:e1:12:aa:e0:6b:20:83:a6:59:47:6c:
         ee:07:2b:6e:6f:54:98:1d:7e:b6:13:bb:81:af:74:1b:f3:f3:
         65:59:0f:4f:78:34:a7:5e:e6:08:d8:a6:f6:72:07:f0:db:8e:
         24:62:00:b1:0a:22:cf:e6:81:08:33:c4:b3:3d:72:e3:ed:ed:
         bf:cf:c2:2e:ec:53:8b:0d:47:4c:d5:eb:61:9a:52:3d:95:eb:
         4a:a8:f9:88:75:8a:14:f0:75:88:79:0e:06:41:af:1d:9a:63:
         95:23:ee:b4:55:d8:1d:b9:94:fd:2e:b0:11:e7:5c:77:cf:93:
         c1:88:64:1d:03:c9:d8:1a:0a:52:85:ba:f7:82:7c:c2:e9:8c:
         6e:17:05:d8:82:e0:e4:49:85:62:4b:34:5a:74:38:fa:e6:e8:
         29:02:e7:74:87:88:24:4b:95:d4:88:07:91:6d:31:89:de:07:
         59:a9:b7:cd:11:6a:7a:aa:95:1f:49:e9:c0:d9:a7:ab:55:bc:
         f0:e5:06:ba:18:db:56:e3:10:47:64:e8:52:f3:ea:d6:63:ae:
         95:55:1e:28:01:ec:ad:c5:ae:57:9e:22:ed:ef:64:69:e2:67:
         96:c3:42:12:11:3d:4b:6f:88:44:6e:57:7e:63:f2:7c:06:21:
         3a:ae:27:23
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgIUAQ0Mn0MoWESpc5KSY6v2udTxcUAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNWUzZTk5Y2MtNzk5Mi00YWMxLWEyNTYtOTE3Y2NlMDc1
MzJlMB4XDTI0MDEyNDE3NDMzN1oXDTI0MDQyMzE2NDMzN1owLzEtMCsGA1UEAxMk
YWM0MDRlMzMtM2RhZi00MDE0LWEzODEtM2NmNzcyZjJiNjAwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH5ZiQ7Eo12IC0/mbFGMGASUqphdqIXNRSpz
+pnyBq4BrBvLI/VcAY1VoMM4oDK4ef6jykDBK7IeIiaCNywycV69t34HdFTRRUly
RTBx8IQUN6L3bD8a4zf85MPWaxsUQBPQZJEfjAnGZTsOkup6RmQhd/dm1mT65ux1
S7ltrfc9UMDRig9dN6fcgrHXczHRl/x6jQiSs9SViEDShTbS3k0zFunjkgVxTk5A
bM0pcYKJPZzPmam5jSp8Fd65z7a/MpTXgWSmzocht1WD03wtOzaCQgUThm9JhAbe
9UQU0kzMC4FsXaCD66AK/ANFTtHQv6AjyMFZeVW2vYDkB/Ea8wIDAQABo4IDlTCC
A5EwHQYDVR0OBBYEFJ3RHPxQyaIRhc+TTHo8kL700HGPMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS81ZTNl
OTljYy03OTkyLTRhYzEtYTI1Ni05MTdjY2UwNzUzMmUvOGFlYjkwZTgtMjI1ZC0z
YTZlLTg1MjMtZGRhZWY1OTZkZjZhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNWUzZTk5Y2MtNzk5Mi00YWMxLWEy
NTYtOTE3Y2NlMDc1MzJlLzVlM2U5OWNjLTc5OTItNGFjMS1hMjU2LTkxN2NjZTA3
NTMyZS5jcmwwHwYDVR0jBBgwFoAU2RNicrf45rV9n/DguoV/tj3NwN8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS81ZTNlOTljYy03OTkyLTRhYzEtYTI1Ni05MTdj
Y2UwNzUzMmUuY2VyMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBABD1rMD
BAFD1rQDBABKUJADBAFKUJIwDAMEAEpQlwMEAUpQmAMEAEpQnAMEAEpQngMEAUpQ
pgMEAEpQrQMEAEpQsDBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYB
BQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5o
dG1sMA0GCSqGSIb3DQEBCwUAA4IBAQB6MdWEkktJ4RKq4Gsgg6ZZR2zuBytub1SY
HX62E7uBr3Qb8/NlWQ9PeDSnXuYI2Kb2cgfw244kYgCxCiLP5oEIM8SzPXLj7e2/
z8Iu7FOLDUdM1ethmlI9letKqPmIdYoU8HWIeQ4GQa8dmmOVI+60VdgduZT9LrAR
51x3z5PBiGQdA8nYGgpShbr3gnzC6YxuFwXYguDkSYViSzRadDj65ugpAud0h4gk
S5XUiAeRbTGJ3gdZqbfNEWp6qpUfSenA2aerVbzw5Qa6GNtW4xBHZOhS8+rWY66V
VR4oAeytxa5XniLt72Rp4meWw0ISET1Lb4hEbld+Y/J8BiE6ricj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:14:27 2024 by rpki-client on console-fra.rpki-client.org