Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/04f7ac37-2e2d-311c-a03c-6380e55beee2.roa
File:                     04f7ac37-2e2d-311c-a03c-6380e55beee2.roa (raw, json)
Hash identifier:          aW8nmsPrXlMQUl7fVJhZl8mzbdlDn+HQLcPQVBc5hUU=
Subject key identifier:   9B:BF:35:25:0B:0B:16:82:98:38:49:87:79:A5:B4:09:EB:2D:30:80
Certificate issuer:       /CN=b2f0a061-78dd-4d61-988a-266b192d9caa
Certificate serial:       010D0C9F432858463AE9A534152ED0FF38583700
Authority key identifier: 65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/04f7ac37-2e2d-311c-a03c-6380e55beee2.roa
Signing time:             Sun 16 Jun 2024 13:00:33 +0000
ROA not before:           Sun 16 Jun 2024 13:00:33 +0000
ROA not after:            Sat 14 Sep 2024 13:00:33 +0000
asID:                     1523
IP address blocks:        216.66.34.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:3a:e9:a5:34:15:2e:d0:ff:38:58:37:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2f0a061-78dd-4d61-988a-266b192d9caa
        Validity
            Not Before: Jun 16 13:00:33 2024 GMT
            Not After : Sep 14 13:00:33 2024 GMT
        Subject: CN=02ab361c-02be-453e-b32b-e4e76676794f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:11:cb:94:cb:6a:c0:6e:9f:3d:52:07:80:99:
                    4d:8c:ba:94:5d:79:ab:bf:5e:58:41:97:d6:0d:64:
                    f5:22:56:5c:e3:2e:17:ed:40:d8:5b:56:b3:31:c6:
                    73:a0:ad:6c:c9:00:db:6f:32:38:a6:a1:a9:ee:ca:
                    f1:89:8c:fd:9f:9f:eb:e2:db:e7:aa:fa:e7:15:0d:
                    40:57:22:43:3d:93:0d:36:91:30:b3:ef:01:36:c5:
                    b3:f6:5a:26:99:a9:d3:93:32:d0:ad:69:8e:6a:ea:
                    20:e6:48:29:fc:ad:01:4d:05:21:10:1d:c3:45:66:
                    36:84:7b:9f:69:e0:f3:f6:60:a8:20:4d:1c:1a:fb:
                    67:6d:82:25:dd:39:8e:dd:d8:24:2e:f0:43:cb:f6:
                    1e:32:e3:cd:f7:8a:49:32:ce:a0:b1:e1:a6:c5:ac:
                    9d:94:43:d6:98:8f:cb:9d:a9:05:cd:cd:df:40:57:
                    6a:ad:26:48:af:c3:97:b9:6f:ce:65:fa:6c:60:f6:
                    7d:c6:af:3d:66:0b:3b:c6:04:6d:76:c0:ca:82:37:
                    46:95:1c:b2:89:84:8c:01:84:57:43:1f:c4:83:92:
                    96:71:44:77:7b:a3:85:18:7a:7d:45:ff:1f:f4:c9:
                    ec:fe:3a:0b:f8:48:8c:0f:66:a9:25:93:00:43:5f:
                    c5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:BF:35:25:0B:0B:16:82:98:38:49:87:79:A5:B4:09:EB:2D:30:80
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/04f7ac37-2e2d-311c-a03c-6380e55beee2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/b2f0a061-78dd-4d61-988a-266b192d9caa.crl

            X509v3 Authority Key Identifier:
                keyid:65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.66.34.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         86:c9:6b:32:c9:8f:48:0e:22:78:d2:0c:08:2b:2f:8a:86:0d:
         39:71:28:c3:4a:8b:66:7e:3b:b6:19:b6:91:4d:4a:a3:a6:9f:
         43:9c:ee:a2:0c:af:e1:fd:fd:73:b7:56:cf:a1:68:21:c1:69:
         46:66:d4:bf:01:75:35:94:d7:7a:0d:ad:16:eb:59:6f:88:f8:
         41:94:71:87:cc:c0:1d:86:39:8d:79:02:a8:3a:0e:4c:69:2e:
         f0:33:26:98:d5:5d:40:02:45:7e:a2:78:c6:2a:bb:ca:b9:bf:
         09:e0:ed:00:df:e9:61:8c:04:94:ac:8c:07:4d:70:de:28:90:
         cf:15:c3:e8:39:0e:23:6f:3e:62:b9:1c:f0:e5:d3:55:2a:cf:
         9c:92:f0:26:cf:32:ae:32:33:1f:fb:b3:9a:60:7f:98:f9:92:
         30:bd:01:13:d1:8b:6e:37:36:31:99:0e:90:2a:81:da:4f:75:
         87:cf:94:e8:c1:6d:16:d1:7f:02:99:cb:ae:43:d2:c3:b3:25:
         51:82:59:47:4d:5b:3a:b7:a3:ea:9a:6a:fa:27:f8:8e:37:41:
         00:c6:86:26:01:af:5c:e6:ec:ee:8d:40:c3:32:5e:e4:30:c6:
         7e:1b:4c:c3:15:53:f6:41:d8:f9:bc:e3:c1:5c:c3:a5:de:61:
         9a:83:98:40
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEY66aU0FS7Q/zhYNwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjJmMGEwNjEtNzhkZC00ZDYxLTk4OGEtMjY2YjE5MmQ5
Y2FhMB4XDTI0MDYxNjEzMDAzM1oXDTI0MDkxNDEzMDAzM1owLzEtMCsGA1UEAxMk
MDJhYjM2MWMtMDJiZS00NTNlLWIzMmItZTRlNzY2NzY3OTRmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RHLlMtqwG6fPVIHgJlNjLqUXXmrv15YQZfW
DWT1IlZc4y4X7UDYW1azMcZzoK1syQDbbzI4pqGp7srxiYz9n5/r4tvnqvrnFQ1A
VyJDPZMNNpEws+8BNsWz9lommanTkzLQrWmOauog5kgp/K0BTQUhEB3DRWY2hHuf
aeDz9mCoIE0cGvtnbYIl3TmO3dgkLvBDy/YeMuPN94pJMs6gseGmxaydlEPWmI/L
nakFzc3fQFdqrSZIr8OXuW/OZfpsYPZ9xq89Zgs7xgRtdsDKgjdGlRyyiYSMAYRX
Qx/Eg5KWcUR3e6OFGHp9Rf8f9Mns/joL+EiMD2apJZMAQ1/FbQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJu/NSULCxaCmDhJh3mltAnrLTCAMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYw
YTA2MS03OGRkLTRkNjEtOTg4YS0yNjZiMTkyZDljYWEvMDRmN2FjMzctMmUyZC0z
MTFjLWEwM2MtNjM4MGU1NWJlZWUyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYjJmMGEwNjEtNzhkZC00ZDYxLTk4
OGEtMjY2YjE5MmQ5Y2FhL2IyZjBhMDYxLTc4ZGQtNGQ2MS05ODhhLTI2NmIxOTJk
OWNhYS5jcmwwHwYDVR0jBBgwFoAUZadChq6v4snj6bkGK8ZGBZyYb88wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYwYTA2MS03OGRkLTRkNjEtOTg4YS0yNjZi
MTkyZDljYWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2EIiMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIbJazLJj0gOInjSDAgrL4qGDTlxKMNKi2Z+O7YZtpFNSqOmn0Oc7qIM
r+H9/XO3Vs+haCHBaUZm1L8BdTWU13oNrRbrWW+I+EGUcYfMwB2GOY15Aqg6Dkxp
LvAzJpjVXUACRX6ieMYqu8q5vwng7QDf6WGMBJSsjAdNcN4okM8Vw+g5DiNvPmK5
HPDl01Uqz5yS8CbPMq4yMx/7s5pgf5j5kjC9ARPRi243NjGZDpAqgdpPdYfPlOjB
bRbRfwKZy65D0sOzJVGCWUdNWzq3o+qaavon+I43QQDGhiYBr1zm7O6NQMMyXuQw
xn4bTMMVU/ZB2Pm848Fcw6XeYZqDmEA=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:37:18 2025 by rpki-client