Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/4423529a-718a-3bb0-8b56-a2c5bf0447fb.roa
File:                     4423529a-718a-3bb0-8b56-a2c5bf0447fb.roa (raw, json)
Hash identifier:          zDWFrIkD60f9I5oc/N49bvlPGC1KwY3Bsu+Rd3maXxE=
Subject key identifier:   6F:7D:4D:58:2E:D2:53:FA:09:5A:59:D0:C6:8F:34:5F:FB:EF:51:7C
Certificate issuer:       /CN=b2f0a061-78dd-4d61-988a-266b192d9caa
Certificate serial:       010D0C9F43285847644A1F95643971B2E29AAD10
Authority key identifier: 65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/4423529a-718a-3bb0-8b56-a2c5bf0447fb.roa
Signing time:             Tue 01 Oct 2024 01:30:08 +0000
ROA not before:           Tue 01 Oct 2024 01:30:08 +0000
ROA not after:            Mon 30 Dec 2024 02:30:08 +0000
asID:                     204020
IP address blocks:        2001:470:354::/48 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:64:4a:1f:95:64:39:71:b2:e2:9a:ad:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2f0a061-78dd-4d61-988a-266b192d9caa
        Validity
            Not Before: Oct  1 01:30:08 2024 GMT
            Not After : Dec 30 02:30:08 2024 GMT
        Subject: CN=05455480-9f30-4993-af9d-8961fe7e207f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:95:4d:a4:ab:04:38:5c:be:61:7f:c8:49:37:
                    c2:63:c9:83:e5:9f:12:50:5f:26:20:b1:3d:99:f3:
                    d5:70:9f:fd:95:70:6c:0e:4a:3e:01:56:8d:e0:0e:
                    68:7f:51:35:fe:ec:a7:7b:05:f5:85:e7:59:13:a3:
                    64:1a:ba:60:80:30:0d:df:d4:b1:25:3e:4a:7e:37:
                    51:3a:98:9d:88:54:1a:d0:e0:d0:50:41:4a:07:76:
                    ab:a3:51:d0:5b:b5:8b:22:a6:0a:d0:c8:a2:d1:0d:
                    95:b0:c2:1d:91:cd:6b:5f:50:94:f1:f0:b4:86:b0:
                    8e:33:73:d7:e9:db:23:47:c9:97:32:09:45:5a:b1:
                    df:31:07:e0:7a:1a:ce:6e:df:a7:d2:39:c4:ef:0a:
                    dd:a2:b4:a1:1d:04:78:e8:9f:2d:41:f6:56:c4:4a:
                    4e:aa:2f:1a:24:fd:02:e3:42:37:33:27:ab:24:3f:
                    19:ab:bf:99:c4:d1:68:f5:5f:42:e4:a7:e2:a1:85:
                    e8:be:d6:2b:a0:aa:6f:ba:88:64:7c:8c:07:29:e7:
                    a6:f6:d2:26:cd:27:64:ce:14:cd:f8:cb:48:9f:57:
                    71:af:a0:10:3b:14:7c:a5:f3:c9:24:6e:bb:56:18:
                    52:67:03:0a:44:8b:11:98:49:fe:78:68:42:c2:e0:
                    35:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:7D:4D:58:2E:D2:53:FA:09:5A:59:D0:C6:8F:34:5F:FB:EF:51:7C
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/4423529a-718a-3bb0-8b56-a2c5bf0447fb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/b2f0a061-78dd-4d61-988a-266b192d9caa.crl

            X509v3 Authority Key Identifier:
                keyid:65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:470:354::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         62:05:53:39:97:51:80:23:9f:81:6f:1d:e3:e7:29:a1:bb:f5:
         71:61:e9:5e:92:d7:16:1d:2f:ad:16:ed:33:d2:74:33:64:41:
         02:b7:53:b8:37:1f:b2:89:13:b0:80:1a:da:68:94:7e:8f:e1:
         0a:82:9e:66:fc:d8:60:82:30:5e:4e:34:dd:60:fc:cf:7c:97:
         d2:69:0f:56:a8:2d:1e:85:97:b1:df:76:e9:bb:42:d5:d1:5b:
         15:a5:42:9e:b1:58:98:37:0a:12:5b:d6:97:e8:15:bc:d2:d8:
         36:d9:63:e0:cf:87:87:16:1a:4f:96:74:14:ac:f5:cc:f9:ca:
         04:4a:af:2e:46:2c:72:4f:b2:94:42:75:d5:cc:6a:ab:7b:69:
         d6:f6:96:22:b8:e6:8b:76:e4:57:41:28:99:ad:96:50:96:3b:
         cb:ba:48:14:05:bf:33:a8:e4:8e:ca:2a:eb:b0:ca:98:ab:0c:
         60:de:1c:0a:5b:c3:2b:f9:31:53:63:bd:17:39:cd:96:47:61:
         d6:b6:13:2e:8c:bc:a6:95:e0:76:5d:1b:cd:a3:34:5e:eb:c1:
         37:c4:cc:84:33:b4:f8:cc:e3:9d:f2:92:47:23:42:46:31:f7:
         94:f6:4c:4b:a7:2d:e5:16:ae:33:60:89:b1:b7:9d:85:fb:de:
         3f:d0:29:9a
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEdkSh+VZDlxsuKarRAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjJmMGEwNjEtNzhkZC00ZDYxLTk4OGEtMjY2YjE5MmQ5
Y2FhMB4XDTI0MTAwMTAxMzAwOFoXDTI0MTIzMDAyMzAwOFowLzEtMCsGA1UEAxMk
MDU0NTU0ODAtOWYzMC00OTkzLWFmOWQtODk2MWZlN2UyMDdmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pVNpKsEOFy+YX/ISTfCY8mD5Z8SUF8mILE9
mfPVcJ/9lXBsDko+AVaN4A5of1E1/uynewX1hedZE6NkGrpggDAN39SxJT5KfjdR
OpidiFQa0ODQUEFKB3aro1HQW7WLIqYK0Mii0Q2VsMIdkc1rX1CU8fC0hrCOM3PX
6dsjR8mXMglFWrHfMQfgehrObt+n0jnE7wrdorShHQR46J8tQfZWxEpOqi8aJP0C
40I3MyerJD8Zq7+ZxNFo9V9C5KfioYXovtYroKpvuohkfIwHKeem9tImzSdkzhTN
+MtIn1dxr6AQOxR8pfPJJG67VhhSZwMKRIsRmEn+eGhCwuA1LQIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFG99TVgu0lP6CVpZ0MaPNF/771F8MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYw
YTA2MS03OGRkLTRkNjEtOTg4YS0yNjZiMTkyZDljYWEvNDQyMzUyOWEtNzE4YS0z
YmIwLThiNTYtYTJjNWJmMDQ0N2ZiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYjJmMGEwNjEtNzhkZC00ZDYxLTk4
OGEtMjY2YjE5MmQ5Y2FhL2IyZjBhMDYxLTc4ZGQtNGQ2MS05ODhhLTI2NmIxOTJk
OWNhYS5jcmwwHwYDVR0jBBgwFoAUZadChq6v4snj6bkGK8ZGBZyYb88wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYwYTA2MS03OGRkLTRkNjEtOTg4YS0yNjZi
MTkyZDljYWEuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEEcANU
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAGIFUzmXUYAjn4FvHePnKaG79XFh6V6S1xYdL60W7TPSdDNkQQK3
U7g3H7KJE7CAGtpolH6P4QqCnmb82GCCMF5ONN1g/M98l9JpD1aoLR6Fl7Hfdum7
QtXRWxWlQp6xWJg3ChJb1pfoFbzS2DbZY+DPh4cWGk+WdBSs9cz5ygRKry5GLHJP
spRCddXMaqt7adb2liK45ot25FdBKJmtllCWO8u6SBQFvzOo5I7KKuuwypirDGDe
HApbwyv5MVNjvRc5zZZHYda2Ey6MvKaV4HZdG82jNF7rwTfEzIQztPjM453ykkcj
QkYx95T2TEunLeUWrjNgibG3nYX73j/QKZo=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:46:42 2025 by rpki-client