Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/95dfd1e2-65a4-3f5e-a0fa-34e0eb359da5.roa
File:                     95dfd1e2-65a4-3f5e-a0fa-34e0eb359da5.roa (raw, json)
Hash identifier:          qOY9mZGfm5sOEBw971gCgWamQCLj6Ck76JIYbdisBog=
Subject key identifier:   4D:7C:BA:6B:33:CD:53:AC:A4:89:45:FF:BE:8F:B9:3A:B3:9E:3A:27
Certificate issuer:       /CN=b2f0a061-78dd-4d61-988a-266b192d9caa
Certificate serial:       010D0C9F4328584605DEA829A42EAC4111C00880
Authority key identifier: 65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/95dfd1e2-65a4-3f5e-a0fa-34e0eb359da5.roa
Signing time:             Tue 28 May 2024 13:00:34 +0000
ROA not before:           Tue 28 May 2024 13:00:34 +0000
ROA not after:            Mon 26 Aug 2024 13:00:34 +0000
asID:                     397493
IP address blocks:        64.71.171.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:05:de:a8:29:a4:2e:ac:41:11:c0:08:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2f0a061-78dd-4d61-988a-266b192d9caa
        Validity
            Not Before: May 28 13:00:34 2024 GMT
            Not After : Aug 26 13:00:34 2024 GMT
        Subject: CN=0b448078-245e-478a-916a-5aabf3bc9147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:13:1a:37:f4:41:21:ab:e0:8c:5f:ee:bf:0f:
                    af:01:62:5b:ae:d6:46:28:da:3a:a3:e3:95:a0:30:
                    5f:5c:13:7e:cc:19:88:d6:c8:7c:5f:8d:8f:2f:77:
                    c5:c5:22:31:14:b8:04:6b:3a:2f:44:c7:ef:b8:2f:
                    81:a8:05:09:55:5e:96:bc:db:10:d2:7e:a5:3a:c3:
                    39:5a:1a:f2:d1:39:cc:c9:24:9d:00:2e:c0:b4:72:
                    e7:e9:6b:37:30:b0:77:76:bd:60:1e:ae:4d:ea:6a:
                    00:5f:7e:1e:13:9e:11:55:97:20:e8:eb:01:68:11:
                    b4:74:32:77:d4:04:5a:eb:67:60:ca:97:e8:86:a9:
                    9f:51:cc:d9:5f:b1:69:85:68:7a:dd:25:7a:3a:c9:
                    59:fa:5b:54:99:a0:c3:1a:37:3d:a7:c8:2b:28:91:
                    64:56:f3:10:c8:62:20:95:c6:88:3a:a0:ad:44:a3:
                    13:4e:de:36:98:d6:ea:55:b0:8b:e2:35:af:d6:dd:
                    c8:73:e7:6a:9d:1e:28:f0:ed:51:67:18:5a:bf:54:
                    75:cd:37:9e:f0:f8:f8:59:2f:3d:1e:d3:f3:2f:60:
                    95:57:ee:e6:a2:f1:c5:0e:a2:f8:77:96:79:d7:09:
                    5b:7f:b7:3e:31:03:66:1b:e0:f1:d6:97:64:ec:5f:
                    47:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:7C:BA:6B:33:CD:53:AC:A4:89:45:FF:BE:8F:B9:3A:B3:9E:3A:27
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/95dfd1e2-65a4-3f5e-a0fa-34e0eb359da5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/b2f0a061-78dd-4d61-988a-266b192d9caa.crl

            X509v3 Authority Key Identifier:
                keyid:65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.71.171.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         39:8e:80:80:6b:b2:c1:44:23:b7:62:55:32:2d:c4:8c:76:ab:
         38:65:c1:4d:4c:0e:7d:f5:fd:9a:78:9e:4d:36:33:b0:dc:e4:
         06:e1:d3:1d:0a:45:68:f8:40:e7:90:6c:c4:0a:27:44:df:5c:
         33:e5:c7:21:8a:53:2a:25:bb:14:84:9f:61:00:31:3f:a4:9b:
         23:d7:31:69:f4:3c:b1:37:11:1b:20:60:ae:ad:e5:7f:64:97:
         84:35:06:24:59:0a:08:75:c4:7f:45:5d:65:c8:ab:af:30:8e:
         ea:f5:6b:b7:07:e6:4d:b9:17:78:2f:36:bd:01:00:68:9b:78:
         8e:df:b7:bf:4c:d4:96:25:55:92:d2:91:44:78:6b:35:8e:4f:
         f2:0d:8f:4c:fe:e1:7c:28:16:0c:46:92:62:d5:2b:7a:67:0a:
         19:33:de:70:0d:52:65:95:db:3e:65:d6:33:21:33:b2:20:eb:
         19:82:91:e9:0f:92:79:8b:2d:9f:ce:38:0b:23:26:80:24:c0:
         22:5f:f5:c5:a9:fa:73:f3:23:ca:3c:bb:d8:c6:c9:b3:a7:f1:
         5a:b8:fa:0a:70:c3:98:71:dd:17:bd:d7:c3:53:6f:9c:78:25:
         f2:96:47:bf:14:15:42:d0:f6:7d:9e:12:3a:0e:65:46:2d:f6:
         a2:40:13:78
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEYF3qgppC6sQRHACIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjJmMGEwNjEtNzhkZC00ZDYxLTk4OGEtMjY2YjE5MmQ5
Y2FhMB4XDTI0MDUyODEzMDAzNFoXDTI0MDgyNjEzMDAzNFowLzEtMCsGA1UEAxMk
MGI0NDgwNzgtMjQ1ZS00NzhhLTkxNmEtNWFhYmYzYmM5MTQ3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRMaN/RBIavgjF/uvw+vAWJbrtZGKNo6o+OV
oDBfXBN+zBmI1sh8X42PL3fFxSIxFLgEazovRMfvuC+BqAUJVV6WvNsQ0n6lOsM5
Whry0TnMySSdAC7AtHLn6Ws3MLB3dr1gHq5N6moAX34eE54RVZcg6OsBaBG0dDJ3
1ARa62dgypfohqmfUczZX7FphWh63SV6OslZ+ltUmaDDGjc9p8grKJFkVvMQyGIg
lcaIOqCtRKMTTt42mNbqVbCL4jWv1t3Ic+dqnR4o8O1RZxhav1R1zTee8Pj4WS89
HtPzL2CVV+7movHFDqL4d5Z51wlbf7c+MQNmG+Dx1pdk7F9HMwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFE18umszzVOspIlF/76PuTqznjonMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYw
YTA2MS03OGRkLTRkNjEtOTg4YS0yNjZiMTkyZDljYWEvOTVkZmQxZTItNjVhNC0z
ZjVlLWEwZmEtMzRlMGViMzU5ZGE1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYjJmMGEwNjEtNzhkZC00ZDYxLTk4
OGEtMjY2YjE5MmQ5Y2FhL2IyZjBhMDYxLTc4ZGQtNGQ2MS05ODhhLTI2NmIxOTJk
OWNhYS5jcmwwHwYDVR0jBBgwFoAUZadChq6v4snj6bkGK8ZGBZyYb88wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYwYTA2MS03OGRkLTRkNjEtOTg4YS0yNjZi
MTkyZDljYWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQEerMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADmOgIBrssFEI7diVTItxIx2qzhlwU1MDn31/Zp4nk02M7Dc5Abh0x0K
RWj4QOeQbMQKJ0TfXDPlxyGKUyoluxSEn2EAMT+kmyPXMWn0PLE3ERsgYK6t5X9k
l4Q1BiRZCgh1xH9FXWXIq68wjur1a7cH5k25F3gvNr0BAGibeI7ft79M1JYlVZLS
kUR4azWOT/INj0z+4XwoFgxGkmLVK3pnChkz3nANUmWV2z5l1jMhM7Ig6xmCkekP
knmLLZ/OOAsjJoAkwCJf9cWp+nPzI8o8u9jGybOn8Vq4+gpww5hx3Re918NTb5x4
JfKWR78UFULQ9n2eEjoOZUYt9qJAE3g=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:43:34 2025 by rpki-client