Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/c8af9384-9259-3704-8623-8a9919c3ce8f.roa
File:                     c8af9384-9259-3704-8623-8a9919c3ce8f.roa (raw, json)
Hash identifier:          F78yOrJXzz+Oj+G7y3UknTvDTFXjbGr+D7Zjo9a/Qog=
Subject key identifier:   D3:94:04:7C:70:6F:81:1B:13:AB:95:DC:E4:D3:F6:56:1A:21:86:66
Certificate issuer:       /CN=b2f0a061-78dd-4d61-988a-266b192d9caa
Certificate serial:       010D0C9F43285846D5E93E09508D33AC1989F6C0
Authority key identifier: 65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/c8af9384-9259-3704-8623-8a9919c3ce8f.roa
Signing time:             Sun 11 Aug 2024 01:30:09 +0000
ROA not before:           Sun 11 Aug 2024 01:30:09 +0000
ROA not after:            Sat 09 Nov 2024 02:30:09 +0000
asID:                     200020
IP address blocks:        2001:470:354::/47 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:d5:e9:3e:09:50:8d:33:ac:19:89:f6:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2f0a061-78dd-4d61-988a-266b192d9caa
        Validity
            Not Before: Aug 11 01:30:09 2024 GMT
            Not After : Nov  9 02:30:09 2024 GMT
        Subject: CN=e5b543d6-d26a-4a59-ab1b-39f56aaf8774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:51:44:52:bf:87:48:c6:eb:b7:90:ab:00:5a:
                    fe:e2:64:71:3c:1b:70:c8:08:19:96:55:9d:52:a9:
                    d5:7e:bf:fe:b0:3b:43:c0:92:ff:78:b6:69:75:40:
                    34:70:8b:3e:3b:bc:0c:b4:c0:e5:ef:f0:1a:56:2b:
                    09:8a:a9:62:37:36:9e:f3:1b:b5:e1:de:f6:7f:98:
                    4a:3d:1c:15:38:8e:7e:3e:8d:c4:51:fa:54:db:98:
                    af:29:41:5e:ec:cd:6c:3a:c6:f2:13:29:a1:d9:fd:
                    a8:be:3f:46:07:ee:7f:3d:41:de:df:f8:b4:09:95:
                    5e:72:76:c3:db:1d:67:ba:0d:4a:ad:6e:81:7c:e2:
                    b1:32:fa:5e:48:3c:46:08:06:33:d4:fe:c7:05:90:
                    56:f8:52:48:9f:16:24:f9:9b:06:42:1e:54:ae:07:
                    9a:5e:f6:6e:d9:a5:be:25:93:77:9d:9c:bb:dc:ed:
                    e5:23:83:69:36:1e:eb:d1:91:cf:51:36:07:2d:db:
                    8a:20:c3:1c:ca:92:7b:41:dd:bb:91:7c:f1:98:ce:
                    67:75:df:a2:59:01:be:d4:88:c6:17:5e:f6:ff:5b:
                    6f:16:7e:34:77:b6:fe:51:8a:73:ce:56:0b:94:31:
                    8d:d1:36:39:5c:b1:b2:9b:61:82:35:c0:c8:69:88:
                    04:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:94:04:7C:70:6F:81:1B:13:AB:95:DC:E4:D3:F6:56:1A:21:86:66
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/c8af9384-9259-3704-8623-8a9919c3ce8f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/b2f0a061-78dd-4d61-988a-266b192d9caa.crl

            X509v3 Authority Key Identifier:
                keyid:65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:470:354::/47

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         03:0b:f4:d0:4a:99:b1:92:e6:af:c5:4a:05:3e:fe:70:be:a6:
         70:7d:fa:ff:98:06:e1:db:c3:13:6a:21:ce:d5:6e:8c:fb:2a:
         ad:9b:b5:91:9d:8b:2d:a0:e2:39:e4:0f:0a:f9:fe:3f:ab:01:
         7f:e0:a3:72:65:7c:84:1e:22:36:9e:7a:da:e1:0c:f5:fd:b1:
         3b:68:13:b3:16:ac:a6:63:bf:7a:ae:d6:71:b8:2c:30:e5:73:
         11:5c:2a:00:c9:35:3f:48:f1:a2:4d:bb:86:7c:9b:58:a7:e7:
         d8:f4:49:8d:eb:a9:dc:11:d1:d9:82:4d:01:71:ee:13:c0:40:
         0a:e7:38:7d:fb:f2:0d:b9:9c:68:fc:49:a1:dc:df:30:fa:11:
         3a:2d:11:59:34:ec:13:1d:c7:77:a2:37:72:28:5f:dd:27:7c:
         53:a1:db:34:83:2c:a7:28:06:7e:c1:08:a8:07:61:16:c7:21:
         6f:2f:2d:9a:90:c1:d2:17:60:18:a4:bb:e8:c5:39:06:05:14:
         52:a5:03:95:90:ec:80:18:5a:5e:0c:12:b2:9b:7d:a4:46:34:
         43:89:57:79:c3:0a:46:bc:ac:d7:26:9a:0b:57:05:b4:66:d1:
         0b:2a:61:b6:03:58:95:8e:40:2b:bd:34:48:d5:1f:35:99:b4:
         93:5c:a9:d3
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEbV6T4JUI0zrBmJ9sAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjJmMGEwNjEtNzhkZC00ZDYxLTk4OGEtMjY2YjE5MmQ5
Y2FhMB4XDTI0MDgxMTAxMzAwOVoXDTI0MTEwOTAyMzAwOVowLzEtMCsGA1UEAxMk
ZTViNTQzZDYtZDI2YS00YTU5LWFiMWItMzlmNTZhYWY4Nzc0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFFEUr+HSMbrt5CrAFr+4mRxPBtwyAgZllWd
UqnVfr/+sDtDwJL/eLZpdUA0cIs+O7wMtMDl7/AaVisJiqliNzae8xu14d72f5hK
PRwVOI5+Po3EUfpU25ivKUFe7M1sOsbyEymh2f2ovj9GB+5/PUHe3/i0CZVecnbD
2x1nug1KrW6BfOKxMvpeSDxGCAYz1P7HBZBW+FJInxYk+ZsGQh5UrgeaXvZu2aW+
JZN3nZy73O3lI4NpNh7r0ZHPUTYHLduKIMMcypJ7Qd27kXzxmM5ndd+iWQG+1IjG
F172/1tvFn40d7b+UYpzzlYLlDGN0TY5XLGym2GCNcDIaYgEEQIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFNOUBHxwb4EbE6uV3OTT9lYaIYZmMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYw
YTA2MS03OGRkLTRkNjEtOTg4YS0yNjZiMTkyZDljYWEvYzhhZjkzODQtOTI1OS0z
NzA0LTg2MjMtOGE5OTE5YzNjZThmLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYjJmMGEwNjEtNzhkZC00ZDYxLTk4
OGEtMjY2YjE5MmQ5Y2FhL2IyZjBhMDYxLTc4ZGQtNGQ2MS05ODhhLTI2NmIxOTJk
OWNhYS5jcmwwHwYDVR0jBBgwFoAUZadChq6v4snj6bkGK8ZGBZyYb88wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYwYTA2MS03OGRkLTRkNjEtOTg4YS0yNjZi
MTkyZDljYWEuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBIAEEcANU
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAAML9NBKmbGS5q/FSgU+/nC+pnB9+v+YBuHbwxNqIc7Vboz7Kq2b
tZGdiy2g4jnkDwr5/j+rAX/go3JlfIQeIjaeetrhDPX9sTtoE7MWrKZjv3qu1nG4
LDDlcxFcKgDJNT9I8aJNu4Z8m1in59j0SY3rqdwR0dmCTQFx7hPAQArnOH378g25
nGj8SaHc3zD6ETotEVk07BMdx3eiN3IoX90nfFOh2zSDLKcoBn7BCKgHYRbHIW8v
LZqQwdIXYBiku+jFOQYFFFKlA5WQ7IAYWl4MErKbfaRGNEOJV3nDCka8rNcmmgtX
BbRm0QsqYbYDWJWOQCu9NEjVHzWZtJNcqdM=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:23:14 2025 by rpki-client