Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/cedb9a4a-918a-342a-992a-71fe5963252f.roa
File:                     cedb9a4a-918a-342a-992a-71fe5963252f.roa (raw, json)
Hash identifier:          OS1f+B0rAv8qb8QtzwsHZ2QNKAK/UoT0ZXWH7Nw2dzg=
Subject key identifier:   97:D5:EF:7E:3C:C7:B0:18:42:9E:DF:2C:BE:15:ED:18:04:D1:C4:71
Certificate issuer:       /CN=b2f0a061-78dd-4d61-988a-266b192d9caa
Certificate serial:       010D0C9F4328584551DC838B9959E95A7C2A6680
Authority key identifier: 65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/cedb9a4a-918a-342a-992a-71fe5963252f.roa
Signing time:             Mon 25 Mar 2024 01:30:52 +0000
ROA not before:           Mon 25 Mar 2024 01:30:52 +0000
ROA not after:            Sun 23 Jun 2024 01:30:52 +0000
asID:                     33765
IP address blocks:        2001:470:1eb::/48 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:51:dc:83:8b:99:59:e9:5a:7c:2a:66:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2f0a061-78dd-4d61-988a-266b192d9caa
        Validity
            Not Before: Mar 25 01:30:52 2024 GMT
            Not After : Jun 23 01:30:52 2024 GMT
        Subject: CN=7a86ed48-dc53-493c-80ab-22b3b492242c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ff:33:05:0f:13:82:a9:d0:58:16:39:82:c5:
                    49:87:0c:0a:68:d1:b5:7a:24:cb:7b:65:6b:22:dc:
                    10:de:43:1e:a6:3c:3c:47:69:0b:e7:85:29:a5:23:
                    da:93:b4:0c:aa:a2:c6:1b:90:18:d9:51:b0:85:b7:
                    ae:14:57:fe:b9:ef:0e:cf:9b:32:f9:60:9f:c3:10:
                    8c:f2:27:6b:24:19:81:01:33:1a:da:cb:68:fa:93:
                    00:fd:22:3d:d2:82:16:bb:58:97:33:49:e0:9a:26:
                    0c:62:61:2e:c1:14:d5:d2:b8:ef:d8:ec:55:62:67:
                    f1:cc:5e:d1:91:20:b7:e7:73:31:43:f7:2c:9d:ec:
                    61:bf:56:49:8e:ee:c6:17:ee:36:e2:9a:63:66:be:
                    8c:bf:6c:2e:ae:b4:bc:a7:86:e6:81:07:27:7f:ec:
                    9b:94:ef:55:25:4d:fd:bb:81:39:fd:14:40:f3:f2:
                    eb:cf:fc:f6:77:74:35:6e:70:85:bf:a1:c3:ad:5a:
                    c7:86:83:93:77:86:30:12:15:34:d2:c5:d0:8c:b2:
                    70:2f:21:d9:28:5b:18:db:7c:dd:bf:c2:49:a0:4e:
                    6d:ea:2f:00:be:ec:26:30:32:91:9a:0b:40:5f:ea:
                    ac:c4:58:34:24:15:82:33:89:08:95:7c:f6:80:5f:
                    44:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:D5:EF:7E:3C:C7:B0:18:42:9E:DF:2C:BE:15:ED:18:04:D1:C4:71
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/cedb9a4a-918a-342a-992a-71fe5963252f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/b2f0a061-78dd-4d61-988a-266b192d9caa.crl

            X509v3 Authority Key Identifier:
                keyid:65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:470:1eb::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         aa:bd:7a:cb:16:92:8b:80:17:31:a5:46:36:a1:6c:42:ba:db:
         a5:bf:ff:fa:97:95:39:21:64:1b:8d:13:f9:f5:44:c3:8e:91:
         0a:41:cc:12:0e:a2:81:28:23:a6:6a:58:5e:1a:f4:18:37:c5:
         a2:5e:62:0b:12:da:ac:f8:d0:fa:b9:cb:06:0d:cc:1e:7d:e0:
         bb:f4:19:2d:92:b5:49:d7:87:af:f6:25:1b:5c:c1:ce:02:46:
         8d:24:24:a0:d6:56:a1:3f:f9:f6:fd:f2:ef:5b:fb:38:ad:53:
         23:7d:52:11:4c:8c:04:95:b7:66:6c:80:bc:68:7a:36:26:91:
         50:cc:40:b4:76:76:1b:93:26:e8:df:1a:31:2d:5a:95:09:e1:
         6f:2d:69:65:12:2d:73:99:4b:d9:6d:b9:78:a1:79:38:50:ab:
         54:dd:af:2a:e7:81:ff:0e:d8:0b:87:b2:d1:2d:11:df:75:6c:
         35:59:f4:b7:91:77:86:ee:c9:36:46:17:9e:1d:2f:a0:17:a6:
         d9:5c:0d:b1:1c:69:5c:7e:64:9a:bd:b3:8d:e2:bf:c2:0f:50:
         69:de:18:6a:38:c3:d9:ad:6c:0d:96:71:b9:3b:15:e3:86:7c:
         6e:e5:a6:0f:8b:18:68:12:4a:41:cc:49:8b:a9:bb:03:71:52:
         dd:38:c1:4e
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEVR3IOLmVnpWnwqZoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjJmMGEwNjEtNzhkZC00ZDYxLTk4OGEtMjY2YjE5MmQ5
Y2FhMB4XDTI0MDMyNTAxMzA1MloXDTI0MDYyMzAxMzA1MlowLzEtMCsGA1UEAxMk
N2E4NmVkNDgtZGM1My00OTNjLTgwYWItMjJiM2I0OTIyNDJjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf8zBQ8TgqnQWBY5gsVJhwwKaNG1eiTLe2Vr
ItwQ3kMepjw8R2kL54UppSPak7QMqqLGG5AY2VGwhbeuFFf+ue8Oz5sy+WCfwxCM
8idrJBmBATMa2sto+pMA/SI90oIWu1iXM0ngmiYMYmEuwRTV0rjv2OxVYmfxzF7R
kSC353MxQ/csnexhv1ZJju7GF+424ppjZr6Mv2wurrS8p4bmgQcnf+yblO9VJU39
u4E5/RRA8/Lrz/z2d3Q1bnCFv6HDrVrHhoOTd4YwEhU00sXQjLJwLyHZKFsY23zd
v8JJoE5t6i8AvuwmMDKRmgtAX+qsxFg0JBWCM4kIlXz2gF9E4wIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFJfV7348x7AYQp7fLL4V7RgE0cRxMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYw
YTA2MS03OGRkLTRkNjEtOTg4YS0yNjZiMTkyZDljYWEvY2VkYjlhNGEtOTE4YS0z
NDJhLTk5MmEtNzFmZTU5NjMyNTJmLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYjJmMGEwNjEtNzhkZC00ZDYxLTk4
OGEtMjY2YjE5MmQ5Y2FhL2IyZjBhMDYxLTc4ZGQtNGQ2MS05ODhhLTI2NmIxOTJk
OWNhYS5jcmwwHwYDVR0jBBgwFoAUZadChq6v4snj6bkGK8ZGBZyYb88wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYwYTA2MS03OGRkLTRkNjEtOTg4YS0yNjZi
MTkyZDljYWEuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEEcAHr
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAKq9essWkouAFzGlRjahbEK626W///qXlTkhZBuNE/n1RMOOkQpB
zBIOooEoI6ZqWF4a9Bg3xaJeYgsS2qz40Pq5ywYNzB594Lv0GS2StUnXh6/2JRtc
wc4CRo0kJKDWVqE/+fb98u9b+zitUyN9UhFMjASVt2ZsgLxoejYmkVDMQLR2dhuT
JujfGjEtWpUJ4W8taWUSLXOZS9ltuXiheThQq1Tdryrngf8O2AuHstEtEd91bDVZ
9LeRd4buyTZGF54dL6AXptlcDbEcaVx+ZJq9s43iv8IPUGneGGo4w9mtbA2Wcbk7
FeOGfG7lpg+LGGgSSkHMSYupuwNxUt04wU4=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:35:25 2025 by rpki-client