Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/d73a544b-d424-385a-ba5e-f322f6ab19a1.roa
File:                     d73a544b-d424-385a-ba5e-f322f6ab19a1.roa (raw, json)
Hash identifier:          vW3xmjCMiWB8k7RSPBJa6VomoD+8mEaHhutQN5LQICg=
Subject key identifier:   48:A3:94:0C:3A:78:D6:F6:49:1A:F4:58:36:7C:4A:AC:DB:F0:48:34
Certificate issuer:       /CN=b2f0a061-78dd-4d61-988a-266b192d9caa
Certificate serial:       010D0C9F432858481CA91626E8CE6067DEEB9880
Authority key identifier: 65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/d73a544b-d424-385a-ba5e-f322f6ab19a1.roa
Signing time:             Fri 06 Dec 2024 02:30:13 +0000
ROA not before:           Fri 06 Dec 2024 02:30:13 +0000
ROA not after:            Thu 06 Mar 2025 02:30:13 +0000
asID:                     397493
IP address blocks:        64.71.171.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:1c:a9:16:26:e8:ce:60:67:de:eb:98:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2f0a061-78dd-4d61-988a-266b192d9caa
        Validity
            Not Before: Dec  6 02:30:13 2024 GMT
            Not After : Mar  6 02:30:13 2025 GMT
        Subject: CN=70fb0cb8-3255-4eec-83c6-ee2fbf3a33b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d2:5b:86:26:e6:ca:7b:b1:c1:d1:5d:71:99:
                    36:1b:32:47:52:ef:0b:87:dd:db:9e:96:f1:56:ed:
                    e0:8a:ef:68:e0:04:e7:68:40:c3:1b:13:2e:4e:c6:
                    84:99:cb:92:30:86:19:f0:59:7e:49:f8:97:38:09:
                    1c:64:78:ad:57:a9:7f:66:95:b0:02:26:4f:a9:b2:
                    88:23:5a:85:da:5a:c0:5b:05:f7:c3:ca:6f:36:74:
                    73:57:bf:24:a6:79:ca:ed:a1:96:8c:f7:f5:64:a9:
                    6e:53:c3:1d:5d:a3:99:51:7e:fa:5c:9d:a1:5a:82:
                    dc:f6:4b:2b:35:44:16:3f:94:45:84:85:5c:59:38:
                    54:90:b9:80:c9:ee:16:ca:d5:60:f6:07:aa:86:8f:
                    ba:3a:e7:33:e0:a6:36:ae:8c:32:eb:13:4e:f5:1d:
                    78:51:e5:99:cb:82:05:08:6b:22:0c:c3:21:16:46:
                    13:d4:a1:92:9f:60:ef:8a:32:bb:43:ae:e3:97:f9:
                    f6:a5:4b:40:a8:8e:6c:5b:e8:e6:93:04:43:0d:57:
                    99:b6:7e:37:6d:74:c9:56:ed:ce:90:65:59:3c:37:
                    0e:56:fd:f1:93:3a:e8:c2:2d:e9:43:d3:b5:d8:40:
                    c5:8a:32:a9:5d:88:9a:1d:10:b4:13:98:c4:f6:76:
                    85:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:A3:94:0C:3A:78:D6:F6:49:1A:F4:58:36:7C:4A:AC:DB:F0:48:34
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/d73a544b-d424-385a-ba5e-f322f6ab19a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/b2f0a061-78dd-4d61-988a-266b192d9caa.crl

            X509v3 Authority Key Identifier:
                keyid:65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.71.171.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         15:e9:38:7e:ca:b8:bb:d1:8f:fe:c2:1e:22:95:e5:0b:c7:12:
         1b:fe:85:16:24:51:e2:c9:3c:58:c5:cb:43:43:57:c5:7d:1e:
         02:a8:f2:b2:ba:eb:39:a6:a7:a6:8b:5f:b0:1e:9b:0a:d7:ea:
         0c:11:a8:87:94:64:85:97:dd:ce:9b:09:a8:ca:e5:6a:c8:d1:
         b7:0b:21:8d:d9:e0:94:58:ef:e5:79:ef:6e:d7:e9:ed:14:bd:
         d4:cc:4a:f3:77:0c:75:70:43:0f:59:c9:be:50:f0:f6:b9:28:
         26:d5:41:aa:37:a1:60:d1:fe:b1:02:4e:46:c4:c5:a4:26:e9:
         74:44:b5:49:1b:e5:ac:f4:d5:4e:3e:4f:4d:ed:7c:2a:43:2c:
         e6:f1:d9:ea:96:29:37:82:7f:b2:bd:7c:d8:f3:67:c0:14:5e:
         cd:9b:c7:95:60:9a:c5:f8:0c:43:2a:98:7a:25:09:7f:45:7e:
         0e:78:42:a1:46:1f:95:72:6f:75:92:d9:5a:0e:38:b0:c1:28:
         16:d7:df:5a:06:99:d5:8e:bf:96:b1:02:19:fa:20:84:d0:12:
         a1:79:3e:ea:0a:17:7a:83:c1:53:56:4d:e5:2f:58:23:ee:46:
         3b:ff:87:32:5c:a5:ab:ae:9d:4f:00:99:1b:cb:11:64:d0:89:
         a0:1e:22:a7
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEgcqRYm6M5gZ97rmIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjJmMGEwNjEtNzhkZC00ZDYxLTk4OGEtMjY2YjE5MmQ5
Y2FhMB4XDTI0MTIwNjAyMzAxM1oXDTI1MDMwNjAyMzAxM1owLzEtMCsGA1UEAxMk
NzBmYjBjYjgtMzI1NS00ZWVjLTgzYzYtZWUyZmJmM2EzM2I2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9JbhibmynuxwdFdcZk2GzJHUu8Lh93bnpbx
Vu3giu9o4ATnaEDDGxMuTsaEmcuSMIYZ8Fl+SfiXOAkcZHitV6l/ZpWwAiZPqbKI
I1qF2lrAWwX3w8pvNnRzV78kpnnK7aGWjPf1ZKluU8MdXaOZUX76XJ2hWoLc9ksr
NUQWP5RFhIVcWThUkLmAye4WytVg9geqho+6Oucz4KY2rowy6xNO9R14UeWZy4IF
CGsiDMMhFkYT1KGSn2DvijK7Q67jl/n2pUtAqI5sW+jmkwRDDVeZtn43bXTJVu3O
kGVZPDcOVv3xkzrowi3pQ9O12EDFijKpXYiaHRC0E5jE9naF1wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFEijlAw6eNb2SRr0WDZ8Sqzb8Eg0MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYw
YTA2MS03OGRkLTRkNjEtOTg4YS0yNjZiMTkyZDljYWEvZDczYTU0NGItZDQyNC0z
ODVhLWJhNWUtZjMyMmY2YWIxOWExLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYjJmMGEwNjEtNzhkZC00ZDYxLTk4
OGEtMjY2YjE5MmQ5Y2FhL2IyZjBhMDYxLTc4ZGQtNGQ2MS05ODhhLTI2NmIxOTJk
OWNhYS5jcmwwHwYDVR0jBBgwFoAUZadChq6v4snj6bkGK8ZGBZyYb88wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYwYTA2MS03OGRkLTRkNjEtOTg4YS0yNjZi
MTkyZDljYWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQEerMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABXpOH7KuLvRj/7CHiKV5QvHEhv+hRYkUeLJPFjFy0NDV8V9HgKo8rK6
6zmmp6aLX7AemwrX6gwRqIeUZIWX3c6bCajK5WrI0bcLIY3Z4JRY7+V5727X6e0U
vdTMSvN3DHVwQw9Zyb5Q8Pa5KCbVQao3oWDR/rECTkbExaQm6XREtUkb5az01U4+
T03tfCpDLObx2eqWKTeCf7K9fNjzZ8AUXs2bx5VgmsX4DEMqmHolCX9Ffg54QqFG
H5Vyb3WS2VoOOLDBKBbX31oGmdWOv5axAhn6IITQEqF5PuoKF3qDwVNWTeUvWCPu
Rjv/hzJcpauunU8AmRvLEWTQiaAeIqc=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:38:53 2025 by rpki-client