Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade87289578018732a90a2f097f/4/37342e34332e3131342e302f32342d3234203d3e2035363530.roa
File:                     37342e34332e3131342e302f32342d3234203d3e2035363530.roa (raw, json)
Hash identifier:          Q1qw9xegT68LaBkXx+TXY30GcI3XZtQJRPKwwsK8OT8=
Subject key identifier:   CC:FD:30:E2:A5:15:4D:FF:96:35:C7:32:7B:88:A0:C0:40:47:1C:79
Certificate issuer:       /CN=dfe09c2077886b104a9de53bf61bcb90616abe755c93385775
Certificate serial:       2D8D244BA4A720F5A0A2E1449D6614C2AD95EEAE
Authority key identifier: CA:C1:1D:8E:79:F4:4C:E3:F2:E8:0B:14:69:DD:B1:93:55:8B:D2:F9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/06af24e7-1c13-4430-bd79-db05f6dc0643/dfe09c2077886b104a9de53bf61bcb90616abe755c93385775.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade87289578018732a90a2f097f/4/37342e34332e3131342e302f32342d3234203d3e2035363530.roa
Signing time:             Thu 02 Nov 2023 11:35:33 +0000
ROA not before:           Thu 02 Nov 2023 11:30:33 +0000
ROA not after:            Thu 31 Oct 2024 11:35:33 +0000
asID:                     5650
IP address blocks:        74.43.114.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:8d:24:4b:a4:a7:20:f5:a0:a2:e1:44:9d:66:14:c2:ad:95:ee:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfe09c2077886b104a9de53bf61bcb90616abe755c93385775
        Validity
            Not Before: Nov  2 11:30:33 2023 GMT
            Not After : Oct 31 11:35:33 2024 GMT
        Subject: CN=CCFD30E2A5154DFF9635C7327B88A0C040471C79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:24:4d:13:c6:35:63:58:84:24:40:d4:01:ee:
                    24:c3:9c:28:c2:6f:23:e9:5a:7d:fe:d5:45:aa:cb:
                    6c:da:78:76:48:1f:91:23:0b:b3:fc:19:96:15:e3:
                    6d:6b:62:8f:ba:ea:f1:35:98:94:9c:f4:1d:5a:c1:
                    bf:31:69:25:d6:b4:f0:a7:23:3c:9a:b0:cd:75:01:
                    78:01:ff:3f:06:cd:5a:ab:ef:3c:e4:f0:99:99:3a:
                    74:62:2b:51:1c:50:6e:17:cf:85:70:16:ce:6e:c3:
                    4c:f8:4f:42:c3:49:a3:11:df:20:03:65:7b:b0:f1:
                    80:fc:bc:0a:1d:27:22:37:f3:26:26:ab:da:7f:19:
                    59:10:1b:b8:2b:0a:0c:fa:27:8e:ff:ce:20:aa:ff:
                    96:f8:26:e7:92:13:ff:88:2a:a8:37:8d:28:ef:60:
                    61:8b:87:1e:75:fa:9b:8c:a3:52:e7:0e:ca:7a:5e:
                    3e:4a:bc:65:8f:3a:07:48:cc:09:90:32:b1:52:f0:
                    f1:2e:52:42:0a:d9:81:ad:1e:31:49:5f:cf:b9:ed:
                    1e:b3:df:40:88:cb:d2:e1:e5:1c:29:3a:be:20:62:
                    62:1c:a8:66:f3:19:5a:68:18:c5:2d:bb:ff:ff:a5:
                    18:36:a4:3f:da:99:9e:c4:85:5e:c8:bf:ed:56:20:
                    71:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:FD:30:E2:A5:15:4D:FF:96:35:C7:32:7B:88:A0:C0:40:47:1C:79
            X509v3 Authority Key Identifier:
                keyid:CA:C1:1D:8E:79:F4:4C:E3:F2:E8:0B:14:69:DD:B1:93:55:8B:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade87289578018732a90a2f097f/4/CAC11D8E79F44CE3F2E80B1469DDB193558BD2F9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/06af24e7-1c13-4430-bd79-db05f6dc0643/dfe09c2077886b104a9de53bf61bcb90616abe755c93385775.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade87289578018732a90a2f097f/4/37342e34332e3131342e302f32342d3234203d3e2035363530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  74.43.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:b3:d2:d3:bf:81:1f:93:95:7b:a7:52:02:4e:07:17:93:86:
         65:67:be:68:97:14:e0:ea:6a:b1:ec:77:32:47:78:d3:40:81:
         1f:66:78:0a:ab:fd:40:70:e0:a9:5a:13:87:7d:bb:da:22:b9:
         fb:02:b0:d0:c6:c5:04:77:ee:93:00:94:a0:73:62:79:c9:4d:
         b9:da:cf:da:4e:78:ac:41:ee:48:02:62:2b:64:ba:ed:23:f6:
         bc:6f:f6:c5:5b:5b:9d:9d:51:5b:8b:b6:49:4b:48:3a:9c:a3:
         e8:90:b6:b4:38:5c:62:a1:1f:6a:45:7a:ae:52:d2:54:da:d7:
         28:2a:8a:1a:94:47:14:75:a1:c6:61:12:54:5c:aa:e2:82:a7:
         70:fc:52:74:62:14:43:03:26:05:eb:f9:80:44:b1:cf:79:5f:
         28:a8:9a:60:9d:c3:5a:d3:2a:47:97:d4:e7:7a:48:cb:ac:ff:
         af:56:6e:65:e0:fc:6a:8b:b7:29:6d:21:37:43:04:4d:fe:c0:
         3f:58:d0:db:fa:ce:28:de:76:7f:97:c2:f6:14:9b:58:62:93:
         73:26:14:e4:68:f2:4d:2f:43:0a:42:e6:97:ad:dd:f5:e0:9d:
         d7:9b:63:6e:48:1b:c0:02:fc:59:72:f6:d3:b3:ee:2b:29:64:
         cd:81:9e:a7
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIULY0kS6SnIPWgouFEnWYUwq2V7q4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGZlMDljMjA3Nzg4NmIxMDRhOWRlNTNiZjYxYmNiOTA2
MTZhYmU3NTVjOTMzODU3NzUwHhcNMjMxMTAyMTEzMDMzWhcNMjQxMDMxMTEzNTMz
WjAzMTEwLwYDVQQDEyhDQ0ZEMzBFMkE1MTU0REZGOTYzNUM3MzI3Qjg4QTBDMDQw
NDcxQzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yRNE8Y1Y1iE
JEDUAe4kw5wowm8j6Vp9/tVFqsts2nh2SB+RIwuz/BmWFeNta2KPuurxNZiUnPQd
WsG/MWkl1rTwpyM8mrDNdQF4Af8/Bs1aq+885PCZmTp0YitRHFBuF8+FcBbObsNM
+E9Cw0mjEd8gA2V7sPGA/LwKHSciN/MmJqvafxlZEBu4KwoM+ieO/84gqv+W+Cbn
khP/iCqoN40o72Bhi4cedfqbjKNS5w7Kel4+SrxljzoHSMwJkDKxUvDxLlJCCtmB
rR4xSV/Pue0es99AiMvS4eUcKTq+IGJiHKhm8xlaaBjFLbv//6UYNqQ/2pmexIVe
yL/tViBxCQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFMz9MOKlFU3/ljXHMnuIoMBA
Rxx5MB8GA1UdIwQYMBaAFMrBHY559Ezj8ugLFGndsZNVi9L5MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODcyODk1NzgwMTg3MzJhOTBhMmYwOTdmLzQv
Q0FDMTFEOEU3OUY0NENFM0YyRTgwQjE0NjlEREIxOTM1NThCRDJGOS5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvYTczNDIwY2ItYjNjYy00YjAzLWJkYTctMWJlMjA0
OTMzYWU1LzA2YWYyNGU3LTFjMTMtNDQzMC1iZDc5LWRiMDVmNmRjMDY0My9kZmUw
OWMyMDc3ODg2YjEwNGE5ZGU1M2JmNjFiY2I5MDYxNmFiZTc1NWM5MzM4NTc3NS5j
ZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODcyODk1NzgwMTg3MzJh
OTBhMmYwOTdmLzQvMzczNDJlMzQzMzJlMzEzMTM0MmUzMDJmMzIzNDJkMzIzNDIw
M2QzZTIwMzUzNjM1MzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABKK3IwDQYJKoZIhvcNAQELBQADggEB
AHiz0tO/gR+TlXunUgJOBxeThmVnvmiXFODqarHsdzJHeNNAgR9meAqr/UBw4Kla
E4d9u9oiufsCsNDGxQR37pMAlKBzYnnJTbnaz9pOeKxB7kgCYitkuu0j9rxv9sVb
W52dUVuLtklLSDqco+iQtrQ4XGKhH2pFeq5S0lTa1ygqihqURxR1ocZhElRcquKC
p3D8UnRiFEMDJgXr+YBEsc95XyiommCdw1rTKkeX1Od6SMus/69WbmXg/GqLtylt
ITdDBE3+wD9Y0Nv6zijedn+XwvYUm1hik3MmFORo8k0vQwpC5pet3fXgndebY25I
G8AC/Fly9tOz7ispZM2Bnqc=
-----END CERTIFICATE-----