Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/2b90ca0d-e1a5-3e54-8feb-1ec384b55e75.roa
File:                     2b90ca0d-e1a5-3e54-8feb-1ec384b55e75.roa (raw, json)
Hash identifier:          hi1v9zA/Chqg+zejFHzWTTyR9JF1coe9Q8SiKC+E9ak=
Subject key identifier:   E0:72:0A:14:27:B8:C4:BD:B4:F3:3B:1D:88:81:E3:4E:A7:C4:18:56
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858478A5A6F619A5AAB87ADCFAB80
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/2b90ca0d-e1a5-3e54-8feb-1ec384b55e75.roa
Signing time:             Mon 14 Oct 2024 16:43:43 +0000
ROA not before:           Mon 14 Oct 2024 16:43:43 +0000
ROA not after:            Sun 12 Jan 2025 17:43:43 +0000
asID:                     21859
IP address blocks:        166.0.201.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:8a:5a:6f:61:9a:5a:ab:87:ad:cf:ab:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Oct 14 16:43:43 2024 GMT
            Not After : Jan 12 17:43:43 2025 GMT
        Subject: CN=bd0edfe1-0941-4430-be1e-5f5487698082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ff:d8:bd:b3:5f:62:93:9c:e4:c7:d3:7a:09:
                    71:2f:e1:bc:c3:6e:06:90:75:bd:40:5c:e8:e8:00:
                    ba:3a:98:ca:17:67:68:47:ec:5e:90:e8:78:61:d4:
                    e1:4a:b4:c2:13:65:84:79:a8:32:d2:04:52:a1:ac:
                    52:58:a0:c5:a1:71:b9:b4:3c:d7:2a:07:95:93:ee:
                    13:e5:4d:30:f8:e1:74:ef:e9:17:2a:b4:ca:e3:5e:
                    b5:d8:94:2c:41:d3:2d:88:48:a7:e4:b0:72:50:2c:
                    37:58:2c:d7:a5:42:2b:de:ab:67:d4:ad:18:52:1e:
                    6d:27:5b:c0:39:2d:d6:e0:47:e5:f9:6c:86:07:5a:
                    fb:ed:d8:80:79:ab:d6:b5:a4:0b:c7:b2:34:28:53:
                    16:fe:42:ed:36:99:ce:8c:ba:84:21:a3:06:e9:ec:
                    fb:c0:bb:e5:af:38:cd:b6:36:de:cf:26:56:d5:64:
                    b9:ec:96:e5:cc:d8:cf:6c:c9:a2:71:9f:ba:f7:52:
                    ce:87:4a:84:13:c9:ce:e6:1b:88:ff:6b:32:8f:16:
                    a2:e0:fc:97:c1:37:53:16:8e:c8:9e:c0:6c:d8:6e:
                    ec:50:b7:04:3f:13:cf:7b:eb:8c:f5:56:76:38:b4:
                    7e:fa:25:fa:60:b5:9b:1e:a1:62:eb:c0:df:0a:bc:
                    fb:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:72:0A:14:27:B8:C4:BD:B4:F3:3B:1D:88:81:E3:4E:A7:C4:18:56
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/2b90ca0d-e1a5-3e54-8feb-1ec384b55e75.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.0.201.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         af:15:a6:a5:d9:d8:fb:70:6d:d5:9a:1d:f7:f4:b7:11:6e:23:
         68:50:62:da:22:19:6b:9f:53:55:37:13:74:48:a7:67:e4:f1:
         e3:0e:39:76:dc:22:fe:ff:5a:07:7e:38:94:a0:e3:b8:92:b6:
         a9:b5:0a:60:c3:27:8b:b8:6e:9a:0c:ac:fd:da:58:93:7e:21:
         69:63:7c:23:80:d9:de:21:02:99:fb:df:cd:4a:32:14:01:71:
         62:c8:a6:45:e5:5d:95:d8:64:f7:e4:ab:d3:51:6d:03:b0:c0:
         8e:60:02:39:3f:71:6f:eb:11:3e:07:b4:9e:de:04:bf:92:36:
         86:af:77:3b:f3:e3:5f:00:92:36:1a:14:e6:b3:51:21:50:01:
         5b:7d:8b:c3:b2:43:f2:57:7d:7a:44:dd:f8:ed:c6:fb:fb:33:
         5c:df:e6:7e:a5:6e:61:a0:49:4f:5a:8c:ee:fb:a4:f2:e3:3e:
         90:d8:eb:71:50:72:d4:d6:96:c8:57:14:96:38:14:fc:64:01:
         06:80:d1:20:05:14:71:8f:33:e9:7c:e4:8c:52:43:4d:e4:fa:
         64:6b:d2:7a:89:4b:4a:33:df:1f:6e:16:c6:8a:fc:ac:53:4c:
         c0:f4:80:04:31:f9:44:3b:56:0c:ca:63:26:86:8e:42:b0:8b:
         41:41:d5:45
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEeKWm9hmlqrh63Pq4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MTAxNDE2NDM0M1oXDTI1MDExMjE3NDM0M1owLzEtMCsGA1UEAxMk
YmQwZWRmZTEtMDk0MS00NDMwLWJlMWUtNWY1NDg3Njk4MDgyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv/YvbNfYpOc5MfTeglxL+G8w24GkHW9QFzo
6AC6OpjKF2doR+xekOh4YdThSrTCE2WEeagy0gRSoaxSWKDFoXG5tDzXKgeVk+4T
5U0w+OF07+kXKrTK41612JQsQdMtiEin5LByUCw3WCzXpUIr3qtn1K0YUh5tJ1vA
OS3W4Efl+WyGB1r77diAeavWtaQLx7I0KFMW/kLtNpnOjLqEIaMG6ez7wLvlrzjN
tjbezyZW1WS57JblzNjPbMmicZ+691LOh0qEE8nO5huI/2syjxai4PyXwTdTFo7I
nsBs2G7sULcEPxPPe+uM9VZ2OLR++iX6YLWbHqFi68DfCrz7RwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFOByChQnuMS9tPM7HYiB406nxBhWMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvMmI5MGNhMGQtZTFhNS0z
ZTU0LThmZWItMWVjMzg0YjU1ZTc1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgDJMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAK8VpqXZ2PtwbdWaHff0txFuI2hQYtoiGWufU1U3E3RIp2fk8eMOOXbc
Iv7/Wgd+OJSg47iStqm1CmDDJ4u4bpoMrP3aWJN+IWljfCOA2d4hApn7381KMhQB
cWLIpkXlXZXYZPfkq9NRbQOwwI5gAjk/cW/rET4HtJ7eBL+SNoavdzvz418AkjYa
FOazUSFQAVt9i8OyQ/JXfXpE3fjtxvv7M1zf5n6lbmGgSU9ajO77pPLjPpDY63FQ
ctTWlshXFJY4FPxkAQaA0SAFFHGPM+l85IxSQ03k+mRr0nqJS0oz3x9uFsaK/KxT
TMD0gAQx+UQ7VgzKYyaGjkKwi0FB1UU=
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:48:40 2025 by rpki-client