Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3d2d051f-0d61-312a-8565-b2573fec8694.roa
File:                     3d2d051f-0d61-312a-8565-b2573fec8694.roa (raw, json)
Hash identifier:          Yrpkr5hlvutDDdVGuJiYuamZKkTPERvS3toKRC2MuvE=
Subject key identifier:   8D:38:6E:10:B5:8D:87:28:EE:1A:45:0B:7B:30:FC:64:B3:EE:93:A8
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858446EF34C18FB667A1DE7D530C0
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3d2d051f-0d61-312a-8565-b2573fec8694.roa
Signing time:             Wed 03 Jan 2024 18:48:16 +0000
ROA not before:           Wed 03 Jan 2024 18:48:16 +0000
ROA not after:            Tue 02 Apr 2024 17:48:16 +0000
asID:                     42831
IP address blocks:        166.1.104.0/21 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:44:6e:f3:4c:18:fb:66:7a:1d:e7:d5:30:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Jan  3 18:48:16 2024 GMT
            Not After : Apr  2 17:48:16 2024 GMT
        Subject: CN=5297d0b5-3335-4235-9181-7ddb5284706d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:fe:da:90:e4:78:27:9d:69:2e:1b:88:54:e9:
                    d5:b9:6b:80:76:a0:dc:8e:d2:16:16:1c:8c:b6:a8:
                    fb:7d:86:47:d2:93:ee:2b:76:23:80:4a:89:d1:7e:
                    3f:be:76:cd:4e:14:08:75:ec:fe:77:6a:cc:24:ae:
                    9e:93:9c:e4:0b:48:94:86:ca:04:dc:8e:39:ad:b0:
                    a0:0b:73:fb:a4:8a:21:c2:35:c5:e4:30:13:4a:0a:
                    3e:bc:47:90:68:fd:79:06:35:04:68:39:d7:37:e8:
                    7e:27:d4:7a:db:11:4f:b6:da:bf:51:67:5c:4d:70:
                    42:4e:de:12:02:df:32:c3:68:ff:8f:e2:ab:ce:44:
                    98:43:e2:cf:e3:de:34:3a:d0:1c:fd:99:20:61:fd:
                    be:54:00:34:e2:42:a9:79:11:49:45:65:ba:36:1f:
                    9f:d8:f3:6e:cd:12:f5:13:d0:5b:fd:d2:36:38:9c:
                    f7:ad:4d:5d:bc:b1:ef:e7:44:95:e2:78:7a:c1:12:
                    d8:05:12:5d:c7:1e:46:d3:46:c9:b6:72:80:65:25:
                    24:72:ef:40:da:4a:bf:59:dc:19:f0:1e:12:fa:1c:
                    6f:49:1f:4b:15:29:fb:96:96:a3:d1:0d:7a:6b:d5:
                    e0:a2:f5:48:b1:49:6a:56:69:a0:9b:13:0e:33:89:
                    54:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:38:6E:10:B5:8D:87:28:EE:1A:45:0B:7B:30:FC:64:B3:EE:93:A8
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3d2d051f-0d61-312a-8565-b2573fec8694.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.1.104.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         16:9d:2d:9b:4d:9b:54:ae:c6:12:9d:3a:fe:23:b3:6d:9e:d5:
         86:89:5e:1f:87:31:00:ac:0d:b1:f6:ca:d6:98:f0:5d:6d:65:
         73:b6:c5:50:c4:3f:8c:1f:60:fc:22:64:07:94:70:2c:c9:65:
         84:df:b2:cf:48:b6:ff:81:4f:a0:b6:cf:e9:a0:07:24:46:68:
         f8:67:a2:b5:ad:02:16:8b:ad:8e:dc:dd:a4:b1:da:03:67:d0:
         e4:31:a1:20:6d:65:14:62:c0:33:b8:52:8a:c8:9e:37:b0:a7:
         23:04:e4:0a:4d:77:b0:b2:fd:68:d1:fd:9f:a5:19:ec:7c:af:
         d5:bc:0d:e5:11:fa:7b:63:36:a5:5c:e0:b4:4a:30:20:c8:c7:
         3b:8a:85:5f:8d:bd:e8:37:51:aa:3d:39:1e:04:0d:24:3c:2e:
         99:ba:99:d9:4d:37:1a:75:08:33:67:10:1a:ba:1a:8e:3e:36:
         30:e5:0b:45:67:ea:f7:05:6d:e2:b6:b6:99:65:28:93:13:56:
         c0:48:3f:f2:3a:8f:7e:06:68:16:c7:c2:da:34:8f:17:b5:7e:
         93:16:1a:02:b9:dc:4f:be:6d:83:bb:2f:80:21:18:86:36:56:
         09:cf:63:d0:d6:c7:3a:d6:1c:0d:dd:72:d3:57:16:79:7c:d5:
         92:c1:4d:26
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWERu80wY+2Z6HefVMMAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MDEwMzE4NDgxNloXDTI0MDQwMjE3NDgxNlowLzEtMCsGA1UEAxMk
NTI5N2QwYjUtMzMzNS00MjM1LTkxODEtN2RkYjUyODQ3MDZkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/7akOR4J51pLhuIVOnVuWuAdqDcjtIWFhyM
tqj7fYZH0pPuK3YjgEqJ0X4/vnbNThQIdez+d2rMJK6ek5zkC0iUhsoE3I45rbCg
C3P7pIohwjXF5DATSgo+vEeQaP15BjUEaDnXN+h+J9R62xFPttq/UWdcTXBCTt4S
At8yw2j/j+KrzkSYQ+LP4940OtAc/ZkgYf2+VAA04kKpeRFJRWW6Nh+f2PNuzRL1
E9Bb/dI2OJz3rU1dvLHv50SV4nh6wRLYBRJdxx5G00bJtnKAZSUkcu9A2kq/WdwZ
8B4S+hxvSR9LFSn7lpaj0Q16a9XgovVIsUlqVmmgmxMOM4lU7wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFI04bhC1jYco7hpFC3sw/GSz7pOoMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvM2QyZDA1MWYtMGQ2MS0z
MTJhLTg1NjUtYjI1NzNmZWM4Njk0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDpgFoMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABadLZtNm1SuxhKdOv4js22e1YaJXh+HMQCsDbH2ytaY8F1tZXO2xVDE
P4wfYPwiZAeUcCzJZYTfss9Itv+BT6C2z+mgByRGaPhnorWtAhaLrY7c3aSx2gNn
0OQxoSBtZRRiwDO4UorInjewpyME5ApNd7Cy/WjR/Z+lGex8r9W8DeUR+ntjNqVc
4LRKMCDIxzuKhV+Nveg3Uao9OR4EDSQ8Lpm6mdlNNxp1CDNnEBq6Go4+NjDlC0Vn
6vcFbeK2tpllKJMTVsBIP/I6j34GaBbHwto0jxe1fpMWGgK53E++bYO7L4AhGIY2
VgnPY9DWxzrWHA3dctNXFnl81ZLBTSY=
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:57:05 2025 by rpki-client