Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/40be3a11-0074-3e5f-b1de-f8bb66bd9a19.roa
File:                     40be3a11-0074-3e5f-b1de-f8bb66bd9a19.roa (raw, json)
Hash identifier:          8vRYB0AVUp8x+lUNR0eu3e6pA3xWeemgVjnC2KxA0SA=
Subject key identifier:   32:A8:FA:30:B4:61:E7:64:B0:86:6E:BD:17:12:D1:00:09:D1:4A:6C
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F43285847055175B6F38C6D52890B1980
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/40be3a11-0074-3e5f-b1de-f8bb66bd9a19.roa
Signing time:             Wed 28 Aug 2024 01:00:31 +0000
ROA not before:           Wed 28 Aug 2024 01:00:31 +0000
ROA not after:            Tue 26 Nov 2024 02:00:31 +0000
asID:                     212667
IP address blocks:        166.1.140.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:05:51:75:b6:f3:8c:6d:52:89:0b:19:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Aug 28 01:00:31 2024 GMT
            Not After : Nov 26 02:00:31 2024 GMT
        Subject: CN=599b8ad0-d7fe-4eab-b4c4-1977eb95f292
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:cb:2c:e0:e3:08:9b:93:55:cb:59:6b:78:45:
                    c4:83:75:04:c1:4f:fd:0c:9d:6a:4d:10:bf:99:10:
                    ff:31:0d:08:22:b4:e0:35:d0:20:e7:5f:23:d0:2b:
                    65:ae:39:e0:53:81:ec:59:87:6c:71:d4:d3:f0:9d:
                    5d:89:e4:a7:e2:5b:c5:8a:f8:83:18:35:17:f4:e4:
                    ff:f7:94:8f:09:9d:50:66:23:f7:95:f5:c8:55:8e:
                    6c:08:0e:c7:a0:cf:7f:29:68:68:47:7f:c5:e7:ee:
                    bd:02:4a:aa:bb:5f:97:e4:04:b1:c0:e1:5d:2e:ae:
                    19:23:56:b2:04:c6:bc:65:21:8f:56:08:55:a9:8b:
                    5b:8c:2e:70:a0:91:2b:6f:04:c0:14:56:24:ec:74:
                    3b:88:fb:64:b7:d8:81:f9:66:36:4b:b3:35:7d:5a:
                    ba:e4:2f:5f:e8:86:9a:e6:fe:47:c7:13:0e:c6:bf:
                    a0:3f:0b:d1:4e:be:cc:29:70:e4:ed:05:82:39:d0:
                    bd:ff:7f:f8:cc:17:0d:72:cb:46:b8:9e:40:29:e7:
                    57:4b:81:83:59:49:f9:c4:ae:dd:5c:e6:0f:b7:14:
                    bd:19:af:b7:b3:82:c9:a8:9d:85:51:ae:c7:38:87:
                    8b:9b:01:5a:be:d7:21:bf:a8:70:14:42:47:af:3e:
                    65:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:A8:FA:30:B4:61:E7:64:B0:86:6E:BD:17:12:D1:00:09:D1:4A:6C
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/40be3a11-0074-3e5f-b1de-f8bb66bd9a19.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.1.140.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         29:e8:35:13:f3:fb:31:40:be:5b:2c:3a:17:7f:d8:77:95:95:
         ec:58:06:c3:70:4a:35:30:ee:43:04:e3:97:b6:a8:cc:b2:0d:
         62:8b:d4:f7:64:41:8c:39:22:1d:a6:9a:91:64:0b:75:7c:f6:
         ff:29:59:a9:26:28:af:23:9e:ea:9b:bb:bd:30:5f:53:aa:ba:
         90:b0:aa:e6:01:e7:3b:28:bb:42:1c:61:5c:8c:ee:98:7e:ef:
         7f:e4:b1:f6:7b:25:36:c0:f2:c4:b4:e9:03:f1:61:32:e0:d7:
         5e:bb:06:55:2e:91:a7:2b:f4:f0:46:1c:13:cf:f5:a9:4e:97:
         31:90:56:05:01:93:04:f7:e2:dc:18:3f:4f:75:48:db:68:09:
         15:ee:01:5c:e4:cb:bb:57:cf:65:87:7a:4e:3c:c4:63:0e:66:
         f4:17:f1:0d:d5:ba:93:5a:a5:4c:48:24:07:10:21:06:84:d9:
         52:19:eb:1a:ab:f9:36:f5:60:3d:56:ff:12:b8:88:1a:56:8f:
         47:40:b4:aa:06:78:dd:a4:83:ec:39:a4:30:24:1e:4e:27:0b:
         51:7d:64:8b:cb:15:02:5a:18:da:fa:e8:1a:f9:2f:18:ba:89:
         b9:b6:b6:d7:6b:b7:cf:95:c0:8b:c5:8b:71:57:55:8b:82:f7:
         50:12:a8:3b
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEcFUXW284xtUokLGYAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MDgyODAxMDAzMVoXDTI0MTEyNjAyMDAzMVowLzEtMCsGA1UEAxMk
NTk5YjhhZDAtZDdmZS00ZWFiLWI0YzQtMTk3N2ViOTVmMjkyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcss4OMIm5NVy1lreEXEg3UEwU/9DJ1qTRC/
mRD/MQ0IIrTgNdAg518j0CtlrjngU4HsWYdscdTT8J1dieSn4lvFiviDGDUX9OT/
95SPCZ1QZiP3lfXIVY5sCA7HoM9/KWhoR3/F5+69Akqqu1+X5ASxwOFdLq4ZI1ay
BMa8ZSGPVghVqYtbjC5woJErbwTAFFYk7HQ7iPtkt9iB+WY2S7M1fVq65C9f6Iaa
5v5HxxMOxr+gPwvRTr7MKXDk7QWCOdC9/3/4zBcNcstGuJ5AKedXS4GDWUn5xK7d
XOYPtxS9Ga+3s4LJqJ2FUa7HOIeLmwFavtchv6hwFEJHrz5l2wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDKo+jC0YedksIZuvRcS0QAJ0UpsMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvNDBiZTNhMTEtMDA3NC0z
ZTVmLWIxZGUtZjhiYjY2YmQ5YTE5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgGMMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACnoNRPz+zFAvlssOhd/2HeVlexYBsNwSjUw7kME45e2qMyyDWKL1Pdk
QYw5Ih2mmpFkC3V89v8pWakmKK8jnuqbu70wX1OqupCwquYB5zsou0IcYVyM7ph+
73/ksfZ7JTbA8sS06QPxYTLg1167BlUukacr9PBGHBPP9alOlzGQVgUBkwT34twY
P091SNtoCRXuAVzky7tXz2WHek48xGMOZvQX8Q3VupNapUxIJAcQIQaE2VIZ6xqr
+Tb1YD1W/xK4iBpWj0dAtKoGeN2kg+w5pDAkHk4nC1F9ZIvLFQJaGNr66Br5Lxi6
ibm2ttdrt8+VwIvFi3FXVYuC91ASqDs=
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:13:23 2025 by rpki-client