Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/6667aaa5-1ebb-303a-9752-6a26e8fc1ca3.roa
File:                     6667aaa5-1ebb-303a-9752-6a26e8fc1ca3.roa (raw, json)
Hash identifier:          iiAy6l7oh7ojnWpTXFC5bD0X9Q62I+U7bAhaDDk89Tg=
Subject key identifier:   83:34:C9:A1:18:7C:D1:C5:31:52:45:09:03:08:24:46:C3:44:31:68
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858471AAA5009A507FC8EB1456050
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/6667aaa5-1ebb-303a-9752-6a26e8fc1ca3.roa
Signing time:             Wed 04 Sep 2024 16:34:08 +0000
ROA not before:           Wed 04 Sep 2024 16:34:08 +0000
ROA not after:            Tue 03 Dec 2024 17:34:08 +0000
asID:                     11798
IP address blocks:        166.1.89.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:1a:aa:50:09:a5:07:fc:8e:b1:45:60:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Sep  4 16:34:08 2024 GMT
            Not After : Dec  3 17:34:08 2024 GMT
        Subject: CN=8bb5cb68-8375-4b25-b776-6b51226cd12e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f2:a6:1c:e1:ec:86:91:12:92:54:af:2f:77:
                    a1:d1:b9:95:d8:24:3e:09:bd:fe:ba:28:97:2c:5f:
                    a3:30:0c:ec:46:8c:c0:3a:ae:fb:4c:7c:a0:2b:0a:
                    89:3d:c2:8c:15:39:a8:d5:07:c7:a1:51:82:66:4b:
                    ee:3f:4f:ff:2e:a9:5d:e8:03:5d:5b:e8:15:cc:ca:
                    31:2d:b2:b0:23:f4:de:6c:6c:93:22:b6:42:71:27:
                    05:58:7d:e1:fc:f8:4d:a1:77:e9:f5:da:25:76:de:
                    5a:76:5d:d5:7c:ab:e8:1d:bb:71:5b:2a:11:34:7f:
                    6b:f2:d7:08:40:f0:99:ea:9b:56:60:93:d9:d6:52:
                    23:2b:a3:35:93:f4:99:3b:ac:7d:31:60:31:b0:0f:
                    d6:50:12:08:3e:9d:46:1e:e5:0b:8d:54:cd:6b:a2:
                    92:c2:d3:58:fa:36:54:49:fd:1b:ad:a8:fb:ac:2e:
                    a8:dc:49:3c:fb:b3:12:fb:f8:cb:1f:9d:ca:7f:21:
                    01:3a:93:57:4d:37:49:05:ae:7b:ff:d1:bd:f1:43:
                    75:4b:11:99:48:6f:be:99:07:2a:b8:ad:76:f0:04:
                    5a:f9:98:4d:ba:10:7c:df:07:a5:74:9f:6b:d8:08:
                    80:64:80:b9:d4:42:08:84:1c:4a:e7:7e:5c:b2:de:
                    4a:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:34:C9:A1:18:7C:D1:C5:31:52:45:09:03:08:24:46:C3:44:31:68
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/6667aaa5-1ebb-303a-9752-6a26e8fc1ca3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.1.89.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         a0:e9:d3:69:4a:51:50:98:7e:9b:ee:f7:ce:45:b7:03:1a:9b:
         cf:67:cd:07:51:8b:e7:cd:33:44:28:24:71:ea:b9:91:b8:1a:
         f5:eb:b8:df:ff:25:32:5e:47:cb:cb:70:76:8e:0d:0a:9b:f2:
         73:49:4f:fa:62:d8:85:70:b6:b2:37:24:09:e6:b1:92:74:48:
         d4:60:99:d2:04:29:a5:85:9d:57:31:71:1e:b4:1c:69:69:f5:
         e0:d4:cb:c2:ae:1d:c4:f3:cd:58:4e:62:69:16:1f:87:4a:1d:
         86:e6:d3:ca:3f:38:44:99:fd:c5:d0:4e:87:e6:8a:e4:9b:b3:
         4a:54:27:c7:0c:91:fd:ac:3d:4f:13:ad:26:8d:0e:e8:98:76:
         80:cd:50:84:f2:2f:0a:6c:4f:56:59:56:7f:4c:7f:3b:93:d1:
         a6:56:ba:29:eb:44:a7:ce:e5:aa:e4:88:1d:e6:22:74:63:2e:
         3a:38:b6:41:f9:5c:30:ba:d1:97:c9:2f:a2:5a:61:4e:a3:e3:
         66:99:c3:61:44:1b:41:32:0d:dc:9c:86:f3:41:b3:07:fe:38:
         4f:cd:b9:5f:9a:aa:9e:fc:00:d9:a6:1c:ff:66:29:8f:4c:92:
         33:09:b0:4b:55:3e:cd:dd:17:27:9c:59:1c:7f:63:96:fb:e8:
         ba:e9:85:ce
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEcaqlAJpQf8jrFFYFAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MDkwNDE2MzQwOFoXDTI0MTIwMzE3MzQwOFowLzEtMCsGA1UEAxMk
OGJiNWNiNjgtODM3NS00YjI1LWI3NzYtNmI1MTIyNmNkMTJlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/KmHOHshpESklSvL3eh0bmV2CQ+Cb3+uiiX
LF+jMAzsRozAOq77THygKwqJPcKMFTmo1QfHoVGCZkvuP0//Lqld6ANdW+gVzMox
LbKwI/TebGyTIrZCcScFWH3h/PhNoXfp9doldt5adl3VfKvoHbtxWyoRNH9r8tcI
QPCZ6ptWYJPZ1lIjK6M1k/SZO6x9MWAxsA/WUBIIPp1GHuULjVTNa6KSwtNY+jZU
Sf0braj7rC6o3Ek8+7MS+/jLH53KfyEBOpNXTTdJBa57/9G98UN1SxGZSG++mQcq
uK128ARa+ZhNuhB83weldJ9r2AiAZIC51EIIhBxK535cst5KCQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIM0yaEYfNHFMVJFCQMIJEbDRDFoMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvNjY2N2FhYTUtMWViYi0z
MDNhLTk3NTItNmEyNmU4ZmMxY2EzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgFZMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAKDp02lKUVCYfpvu985FtwMam89nzQdRi+fNM0QoJHHquZG4GvXruN//
JTJeR8vLcHaODQqb8nNJT/pi2IVwtrI3JAnmsZJ0SNRgmdIEKaWFnVcxcR60HGlp
9eDUy8KuHcTzzVhOYmkWH4dKHYbm08o/OESZ/cXQTofmiuSbs0pUJ8cMkf2sPU8T
rSaNDuiYdoDNUITyLwpsT1ZZVn9MfzuT0aZWuinrRKfO5arkiB3mInRjLjo4tkH5
XDC60ZfJL6JaYU6j42aZw2FEG0EyDdychvNBswf+OE/NuV+aqp78ANmmHP9mKY9M
kjMJsEtVPs3dFyecWRx/Y5b76Lrphc4=
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:04:37 2025 by rpki-client