Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/68caf70c-df36-3326-a3a3-8a201d0ce752.roa
File:                     68caf70c-df36-3326-a3a3-8a201d0ce752.roa (raw, json)
Hash identifier:          OJ7nS6Csx1Qq/knoux8KLVSo+vJUXn7MdLXcPpSQNoE=
Subject key identifier:   54:67:77:59:04:8D:40:A5:F1:B7:1A:E3:0B:25:32:7E:45:12:89:1A
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F43285841E44704B19B4AF0CA3468A680
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/68caf70c-df36-3326-a3a3-8a201d0ce752.roa
Signing time:             Mon 15 May 2023 17:04:52 +0000
ROA not before:           Mon 15 May 2023 17:04:52 +0000
ROA not after:            Fri 11 Aug 2023 09:05:05 +0000
asID:                     399471
IP address blocks:        166.1.98.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:41:e4:47:04:b1:9b:4a:f0:ca:34:68:a6:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: May 15 17:04:52 2023 GMT
            Not After : Aug 11 09:05:05 2023 GMT
        Subject: CN=f96320cc-da85-4d8e-9048-098a28a6a9de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:22:f0:a9:20:03:60:75:49:c9:cb:1c:ea:53:
                    b7:28:63:e1:88:d2:76:63:7a:c9:ca:a4:15:97:6f:
                    c8:bf:46:60:44:ff:a2:ea:36:d0:cb:e0:cb:b8:11:
                    f7:d9:f9:6d:0e:a9:80:ae:8a:5f:9a:d1:63:93:fb:
                    57:ad:48:9e:2e:0c:c2:ed:30:c6:88:10:d5:80:46:
                    f6:5d:73:36:b1:ea:25:ac:9c:80:fe:4c:7f:1c:1c:
                    7f:42:7e:17:ce:ba:d3:61:0e:7e:fd:d7:8a:fc:60:
                    75:b9:9f:5a:6b:fa:42:91:d5:79:37:97:c9:ad:2a:
                    99:d8:aa:68:17:d6:16:fe:83:d4:0a:a0:e4:1a:1f:
                    5c:63:09:98:7f:7b:03:77:d9:b6:51:9f:d6:f1:2c:
                    2e:05:a5:d4:84:58:db:71:13:27:e6:59:78:a2:cb:
                    de:ce:05:db:db:ab:9c:80:c3:6c:ee:90:92:76:e2:
                    87:9e:bf:cc:a1:66:c5:ed:9d:8b:53:2a:e2:e0:23:
                    47:12:29:5b:51:54:7b:fe:c3:ef:da:84:9f:54:98:
                    b2:f9:53:c6:65:6f:0c:9b:ce:32:6e:c9:71:dd:6c:
                    b6:2c:a5:82:05:d7:f7:4b:e0:f5:57:17:5d:3b:b9:
                    65:f8:82:63:fe:09:73:84:c0:e2:cc:b2:ed:88:46:
                    79:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:67:77:59:04:8D:40:A5:F1:B7:1A:E3:0B:25:32:7E:45:12:89:1A
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/68caf70c-df36-3326-a3a3-8a201d0ce752.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.1.98.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         64:d2:75:0b:d5:43:ce:8b:15:be:33:10:fc:af:db:b7:4b:f5:
         ea:d3:30:fa:da:2b:cd:84:03:d1:b0:a3:00:3f:72:91:46:ea:
         4f:16:40:f6:14:2f:ef:27:3a:33:13:45:29:7c:32:94:45:ce:
         6e:79:5f:fa:35:cb:b1:b0:54:74:02:d7:f9:51:54:07:3a:10:
         79:0b:cc:46:18:07:94:e5:d9:76:fc:8c:46:0f:d3:f7:0f:02:
         53:99:cc:19:e2:87:10:5e:a9:81:24:47:32:6d:1a:00:0f:17:
         69:88:7f:3e:1c:4a:2e:6b:1f:2f:2c:33:9d:f6:56:57:0c:f3:
         df:6c:cc:26:d0:00:02:e4:21:1a:0a:5f:b9:11:48:06:55:26:
         f5:a2:17:12:14:59:07:d0:f8:0a:25:e9:fd:1d:5d:ca:db:c1:
         e9:da:59:ca:a5:32:3b:d0:95:64:78:77:3b:82:e9:78:f1:f6:
         bc:9c:31:c2:d5:9b:f7:01:87:4f:61:a7:38:98:a5:9d:f6:6a:
         c3:76:92:ec:12:dc:68:89:58:2a:fd:b6:ec:9e:42:fa:4d:8c:
         74:11:80:d9:b3:d0:36:f2:27:29:e4:09:17:1c:8b:7e:06:14:
         b9:60:45:ab:63:a2:dd:c1:ff:52:52:ae:9e:5e:16:79:ab:98:
         70:cb:af:78
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEHkRwSxm0rwyjRopoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTIzMDUxNTE3MDQ1MloXDTIzMDgxMTA5MDUwNVowLzEtMCsGA1UEAxMk
Zjk2MzIwY2MtZGE4NS00ZDhlLTkwNDgtMDk4YTI4YTZhOWRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyLwqSADYHVJycsc6lO3KGPhiNJ2Y3rJyqQV
l2/Iv0ZgRP+i6jbQy+DLuBH32fltDqmAropfmtFjk/tXrUieLgzC7TDGiBDVgEb2
XXM2seolrJyA/kx/HBx/Qn4XzrrTYQ5+/deK/GB1uZ9aa/pCkdV5N5fJrSqZ2Kpo
F9YW/oPUCqDkGh9cYwmYf3sDd9m2UZ/W8SwuBaXUhFjbcRMn5ll4osvezgXb26uc
gMNs7pCSduKHnr/MoWbF7Z2LUyri4CNHEilbUVR7/sPv2oSfVJiy+VPGZW8Mm84y
bslx3Wy2LKWCBdf3S+D1VxddO7ll+IJj/glzhMDizLLtiEZ5gwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFFRnd1kEjUCl8bca4wslMn5FEokaMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvNjhjYWY3MGMtZGYzNi0z
MzI2LWEzYTMtOGEyMDFkMGNlNzUyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgFiMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGTSdQvVQ86LFb4zEPyv27dL9erTMPraK82EA9GwowA/cpFG6k8WQPYU
L+8nOjMTRSl8MpRFzm55X/o1y7GwVHQC1/lRVAc6EHkLzEYYB5Tl2Xb8jEYP0/cP
AlOZzBnihxBeqYEkRzJtGgAPF2mIfz4cSi5rHy8sM532VlcM899szCbQAALkIRoK
X7kRSAZVJvWiFxIUWQfQ+Aol6f0dXcrbwenaWcqlMjvQlWR4dzuC6Xjx9rycMcLV
m/cBh09hpziYpZ32asN2kuwS3GiJWCr9tuyeQvpNjHQRgNmz0DbyJynkCRcci34G
FLlgRatjot3B/1JSrp5eFnmrmHDLr3g=
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:02:24 2025 by rpki-client