Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/8a09f309-5dff-318e-875a-2205e0841f09.roa
File:                     8a09f309-5dff-318e-875a-2205e0841f09.roa (raw, json)
Hash identifier:          PwdwN2XA93KljQAkjPKXTP35eqokW5Vn+3hZT2RdLDs=
Subject key identifier:   27:FB:3E:2C:43:D5:25:A4:6E:1D:C8:DF:11:B2:9B:E0:90:18:0D:8B
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858462CF439FB87B63AAAC2917380
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/8a09f309-5dff-318e-875a-2205e0841f09.roa
Signing time:             Tue 11 Jun 2024 13:00:33 +0000
ROA not before:           Tue 11 Jun 2024 13:00:33 +0000
ROA not after:            Mon 09 Sep 2024 13:00:33 +0000
asID:                     205220
IP address blocks:        50.114.205.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:2c:f4:39:fb:87:b6:3a:aa:c2:91:73:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Jun 11 13:00:33 2024 GMT
            Not After : Sep  9 13:00:33 2024 GMT
        Subject: CN=a21de48d-449e-4d4f-89ec-22c5ac8df5d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:82:74:c8:9e:45:6f:f0:47:62:5e:5a:4c:d4:
                    56:ce:f3:12:a6:a2:4c:97:ad:52:f9:db:03:de:54:
                    16:f1:0f:96:8d:ba:0f:95:1e:44:84:f8:cd:1e:94:
                    07:26:30:ed:28:3a:59:63:27:aa:52:97:a6:0f:70:
                    8d:3c:59:9a:f4:5d:5b:10:cd:30:a1:25:a0:f2:05:
                    95:13:6e:17:0f:dc:89:aa:16:f6:d9:7c:92:57:0d:
                    58:a7:ea:4d:2a:db:53:37:10:89:bc:8c:fe:53:3e:
                    97:8c:3f:f5:68:a1:ce:79:50:e4:f3:31:44:22:44:
                    e9:50:32:ef:2b:07:7e:f8:06:43:0d:a4:7c:21:bc:
                    43:5b:19:27:a8:b3:11:ab:75:76:fe:25:44:19:dd:
                    e6:41:ca:a0:16:9e:ee:43:70:ff:ac:0f:29:b2:30:
                    12:e0:7c:d1:d8:c6:ed:65:c1:0d:21:7a:7f:bf:b6:
                    63:85:21:fe:61:57:0a:38:e5:0b:e5:76:43:15:5e:
                    b8:37:65:f8:84:92:ae:43:08:09:4a:9a:94:89:4f:
                    54:3a:0e:f6:09:d2:7f:d4:25:86:ff:39:6d:c6:1c:
                    b6:c2:6a:bd:81:6b:fa:f7:f9:7c:91:7e:4c:7b:db:
                    d9:36:04:9a:98:f1:bd:32:06:36:ec:84:57:33:60:
                    22:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:FB:3E:2C:43:D5:25:A4:6E:1D:C8:DF:11:B2:9B:E0:90:18:0D:8B
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/8a09f309-5dff-318e-875a-2205e0841f09.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.114.205.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         76:65:d7:f1:f9:e8:40:a8:f8:63:6e:31:a0:b9:f3:37:7c:1d:
         30:3a:20:56:2c:49:e4:73:c9:20:6f:06:04:6d:46:53:39:4b:
         5a:07:ba:69:a7:44:f4:0b:4e:41:d0:80:8e:95:fd:ee:14:0e:
         be:bb:e8:72:ce:6c:35:4b:d2:f8:6a:fe:dd:c2:63:5f:fc:60:
         4d:bf:72:56:2a:ae:11:4b:e9:fe:b8:23:dd:da:ac:07:a1:01:
         da:31:22:68:b0:74:29:d3:72:c4:6c:d7:54:10:9b:2e:40:c3:
         7f:5d:de:06:f9:a6:a4:f7:a0:cf:12:ec:da:5a:fc:07:14:35:
         54:a8:9c:73:45:12:12:63:c9:9f:50:a9:3e:0c:fc:21:a8:b5:
         84:04:db:9e:a4:06:c7:8d:a4:65:b4:75:f8:e0:d9:c4:6d:3f:
         38:bf:4d:f4:b4:1c:b6:b6:24:ab:53:51:07:a8:9a:42:8d:07:
         ad:a6:ba:82:cc:6b:4a:0c:23:9e:6f:fd:db:47:ca:55:c5:ab:
         a7:8a:8c:c8:ce:6b:46:76:5a:f9:31:4d:58:ca:a3:78:f6:79:
         0f:14:ea:56:66:43:36:36:7a:0f:ed:3f:d1:d4:7d:8b:87:6c:
         69:fe:83:c5:ac:cf:3b:7e:d5:58:4b:4b:23:0a:05:c5:12:b6:
         fa:b7:e3:01
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEYs9Dn7h7Y6qsKRc4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MDYxMTEzMDAzM1oXDTI0MDkwOTEzMDAzM1owLzEtMCsGA1UEAxMk
YTIxZGU0OGQtNDQ5ZS00ZDRmLTg5ZWMtMjJjNWFjOGRmNWQwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYJ0yJ5Fb/BHYl5aTNRWzvMSpqJMl61S+dsD
3lQW8Q+WjboPlR5EhPjNHpQHJjDtKDpZYyeqUpemD3CNPFma9F1bEM0woSWg8gWV
E24XD9yJqhb22XySVw1Yp+pNKttTNxCJvIz+Uz6XjD/1aKHOeVDk8zFEIkTpUDLv
Kwd++AZDDaR8IbxDWxknqLMRq3V2/iVEGd3mQcqgFp7uQ3D/rA8psjAS4HzR2Mbt
ZcENIXp/v7ZjhSH+YVcKOOUL5XZDFV64N2X4hJKuQwgJSpqUiU9UOg72CdJ/1CWG
/zltxhy2wmq9gWv69/l8kX5Me9vZNgSamPG9MgY27IRXM2AiVQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFCf7PixD1SWkbh3I3xGym+CQGA2LMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvOGEwOWYzMDktNWRmZi0z
MThlLTg3NWEtMjIwNWUwODQxZjA5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAMnLNMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHZl1/H56ECo+GNuMaC58zd8HTA6IFYsSeRzySBvBgRtRlM5S1oHummn
RPQLTkHQgI6V/e4UDr676HLObDVL0vhq/t3CY1/8YE2/clYqrhFL6f64I93arAeh
AdoxImiwdCnTcsRs11QQmy5Aw39d3gb5pqT3oM8S7Npa/AcUNVSonHNFEhJjyZ9Q
qT4M/CGotYQE256kBseNpGW0dfjg2cRtPzi/TfS0HLa2JKtTUQeomkKNB62muoLM
a0oMI55v/dtHylXFq6eKjMjOa0Z2WvkxTVjKo3j2eQ8U6lZmQzY2eg/tP9HUfYuH
bGn+g8Wszzt+1VhLSyMKBcUStvq34wE=
-----END CERTIFICATE-----
Generated at Tue Jun 17 19:41:18 2025 by rpki-client