Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/b39442a3-2a98-3779-a802-6aaa20d3df81.roa
File:                     b39442a3-2a98-3779-a802-6aaa20d3df81.roa (raw, json)
Hash identifier:          OCEqWH6LL7qoT5cUAC8JiXXV8V5UHs2ysa+PAaJJ1SM=
Subject key identifier:   82:2E:44:80:C4:BB:BE:AF:25:A4:4E:58:2D:EF:3D:AA:34:4C:15:15
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F432858453B78002C17FAF31453416B80
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/b39442a3-2a98-3779-a802-6aaa20d3df81.roa
Signing time:             Sun 17 Mar 2024 01:00:26 +0000
ROA not before:           Sun 17 Mar 2024 01:00:26 +0000
ROA not after:            Sat 15 Jun 2024 01:00:26 +0000
asID:                     11798
IP address blocks:        166.1.88.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:3b:78:00:2c:17:fa:f3:14:53:41:6b:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Mar 17 01:00:26 2024 GMT
            Not After : Jun 15 01:00:26 2024 GMT
        Subject: CN=be331d90-d61d-44d8-a3d9-7fd9e07a3629
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:38:ce:11:dc:ef:07:d6:e8:f7:8b:87:cd:81:
                    29:02:a8:91:7b:d0:8a:d8:4d:b8:58:c8:97:d2:db:
                    6e:41:a7:fb:fd:99:ae:00:fd:a3:6a:0e:91:27:9c:
                    47:87:f8:ac:69:2b:00:20:29:47:c7:1f:67:64:f8:
                    4b:5f:14:c5:d6:5d:c2:f0:cc:07:08:e3:65:b9:df:
                    04:53:0d:46:f2:c0:36:e7:9a:76:5e:42:7e:16:b7:
                    b3:1f:9e:b7:1a:f0:7e:22:29:de:54:80:ec:27:03:
                    c7:d6:51:70:d8:3d:20:a7:ef:53:95:39:6f:7e:e6:
                    ac:5f:eb:99:61:82:eb:26:0d:c8:d6:8c:a2:dd:b5:
                    35:76:eb:7c:4f:8d:5e:2a:8b:ad:34:d7:28:a9:54:
                    36:fe:44:ea:51:e4:ea:d3:e1:98:7d:44:e1:0e:12:
                    15:00:99:5a:3e:a8:68:7a:b9:1b:75:ca:a2:58:9b:
                    07:11:58:5b:71:2e:58:a5:b2:1d:a0:33:54:67:f0:
                    bb:f9:12:bc:00:fa:d5:e2:1f:9f:86:e0:05:aa:f1:
                    ac:35:72:6c:a7:a7:33:eb:11:93:94:43:58:df:76:
                    0a:b5:c9:9d:1d:b7:ae:00:44:93:ad:37:24:e5:a1:
                    6f:53:0c:13:ff:80:3f:89:cf:5c:27:6c:e8:22:20:
                    5b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:2E:44:80:C4:BB:BE:AF:25:A4:4E:58:2D:EF:3D:AA:34:4C:15:15
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/b39442a3-2a98-3779-a802-6aaa20d3df81.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.1.88.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5b:4a:29:e6:17:76:80:b8:4a:3b:c7:b2:c0:ba:41:16:49:d0:
         bb:20:2f:72:9c:d6:49:a2:7a:09:5a:53:5a:8f:eb:96:fd:2a:
         cc:12:ff:a6:ac:62:8a:6e:41:13:87:f1:e5:67:41:fd:43:2f:
         50:f5:01:04:f6:e9:26:0a:7d:c4:57:e0:40:01:23:04:ca:39:
         17:15:b8:a5:db:1a:d3:14:f9:f5:25:bf:d6:ef:d6:b3:8c:43:
         1e:ea:00:30:17:34:5f:58:5d:85:4c:2b:ad:b0:a9:9f:5c:5d:
         87:4e:a7:97:f5:5e:73:6a:b3:66:42:06:f6:fd:09:1d:c0:85:
         71:07:d4:bd:e7:5e:8d:85:39:49:5a:7f:3f:39:35:28:aa:80:
         b8:63:6d:56:88:1f:df:16:bc:87:fd:92:ba:4e:81:fc:b5:81:
         3e:35:aa:95:17:10:a4:59:e5:2f:3f:ff:43:f2:ad:3e:9b:d9:
         2b:ab:73:8b:4a:f3:9e:22:a9:15:fc:c6:f8:a5:f5:7e:8c:f9:
         f1:bf:54:bb:22:94:5c:71:10:60:b7:18:3b:5e:66:bc:9b:fa:
         78:8a:45:44:dc:e1:1b:c5:c3:6c:95:77:f5:fe:fb:85:c6:cf:
         ce:da:cc:b0:51:00:bc:9e:91:37:94:7e:bf:4c:ba:de:4c:26:
         5e:2c:c4:96
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEU7eAAsF/rzFFNBa4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MDMxNzAxMDAyNloXDTI0MDYxNTAxMDAyNlowLzEtMCsGA1UEAxMk
YmUzMzFkOTAtZDYxZC00NGQ4LWEzZDktN2ZkOWUwN2EzNjI5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDjOEdzvB9bo94uHzYEpAqiRe9CK2E24WMiX
0ttuQaf7/ZmuAP2jag6RJ5xHh/isaSsAIClHxx9nZPhLXxTF1l3C8MwHCONlud8E
Uw1G8sA255p2XkJ+FrezH563GvB+IineVIDsJwPH1lFw2D0gp+9TlTlvfuasX+uZ
YYLrJg3I1oyi3bU1dut8T41eKoutNNcoqVQ2/kTqUeTq0+GYfUThDhIVAJlaPqho
erkbdcqiWJsHEVhbcS5YpbIdoDNUZ/C7+RK8APrV4h+fhuAFqvGsNXJsp6cz6xGT
lENY33YKtcmdHbeuAESTrTck5aFvUwwT/4A/ic9cJ2zoIiBbnwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIIuRIDEu76vJaROWC3vPao0TBUVMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvYjM5NDQyYTMtMmE5OC0z
Nzc5LWE4MDItNmFhYTIwZDNkZjgxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgFYMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFtKKeYXdoC4SjvHssC6QRZJ0LsgL3Kc1kmieglaU1qP65b9KswS/6as
YopuQROH8eVnQf1DL1D1AQT26SYKfcRX4EABIwTKORcVuKXbGtMU+fUlv9bv1rOM
Qx7qADAXNF9YXYVMK62wqZ9cXYdOp5f1XnNqs2ZCBvb9CR3AhXEH1L3nXo2FOUla
fz85NSiqgLhjbVaIH98WvIf9krpOgfy1gT41qpUXEKRZ5S8//0PyrT6b2Surc4tK
854iqRX8xvil9X6M+fG/VLsilFxxEGC3GDteZryb+niKRUTc4RvFw2yVd/X++4XG
z87azLBRALyekTeUfr9Mut5MJl4sxJY=
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:51:35 2025 by rpki-client