Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/d738eccf-3ba6-3046-8ad7-1fa37002e52b.roa
File:                     d738eccf-3ba6-3046-8ad7-1fa37002e52b.roa (raw, json)
Hash identifier:          BrXqwbMr726N7ZSLOWnptD66xtQ6rYxCsYCFjMUST0w=
Subject key identifier:   66:96:23:AA:83:F2:DD:7B:B4:98:CF:40:01:BB:EA:44:5C:80:83:5E
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F43285846970A5E67B64255DE6EBAA200
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/d738eccf-3ba6-3046-8ad7-1fa37002e52b.roa
Signing time:             Fri 19 Jul 2024 13:00:35 +0000
ROA not before:           Fri 19 Jul 2024 13:00:35 +0000
ROA not after:            Thu 17 Oct 2024 13:00:35 +0000
asID:                     9009
IP address blocks:        166.0.82.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:97:0a:5e:67:b6:42:55:de:6e:ba:a2:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Jul 19 13:00:35 2024 GMT
            Not After : Oct 17 13:00:35 2024 GMT
        Subject: CN=5c8b029c-6825-4b1b-9625-73bd4b67f8bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ea:51:f9:16:75:30:6c:54:ca:94:64:ff:19:
                    4c:fc:32:64:86:9f:51:57:40:11:48:1f:2e:8b:6a:
                    1c:f0:69:a0:a5:ad:94:31:d4:ed:cf:43:2f:aa:34:
                    19:48:a1:5b:01:5f:d1:06:e9:b8:41:22:33:2e:6b:
                    e5:7d:cb:c2:bc:b1:f9:36:6d:dd:e7:68:72:eb:6e:
                    0a:9b:25:c6:5b:eb:a1:a3:a7:ea:96:93:0a:2c:46:
                    57:5f:a2:96:1e:a2:e6:fe:1d:96:1c:41:af:19:65:
                    12:6c:52:7d:01:97:f5:88:b6:24:b5:11:8d:7f:32:
                    9e:ac:65:2c:6e:58:b2:57:a8:90:e0:9c:e6:f3:05:
                    cf:a4:e1:64:79:e6:ff:40:e6:71:17:82:26:59:40:
                    40:af:67:6a:66:cd:6f:e9:be:d2:c8:6e:3a:cd:bf:
                    34:75:28:bc:7e:e0:58:e6:97:14:ae:43:c9:8f:83:
                    2a:79:70:a5:3c:1e:20:ae:d2:ff:17:ec:f8:0c:cf:
                    51:40:a0:8a:a9:b7:4a:7a:ab:b6:2a:cf:2d:3a:d1:
                    0b:88:ca:5c:d6:32:63:06:f5:6f:38:50:b7:49:bb:
                    35:35:c3:d9:b3:6e:6c:ca:7c:9f:8d:c6:b6:1b:40:
                    06:93:cc:5a:42:78:9e:a4:f1:ba:a1:5b:a2:51:5b:
                    52:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:96:23:AA:83:F2:DD:7B:B4:98:CF:40:01:BB:EA:44:5C:80:83:5E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/d738eccf-3ba6-3046-8ad7-1fa37002e52b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.0.82.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         97:a3:02:54:6d:7e:b5:77:cc:4c:89:a2:6a:90:c2:40:69:d2:
         c5:0f:0e:4a:ef:a2:a3:47:d2:e1:0a:0c:8e:07:97:41:69:72:
         e8:86:88:c3:d2:0a:f3:a5:9a:d1:a6:68:a3:24:47:b6:7a:36:
         a4:44:f3:fc:0b:e0:c4:cb:4b:08:db:53:13:7f:f7:47:5b:0a:
         5a:ac:1a:1e:ac:61:b7:b5:0e:e2:8a:04:22:79:e1:0e:50:bb:
         36:5b:ed:3e:00:4c:3d:f3:bb:24:5f:9d:7e:23:b9:55:00:8e:
         4b:73:f3:0e:97:0b:1a:b0:07:46:a6:5a:b3:da:f2:2d:57:b8:
         a5:d9:a5:b6:f7:c7:ba:18:99:23:81:43:19:e8:66:45:17:68:
         91:91:dd:1e:d3:b1:fb:dd:5c:e6:3b:75:6c:e9:8e:30:b1:3e:
         94:ff:a6:fb:9c:dd:52:f1:bb:9d:fe:55:56:19:71:d0:91:3f:
         d6:23:f7:5b:18:35:1b:4d:eb:41:4d:01:df:31:14:aa:a7:99:
         d5:af:01:69:9e:be:76:c9:2a:97:7f:36:98:0d:8e:e5:ef:95:
         50:d2:4a:82:15:94:2b:f6:3b:d1:28:aa:b6:39:88:7b:20:58:
         e0:1e:21:5c:4c:cb:b8:a6:11:45:66:5e:e2:dc:74:90:2e:a2:
         4c:19:d7:57
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEaXCl5ntkJV3m66ogAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI0MDcxOTEzMDAzNVoXDTI0MTAxNzEzMDAzNVowLzEtMCsGA1UEAxMk
NWM4YjAyOWMtNjgyNS00YjFiLTk2MjUtNzNiZDRiNjdmOGJjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+pR+RZ1MGxUypRk/xlM/DJkhp9RV0ARSB8u
i2oc8Gmgpa2UMdTtz0MvqjQZSKFbAV/RBum4QSIzLmvlfcvCvLH5Nm3d52hy624K
myXGW+uho6fqlpMKLEZXX6KWHqLm/h2WHEGvGWUSbFJ9AZf1iLYktRGNfzKerGUs
bliyV6iQ4Jzm8wXPpOFkeeb/QOZxF4ImWUBAr2dqZs1v6b7SyG46zb80dSi8fuBY
5pcUrkPJj4MqeXClPB4grtL/F+z4DM9RQKCKqbdKequ2Ks8tOtELiMpc1jJjBvVv
OFC3Sbs1NcPZs25synyfjca2G0AGk8xaQniepPG6oVuiUVtSJQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFGaWI6qD8t17tJjPQAG76kRcgINeMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvZDczOGVjY2YtM2JhNi0z
MDQ2LThhZDctMWZhMzcwMDJlNTJiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgBSMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJejAlRtfrV3zEyJomqQwkBp0sUPDkrvoqNH0uEKDI4Hl0FpcuiGiMPS
CvOlmtGmaKMkR7Z6NqRE8/wL4MTLSwjbUxN/90dbClqsGh6sYbe1DuKKBCJ54Q5Q
uzZb7T4ATD3zuyRfnX4juVUAjktz8w6XCxqwB0amWrPa8i1XuKXZpbb3x7oYmSOB
QxnoZkUXaJGR3R7TsfvdXOY7dWzpjjCxPpT/pvuc3VLxu53+VVYZcdCRP9Yj91sY
NRtN60FNAd8xFKqnmdWvAWmevnbJKpd/NpgNjuXvlVDSSoIVlCv2O9EoqrY5iHsg
WOAeIVxMy7imEUVmXuLcdJAuokwZ11c=
-----END CERTIFICATE-----
Generated at Tue Jun 17 02:51:18 2025 by rpki-client