Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/b6f28d10-5739-4e40-a446-935c60d79169/ae5bc67f-aa0d-3159-be36-7116d38a215a.roa
File:                     ae5bc67f-aa0d-3159-be36-7116d38a215a.roa (raw, json)
Hash identifier:          +xjPHefo/8M0FanIbKzKTGiVmRvgWC9KUPW/pZkUGng=
Subject key identifier:   08:49:E4:5D:DB:2E:63:1A:6D:ED:36:C8:A9:56:62:72:C1:10:CE:80
Certificate issuer:       /CN=b6f28d10-5739-4e40-a446-935c60d79169
Certificate serial:       010D0C9F43285848C2FE1791D5411092857A1E40
Authority key identifier: E8:EA:CF:14:D1:FD:74:AB:31:C2:B1:A6:F0:7E:AF:A6:44:84:08:14
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/b6f28d10-5739-4e40-a446-935c60d79169.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/b6f28d10-5739-4e40-a446-935c60d79169/ae5bc67f-aa0d-3159-be36-7116d38a215a.roa
Signing time:             Mon 03 Feb 2025 16:25:40 +0000
ROA not before:           Mon 03 Feb 2025 16:25:40 +0000
ROA not after:            Sun 04 May 2025 15:25:40 +0000
asID:                     16532
IP address blocks:        66.158.128.0/20 maxlen: 20
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:c2:fe:17:91:d5:41:10:92:85:7a:1e:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6f28d10-5739-4e40-a446-935c60d79169
        Validity
            Not Before: Feb  3 16:25:40 2025 GMT
            Not After : May  4 15:25:40 2025 GMT
        Subject: CN=9f6233b9-6a10-4726-b023-415ffca9deef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ea:2a:25:c6:50:ff:93:66:86:e1:82:e9:d7:
                    eb:d7:64:b3:e9:7a:a9:76:d1:94:c2:09:15:ac:bb:
                    3e:6b:6d:0c:22:d2:f5:30:b9:3f:ee:92:b1:d3:4d:
                    71:88:00:51:07:b8:ca:26:8b:65:fd:3c:aa:48:48:
                    2f:8a:73:4c:2c:a4:5c:09:3a:7e:ee:e0:10:2c:59:
                    e1:43:af:16:1f:31:b9:7d:31:3d:6f:7c:14:66:47:
                    05:cd:e0:be:99:e5:63:d8:47:bc:9b:7f:e3:5c:25:
                    51:ed:39:8a:51:1a:ba:ea:57:47:32:c5:07:dd:e5:
                    55:78:f3:0c:6a:d5:1f:8a:f0:4e:c0:dd:1f:dc:da:
                    87:d5:f2:99:61:47:9e:07:a5:b5:99:e3:e3:81:fe:
                    3e:60:10:a5:04:35:32:5a:73:5d:87:19:63:b8:71:
                    77:e6:8d:47:97:22:b4:79:ab:d2:61:4d:68:96:fe:
                    68:51:d6:89:73:a8:6e:2e:1a:90:54:da:87:0d:ed:
                    bd:10:22:39:5c:96:90:b7:aa:92:a3:d5:54:b8:65:
                    11:3a:0c:db:3f:4c:6f:8c:2a:89:13:77:f8:1a:ac:
                    66:ba:91:36:bb:af:d6:65:1f:50:a7:f5:14:d0:05:
                    8f:e0:c1:d2:08:86:2b:7d:f0:2e:93:b2:db:f3:34:
                    b8:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:49:E4:5D:DB:2E:63:1A:6D:ED:36:C8:A9:56:62:72:C1:10:CE:80
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/b6f28d10-5739-4e40-a446-935c60d79169/ae5bc67f-aa0d-3159-be36-7116d38a215a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/b6f28d10-5739-4e40-a446-935c60d79169/b6f28d10-5739-4e40-a446-935c60d79169.crl

            X509v3 Authority Key Identifier:
                keyid:E8:EA:CF:14:D1:FD:74:AB:31:C2:B1:A6:F0:7E:AF:A6:44:84:08:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/b6f28d10-5739-4e40-a446-935c60d79169.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.158.128.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         10:53:51:9c:76:c3:6e:e4:f5:89:69:68:0f:12:ad:da:62:b5:
         57:4b:5c:a5:80:ad:a0:17:b6:f8:62:03:a5:97:c3:0e:38:aa:
         58:7d:d4:a3:b0:df:9a:4c:31:f0:cc:5f:d9:25:2d:43:94:cc:
         44:61:af:cf:5b:31:a4:84:7c:81:23:3b:36:04:17:3e:7c:ae:
         85:ba:37:7d:c9:c1:4e:59:ce:cf:e8:2b:0d:32:87:a4:22:2e:
         39:d3:22:83:c0:74:25:1a:5c:75:53:41:9b:48:5b:08:cb:fd:
         31:2e:b7:70:15:da:01:a1:8b:dd:89:38:e1:68:21:5c:89:ef:
         0f:c6:9f:92:73:a5:c3:f1:20:31:00:49:e4:00:d7:36:e5:64:
         b8:68:ab:54:94:4b:8a:a5:7d:87:2b:aa:d9:51:80:04:54:9a:
         06:a1:c7:f4:eb:e9:5c:61:22:98:c7:9c:b2:8f:b4:1f:8e:05:
         d0:0b:d8:3e:a6:bf:5d:2a:41:20:5c:8c:94:1b:d6:e3:3a:d4:
         af:3f:b4:2f:ed:49:50:89:4d:4c:f8:64:ea:72:b0:8b:dc:3f:
         99:2a:a4:ba:c3:5b:01:3a:0a:70:83:eb:86:f9:a5:ee:57:dd:
         90:4d:3f:62:c9:dd:e0:7c:59:73:f5:9a:57:32:ab:6d:f6:a2:
         3c:9d:b3:0d
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEjC/heR1UEQkoV6HkAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjZmMjhkMTAtNTczOS00ZTQwLWE0NDYtOTM1YzYwZDc5
MTY5MB4XDTI1MDIwMzE2MjU0MFoXDTI1MDUwNDE1MjU0MFowLzEtMCsGA1UEAxMk
OWY2MjMzYjktNmExMC00NzI2LWIwMjMtNDE1ZmZjYTlkZWVmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeoqJcZQ/5NmhuGC6dfr12Sz6XqpdtGUwgkV
rLs+a20MItL1MLk/7pKx001xiABRB7jKJotl/TyqSEgvinNMLKRcCTp+7uAQLFnh
Q68WHzG5fTE9b3wUZkcFzeC+meVj2Ee8m3/jXCVR7TmKURq66ldHMsUH3eVVePMM
atUfivBOwN0f3NqH1fKZYUeeB6W1mePjgf4+YBClBDUyWnNdhxljuHF35o1HlyK0
eavSYU1olv5oUdaJc6huLhqQVNqHDe29ECI5XJaQt6qSo9VUuGUROgzbP0xvjCqJ
E3f4GqxmupE2u6/WZR9Qp/UU0AWP4MHSCIYrffAuk7Lb8zS4OwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAhJ5F3bLmMabe02yKlWYnLBEM6AMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0NS1hMGE5LTk3ODE0ODMyMWEwNy9iNmYy
OGQxMC01NzM5LTRlNDAtYTQ0Ni05MzVjNjBkNzkxNjkvYWU1YmM2N2YtYWEwZC0z
MTU5LWJlMzYtNzExNmQzOGEyMTVhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy84NzFkYTQwZi03
OTNhLTRhNDUtYTBhOS05NzgxNDgzMjFhMDcvYjZmMjhkMTAtNTczOS00ZTQwLWE0
NDYtOTM1YzYwZDc5MTY5L2I2ZjI4ZDEwLTU3MzktNGU0MC1hNDQ2LTkzNWM2MGQ3
OTE2OS5jcmwwHwYDVR0jBBgwFoAU6OrPFNH9dKsxwrGm8H6vpkSECBQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0
NS1hMGE5LTk3ODE0ODMyMWEwNy9iNmYyOGQxMC01NzM5LTRlNDAtYTQ0Ni05MzVj
NjBkNzkxNjkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEQp6AMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABBTUZx2w27k9YlpaA8SrdpitVdLXKWAraAXtvhiA6WXww44qlh91KOw
35pMMfDMX9klLUOUzERhr89bMaSEfIEjOzYEFz58roW6N33JwU5Zzs/oKw0yh6Qi
LjnTIoPAdCUaXHVTQZtIWwjL/TEut3AV2gGhi92JOOFoIVyJ7w/Gn5JzpcPxIDEA
SeQA1zblZLhoq1SUS4qlfYcrqtlRgARUmgahx/Tr6VxhIpjHnLKPtB+OBdAL2D6m
v10qQSBcjJQb1uM61K8/tC/tSVCJTUz4ZOpysIvcP5kqpLrDWwE6CnCD64b5pe5X
3ZBNP2LJ3eB8WXP1mlcyq232ojydsw0=
-----END CERTIFICATE-----
Generated at Sun Jun 15 12:04:53 2025 by rpki-client