Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/24b3a1e2-680a-332b-9b5e-814a890909e3.roa
File:                     24b3a1e2-680a-332b-9b5e-814a890909e3.roa (raw, json)
Hash identifier:          7qNw3U3mPz5CZIRg1Jzz9TBC1MVh+B6NsAiCW9qmcBk=
Subject key identifier:   DD:C7:64:21:D9:7F:48:58:FC:4F:A4:C2:59:B5:96:58:5E:31:CC:1E
Certificate issuer:       /CN=b2f0a061-78dd-4d61-988a-266b192d9caa
Certificate serial:       010D0C9F43285846207324B9CD1846B6CEA8BD90
Authority key identifier: 65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/24b3a1e2-680a-332b-9b5e-814a890909e3.roa
Signing time:             Fri 07 Jun 2024 01:30:53 +0000
ROA not before:           Fri 07 Jun 2024 01:30:53 +0000
ROA not after:            Thu 05 Sep 2024 01:30:53 +0000
asID:                     200020
IP address blocks:        2001:470:1eb::/48 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:20:73:24:b9:cd:18:46:b6:ce:a8:bd:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2f0a061-78dd-4d61-988a-266b192d9caa
        Validity
            Not Before: Jun  7 01:30:53 2024 GMT
            Not After : Sep  5 01:30:53 2024 GMT
        Subject: CN=e090641b-7ea4-40a3-94a9-d1e46528ea0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:ac:b8:8f:f0:46:8a:7d:e2:7d:e2:ed:42:76:
                    01:e7:8c:5b:b7:d1:26:5c:d0:7a:bb:2f:34:1c:9d:
                    c0:7d:92:c7:59:73:01:56:59:c4:d5:2e:d6:75:1b:
                    09:8d:64:36:e6:af:0b:5d:39:59:84:30:0e:a8:0a:
                    36:98:c0:70:87:44:82:f6:42:6f:2a:81:78:2d:1f:
                    96:a6:c6:e1:ab:2c:c3:57:23:f3:ba:3e:e7:eb:0c:
                    3c:db:1d:c6:ec:24:0b:9a:80:2c:42:7d:80:9f:82:
                    b8:25:ec:83:10:96:0b:7f:f6:4b:d2:ad:81:61:a5:
                    46:ca:97:d9:1f:ca:61:83:6b:75:c1:d1:f3:56:0b:
                    12:22:66:db:57:cc:b0:7a:a4:e8:c6:ba:00:9d:21:
                    db:bb:53:95:9a:d8:cc:bd:ac:90:28:31:61:ee:11:
                    e9:8c:3a:5a:f7:d9:37:a6:3a:79:33:ca:b5:e3:2e:
                    24:ed:65:cd:af:93:75:f8:2e:bf:99:41:7e:a6:3b:
                    18:41:34:b6:9c:65:58:c5:c7:c0:cd:0b:a3:bd:7a:
                    b8:90:f0:c2:d9:b3:90:00:49:49:b3:7e:9e:ac:2f:
                    fb:df:12:8b:de:a7:09:0a:56:e8:82:a0:8a:21:28:
                    f5:72:a9:10:b2:f7:b5:b4:fe:44:a5:45:03:a7:5e:
                    3d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C7:64:21:D9:7F:48:58:FC:4F:A4:C2:59:B5:96:58:5E:31:CC:1E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/24b3a1e2-680a-332b-9b5e-814a890909e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa/b2f0a061-78dd-4d61-988a-266b192d9caa.crl

            X509v3 Authority Key Identifier:
                keyid:65:A7:42:86:AE:AF:E2:C9:E3:E9:B9:06:2B:C6:46:05:9C:98:6F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b2f0a061-78dd-4d61-988a-266b192d9caa.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:470:1eb::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         44:f0:aa:74:b2:54:fb:12:f4:ab:cf:56:02:48:60:5e:f0:ed:
         7f:b1:bb:fc:5c:73:78:c5:fe:0b:1d:3e:c6:75:c3:6c:03:13:
         46:84:bf:45:a4:f1:a5:36:1f:66:d6:91:14:a4:fa:11:49:f0:
         e0:57:77:cd:ae:f4:8b:9a:28:b4:ae:7a:62:75:4b:44:4b:4c:
         97:6c:12:bb:f2:79:a8:0c:8f:0e:9f:d8:2d:aa:41:c2:c3:5f:
         bc:41:ed:9d:fc:2d:da:cf:cf:81:ef:42:b3:46:cf:d7:6a:a6:
         c4:14:eb:d5:75:42:25:e2:4f:09:4f:77:68:a6:84:78:e0:db:
         5e:97:e3:32:c8:41:9b:b5:a9:82:17:6b:17:e5:39:ca:b0:f3:
         4e:aa:2c:29:ac:90:7e:8c:e1:06:7d:92:7b:33:98:61:54:b0:
         29:2b:28:d3:7c:2d:eb:43:cd:08:05:08:a3:e6:99:af:54:4f:
         9d:da:57:ef:0a:81:d5:dc:f4:3a:e1:e1:a9:bd:1d:77:30:d4:
         28:58:53:78:e2:2d:c8:0a:a2:cf:ac:4d:0c:10:04:82:0d:39:
         06:47:37:35:6d:4c:21:db:53:d3:ae:f4:b7:3f:c7:83:82:41:
         f8:5c:32:45:b8:39:e0:dd:45:a9:33:29:4c:46:3a:4c:43:e2:
         e7:98:49:e0
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEYgcyS5zRhGts6ovZAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjJmMGEwNjEtNzhkZC00ZDYxLTk4OGEtMjY2YjE5MmQ5
Y2FhMB4XDTI0MDYwNzAxMzA1M1oXDTI0MDkwNTAxMzA1M1owLzEtMCsGA1UEAxMk
ZTA5MDY0MWItN2VhNC00MGEzLTk0YTktZDFlNDY1MjhlYTBjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKy4j/BGin3ifeLtQnYB54xbt9EmXNB6uy80
HJ3AfZLHWXMBVlnE1S7WdRsJjWQ25q8LXTlZhDAOqAo2mMBwh0SC9kJvKoF4LR+W
psbhqyzDVyPzuj7n6ww82x3G7CQLmoAsQn2An4K4JeyDEJYLf/ZL0q2BYaVGypfZ
H8phg2t1wdHzVgsSImbbV8yweqToxroAnSHbu1OVmtjMvayQKDFh7hHpjDpa99k3
pjp5M8q14y4k7WXNr5N1+C6/mUF+pjsYQTS2nGVYxcfAzQujvXq4kPDC2bOQAElJ
s36erC/73xKL3qcJClbogqCKISj1cqkQsve1tP5EpUUDp149iwIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFN3HZCHZf0hY/E+kwlm1llheMcweMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYw
YTA2MS03OGRkLTRkNjEtOTg4YS0yNjZiMTkyZDljYWEvMjRiM2ExZTItNjgwYS0z
MzJiLTliNWUtODE0YTg5MDkwOWUzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYjJmMGEwNjEtNzhkZC00ZDYxLTk4
OGEtMjY2YjE5MmQ5Y2FhL2IyZjBhMDYxLTc4ZGQtNGQ2MS05ODhhLTI2NmIxOTJk
OWNhYS5jcmwwHwYDVR0jBBgwFoAUZadChq6v4snj6bkGK8ZGBZyYb88wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iMmYwYTA2MS03OGRkLTRkNjEtOTg4YS0yNjZi
MTkyZDljYWEuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEEcAHr
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAETwqnSyVPsS9KvPVgJIYF7w7X+xu/xcc3jF/gsdPsZ1w2wDE0aE
v0Wk8aU2H2bWkRSk+hFJ8OBXd82u9IuaKLSuemJ1S0RLTJdsErvyeagMjw6f2C2q
QcLDX7xB7Z38LdrPz4HvQrNGz9dqpsQU69V1QiXiTwlPd2imhHjg216X4zLIQZu1
qYIXaxflOcqw806qLCmskH6M4QZ9knszmGFUsCkrKNN8LetDzQgFCKPmma9UT53a
V+8KgdXc9Drh4am9HXcw1ChYU3jiLcgKos+sTQwQBIINOQZHNzVtTCHbU9Ou9Lc/
x4OCQfhcMkW4OeDdRakzKUxGOkxD4ueYSeA=
-----END CERTIFICATE-----
Generated at Sun Jun 15 15:02:59 2025 by rpki-client