Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/089c7b62-49e3-411c-9b7e-8ff0962ed1ec.roa
File:                     089c7b62-49e3-411c-9b7e-8ff0962ed1ec.roa (raw, json)
Hash identifier:          ArV4QPB68PEVvdegixVYyEAyF/fDjS6lJ6/bvlS2KOM=
Subject key identifier:   FA:BF:37:EF:B8:ED:22:B5:A7:23:C4:80:C0:BD:C1:42:53:EF:70:E9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4DF3F3F1A08BBAD1C0A8E23B901C32ECD2C1C524
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/089c7b62-49e3-411c-9b7e-8ff0962ed1ec.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f60:5080::/46 maxlen: 46
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:f3:f3:f1:a0:8b:ba:d1:c0:a8:e2:3b:90:1c:32:ec:d2:c1:c5:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=9c8cbb0691d07ba8c0b337f4fc419193951276f6060e95abb205941bb05f946a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:6f:e7:8f:46:f3:42:7c:bb:d3:98:e9:be:6b:
                    c9:2c:1f:f6:ea:cf:ce:c3:69:7b:0d:82:98:29:72:
                    a5:fe:a2:81:52:8d:c3:8a:b4:d0:b8:f2:68:73:b6:
                    a5:9c:5e:0c:6d:4b:08:99:5e:ba:1d:4f:11:62:17:
                    f1:f4:ae:04:79:a2:ca:ee:5b:d6:74:c6:ee:04:79:
                    95:9f:42:e5:e9:10:47:30:34:20:67:f4:95:ba:36:
                    e2:42:75:f5:85:82:06:78:93:62:f4:ad:b6:66:6d:
                    3c:62:55:07:e4:f3:f0:a6:4b:95:4a:a5:e3:fc:b0:
                    05:54:52:90:c2:9b:5e:9b:e1:29:74:a5:64:f8:83:
                    5b:7a:57:1d:06:e2:ba:d9:57:90:8a:9c:86:d5:2b:
                    41:7b:eb:d1:42:e6:d0:81:89:13:eb:b3:f9:62:3f:
                    2f:e5:2a:61:87:dd:d9:68:3a:ff:1b:30:95:51:57:
                    fe:3f:94:1a:5b:d6:11:17:ed:29:9a:03:53:c3:e3:
                    fd:d9:98:20:ad:09:af:86:37:f8:ce:38:ac:dd:bf:
                    13:e4:dd:c8:2f:1d:ed:bc:01:1e:7c:99:2f:3a:cf:
                    f3:ff:0c:9a:bb:98:b8:91:b8:4c:2b:d7:a9:f6:8a:
                    15:ef:e9:f5:bb:d4:7c:ad:ca:fd:aa:32:81:09:ff:
                    b2:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:BF:37:EF:B8:ED:22:B5:A7:23:C4:80:C0:BD:C1:42:53:EF:70:E9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/089c7b62-49e3-411c-9b7e-8ff0962ed1ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:5080::/46

    Signature Algorithm: sha256WithRSAEncryption
         a1:6a:fd:11:72:1f:5f:3c:b2:09:5b:94:8a:8e:53:e8:65:14:
         aa:16:ae:0b:99:bb:a0:6e:48:21:70:5a:1a:0b:0b:38:54:f2:
         d9:4d:5e:65:fd:22:1d:60:6f:e4:f7:ac:c3:be:25:8c:0a:f0:
         b3:94:2d:89:4b:ea:36:50:c1:51:6a:fc:48:c7:b7:64:29:55:
         9a:03:46:b4:60:42:22:6a:e1:c6:1c:08:0c:e1:06:22:4e:d9:
         00:c0:4c:d8:30:b1:92:3a:13:49:6f:90:6c:fe:95:d6:80:43:
         9b:ba:db:81:1a:03:da:59:34:d0:50:04:84:0d:90:71:db:3d:
         5a:c8:7c:fe:b6:47:9f:ec:7d:4f:09:67:dc:60:96:36:d7:e8:
         53:ee:bc:5e:6c:91:86:67:21:59:b3:8d:c2:38:a5:94:5c:01:
         95:e3:00:04:5b:45:c4:dc:c9:d6:41:8e:cd:6d:2a:4c:19:a5:
         33:40:f2:f1:72:f7:2a:dd:da:05:47:98:f2:28:d9:f1:89:e1:
         83:04:f3:d1:e4:6f:87:c2:e2:42:88:90:1d:b0:3c:2f:2f:f6:
         bc:b4:37:47:d3:94:9c:e4:9f:2e:b0:aa:16:b2:c6:4a:1c:4e:
         e5:02:06:5d:30:b9:02:a6:b9:21:c6:fc:1c:05:84:bf:b7:bf:
         c6:9d:b8:0a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTfPz8aCLutHAqOI7kBwy7NLBxSQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzhjYmIwNjkxZDA3YmE4YzBiMzM3ZjRmYzQxOTE5Mzk1
MTI3NmY2MDYwZTk1YWJiMjA1OTQxYmIwNWY5NDZhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDzb+ePRvNCfLvTmOm+a8ksH/bqz87DaXsNgpgpcqX+ooFS
jcOKtNC48mhztqWcXgxtSwiZXrodTxFiF/H0rgR5osruW9Z0xu4EeZWfQuXpEEcw
NCBn9JW6NuJCdfWFggZ4k2L0rbZmbTxiVQfk8/CmS5VKpeP8sAVUUpDCm16b4Sl0
pWT4g1t6Vx0G4rrZV5CKnIbVK0F769FC5tCBiRPrs/liPy/lKmGH3dloOv8bMJVR
V/4/lBpb1hEX7SmaA1PD4/3ZmCCtCa+GN/jOOKzdvxPk3cgvHe28AR58mS86z/P/
DJq7mLiRuEwr16n2ihXv6fW71Hytyv2qMoEJ/7LxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU+r8377jtIrWnI8SAwL3BQlPvcOkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA4OWM3YjYyLTQ5ZTMtNDExYy05YjdlLThmZjA5NjJlZDFlYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9gUIAwDQYJKoZIhvcNAQELBQADggEBAKFq/RFyH188sglblIqOU+hl
FKoWrguZu6BuSCFwWhoLCzhU8tlNXmX9Ih1gb+T3rMO+JYwK8LOULYlL6jZQwVFq
/EjHt2QpVZoDRrRgQiJq4cYcCAzhBiJO2QDATNgwsZI6E0lvkGz+ldaAQ5u624Ea
A9pZNNBQBIQNkHHbPVrIfP62R5/sfU8JZ9xgljbX6FPuvF5skYZnIVmzjcI4pZRc
AZXjAARbRcTcydZBjs1tKkwZpTNA8vFy9yrd2gVHmPIo2fGJ4YME89Hkb4fC4kKI
kB2wPC8v9ry0N0fTlJzkny6wqhayxkocTuUCBl0wuQKmuSHG/BwFhL+3v8aduAo=
-----END CERTIFICATE-----