Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/179c0740-134b-405f-bf90-1db3f8aa1d0f.roa
File:                     179c0740-134b-405f-bf90-1db3f8aa1d0f.roa (raw, json)
Hash identifier:          fYwzwdAPc1e2oilBdJSo3cxxVGLSuiriSdMUKmty0RI=
Subject key identifier:   87:BC:85:13:28:E7:14:EE:BC:B9:03:B5:D9:37:FE:27:83:B8:7F:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       149813561F53EB7F0F907259C5C09A579D34866C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/179c0740-134b-405f-bf90-1db3f8aa1d0f.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        199.61.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:98:13:56:1f:53:eb:7f:0f:90:72:59:c5:c0:9a:57:9d:34:86:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=b0805f3b783449843365eb14eac0fdb6773d74f6f2851f37149ac69f5788d614, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:ee:f0:8d:0d:82:8c:65:02:1b:3e:54:c8:28:
                    9a:49:00:40:70:34:35:f1:c6:96:fa:34:1d:13:6a:
                    7a:4a:5e:15:13:ee:70:92:75:98:2e:57:58:6e:11:
                    72:93:a5:d2:2b:9e:9a:20:4f:52:31:33:62:14:b3:
                    a5:9e:c0:41:29:42:f2:09:2d:0f:d5:3a:b4:b1:42:
                    07:a0:2e:b4:59:72:9b:50:31:53:64:f3:08:1c:7b:
                    78:61:be:b0:8b:59:61:40:cb:c3:01:df:56:8f:47:
                    95:31:20:ca:43:fc:d0:62:fc:64:02:46:0f:c2:8c:
                    7b:e4:9b:22:d9:cc:1b:7c:0b:24:50:cd:7b:c4:ca:
                    2d:f6:a9:cc:1e:f1:7c:f5:55:f8:69:df:aa:b8:66:
                    a6:b3:e6:ad:b9:d9:ab:09:3f:e1:ba:7a:8d:eb:25:
                    2c:75:07:d9:3c:e6:25:3d:31:a6:c9:f2:fc:cf:ce:
                    74:02:9c:4d:f8:69:5a:8c:8b:21:31:7c:2a:94:ec:
                    43:c7:a8:60:e3:78:67:3a:85:7d:ea:65:de:85:57:
                    c4:ad:4d:f5:62:3d:71:ea:d3:ff:f7:d1:de:a6:59:
                    c0:b6:ec:34:89:b6:a1:94:ec:90:0a:9a:20:a8:0e:
                    4a:a3:eb:7a:7d:30:15:92:86:13:3f:18:70:a9:35:
                    d6:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:BC:85:13:28:E7:14:EE:BC:B9:03:B5:D9:37:FE:27:83:B8:7F:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/179c0740-134b-405f-bf90-1db3f8aa1d0f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.61.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c9:6f:ca:d8:89:43:c4:39:5d:90:13:be:f4:33:49:d0:d6:d7:
         ec:43:b3:fa:53:f5:f9:3e:4d:50:de:b5:a7:d7:fa:1c:42:88:
         32:eb:f9:3e:0d:a1:66:c9:80:f1:70:cd:56:13:77:eb:7d:1e:
         fd:38:81:e1:bb:87:be:c1:8d:ef:80:ad:8b:0b:81:97:b7:1d:
         a5:c7:c2:5e:53:9b:e4:4c:72:23:a0:0b:6d:76:d5:6e:80:e9:
         91:2a:8f:bc:07:63:18:14:e8:fa:b5:7a:1b:ce:c3:73:9e:03:
         28:09:db:57:fe:5b:d2:ce:25:52:2a:0c:a4:21:e1:9d:e3:06:
         7e:9b:64:53:ba:cb:5c:58:d6:d5:ea:76:16:1a:40:5c:87:5d:
         a1:78:99:0c:aa:a0:07:af:15:01:74:7b:98:2d:a8:00:25:f5:
         91:0f:69:f8:eb:ea:40:6e:99:12:0e:32:12:ab:fe:fe:ec:3c:
         50:44:f0:d4:a1:e6:b3:fc:00:92:46:26:87:88:22:5e:eb:94:
         cd:db:54:d4:b3:20:e8:51:13:6f:be:ae:e1:78:4e:3d:75:0d:
         1b:ff:7e:fc:b4:27:80:26:ad:84:ae:e0:21:1b:c2:5d:7b:7e:
         47:81:2f:61:c2:4b:b1:14:61:d1:37:94:28:01:33:66:7b:40:
         f8:ea:a8:fa
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFJgTVh9T638PkHJZxcCaV500hmwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMDgwNWYzYjc4MzQ0OTg0MzM2NWViMTRlYWMwZmRiNjc3
M2Q3NGY2ZjI4NTFmMzcxNDlhYzY5ZjU3ODhkNjE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDb7vCNDYKMZQIbPlTIKJpJAEBwNDXxxpb6NB0TanpKXhUT
7nCSdZguV1huEXKTpdIrnpogT1IxM2IUs6WewEEpQvIJLQ/VOrSxQgegLrRZcptQ
MVNk8wgce3hhvrCLWWFAy8MB31aPR5UxIMpD/NBi/GQCRg/CjHvkmyLZzBt8CyRQ
zXvEyi32qcwe8Xz1Vfhp36q4Zqaz5q252asJP+G6eo3rJSx1B9k85iU9MabJ8vzP
znQCnE34aVqMiyExfCqU7EPHqGDjeGc6hX3qZd6FV8StTfViPXHq0//30d6mWcC2
7DSJtqGU7JAKmiCoDkqj63p9MBWShhM/GHCpNdbnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUh7yFEyjnFO68uQO12Tf+J4O4f6MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE3OWMwNzQwLTEzNGItNDA1Zi1iZjkwLTFkYjNmOGFhMWQwZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDHPTANBgkqhkiG9w0BAQsFAAOCAQEAyW/K2IlDxDldkBO+9DNJ0NbX7EOz
+lP1+T5NUN61p9f6HEKIMuv5Pg2hZsmA8XDNVhN3630e/TiB4buHvsGN74CtiwuB
l7cdpcfCXlOb5ExyI6ALbXbVboDpkSqPvAdjGBTo+rV6G87Dc54DKAnbV/5b0s4l
UioMpCHhneMGfptkU7rLXFjW1ep2FhpAXIddoXiZDKqgB68VAXR7mC2oACX1kQ9p
+OvqQG6ZEg4yEqv+/uw8UETw1KHms/wAkkYmh4giXuuUzdtU1LMg6FETb76u4XhO
PXUNG/9+/LQngCathK7gIRvCXXt+R4EvYcJLsRRh0TeUKAEzZntA+Oqo+g==
-----END CERTIFICATE-----