Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a1cc379-88d3-486b-8fbd-b4bbc98035f1.roa
File:                     1a1cc379-88d3-486b-8fbd-b4bbc98035f1.roa (raw, json)
Hash identifier:          FI/48Xd0i4NMaOfx2LUuY5Q7Ib48ywW5wBxf+wypntc=
Subject key identifier:   3F:E7:DE:44:0B:DC:58:B1:6E:A5:49:92:78:BC:E7:7F:93:FC:F5:24
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63322E4D1483D7D32A540C9133183B936AC68496
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a1cc379-88d3-486b-8fbd-b4bbc98035f1.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        216.49.64.0/20 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:32:2e:4d:14:83:d7:d3:2a:54:0c:91:33:18:3b:93:6a:c6:84:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=03dda23f96fc2dec3b82cb41c128201f148be6721d3fefdc7da381a904240743, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:08:e5:6f:fd:f7:78:03:bb:23:4f:20:33:f6:
                    d1:12:48:55:5b:67:f2:19:c2:91:c4:16:6e:46:19:
                    e1:3c:63:cd:e0:08:44:9e:4f:f4:28:84:5a:2e:7a:
                    2a:e8:e3:ce:b5:18:e4:83:02:a9:41:f4:bd:f8:08:
                    88:36:e2:be:13:61:e4:68:19:8c:1b:1f:d7:82:19:
                    d5:4a:e0:d3:8a:49:83:07:48:14:d1:9a:f3:3f:4b:
                    d5:14:43:83:d2:ae:68:6c:27:e9:cd:3c:e5:c6:e1:
                    64:a9:3a:c2:8a:bb:23:d8:01:b7:05:f7:dd:0a:3b:
                    a5:2a:e0:e3:41:c9:c5:a3:4b:0f:4d:df:00:06:70:
                    0c:7d:93:22:7f:30:8b:ee:b5:42:c7:6a:8c:81:fa:
                    ad:84:3c:47:56:39:d4:51:be:58:fd:9b:3d:11:41:
                    4c:8b:f0:10:73:a8:c1:04:c1:dc:c3:0e:08:c4:0b:
                    1d:bc:13:f2:1a:72:b5:3d:d0:88:66:b7:ad:48:99:
                    06:95:92:3a:cb:77:dd:e4:ee:e3:e5:99:bb:d9:c1:
                    c1:c3:7a:f5:fc:c7:e6:16:9e:8d:79:28:56:41:18:
                    67:77:56:15:eb:11:d6:c5:2d:5d:fb:24:e3:fa:91:
                    13:fe:d8:4e:67:fc:e4:ac:f5:40:d6:06:03:07:ba:
                    8c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:E7:DE:44:0B:DC:58:B1:6E:A5:49:92:78:BC:E7:7F:93:FC:F5:24
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a1cc379-88d3-486b-8fbd-b4bbc98035f1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.49.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         11:17:89:a3:b9:f2:cf:0d:77:9e:c6:a1:50:e4:c6:ea:fd:8c:
         22:7d:36:fe:85:ad:2a:cc:bb:74:d7:3d:36:18:51:f8:c1:ce:
         e8:3a:98:0f:45:dd:a4:2c:b3:32:ea:14:36:7e:1a:00:ec:0d:
         76:1e:60:5c:12:a5:5b:51:ff:68:de:67:db:1e:ea:7b:00:74:
         e0:fc:45:3a:84:3c:68:7f:7e:cf:cc:b2:4d:38:52:90:d9:cd:
         1b:02:6f:0c:59:cb:ec:5e:84:bf:bb:4d:8e:4f:32:5c:d8:d7:
         16:45:49:06:c7:26:44:d1:88:ec:71:55:37:83:14:e6:f3:14:
         5b:07:1a:f3:0d:e2:99:a9:9b:a4:6a:43:9c:b9:0b:90:9c:8a:
         04:34:a6:e7:8e:0f:51:7a:7a:d5:9d:21:60:e6:c6:7b:b3:5e:
         b3:86:04:40:88:c2:28:8a:8d:df:08:51:ac:bd:cf:cf:a2:ee:
         b1:de:49:40:5b:85:ee:a6:c0:92:08:d2:02:fd:83:00:4a:67:
         b5:29:5c:4e:78:bd:ef:a0:54:42:34:08:2a:70:cd:d2:bc:c5:
         2b:01:45:ad:2e:3d:09:da:f3:ce:05:ce:2f:e0:c9:f0:ea:07:
         b4:bd:bc:77:9d:25:53:c3:6e:3b:be:56:e1:b4:71:70:78:03:
         24:4e:11:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYzIuTRSD19MqVAyRMxg7k2rGhJYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwM2RkYTIzZjk2ZmMyZGVjM2I4MmNiNDFjMTI4MjAxZjE0
OGJlNjcyMWQzZmVmZGM3ZGEzODFhOTA0MjQwNzQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcCOVv/fd4A7sjTyAz9tESSFVbZ/IZwpHEFm5GGeE8Y83g
CESeT/QohFoueiro4861GOSDAqlB9L34CIg24r4TYeRoGYwbH9eCGdVK4NOKSYMH
SBTRmvM/S9UUQ4PSrmhsJ+nNPOXG4WSpOsKKuyPYAbcF990KO6Uq4ONBycWjSw9N
3wAGcAx9kyJ/MIvutULHaoyB+q2EPEdWOdRRvlj9mz0RQUyL8BBzqMEEwdzDDgjE
Cx28E/IacrU90Ihmt61ImQaVkjrLd93k7uPlmbvZwcHDevX8x+YWno15KFZBGGd3
VhXrEdbFLV37JOP6kRP+2E5n/OSs9UDWBgMHuowvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUP+feRAvcWLFupUmSeLznf5P89SQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFhMWNjMzc5LTg4ZDMtNDg2Yi04ZmJkLWI0YmJjOTgwMzVmMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATYMUAwDQYJKoZIhvcNAQELBQADggEBABEXiaO58s8Nd57GoVDkxur9jCJ9
Nv6FrSrMu3TXPTYYUfjBzug6mA9F3aQsszLqFDZ+GgDsDXYeYFwSpVtR/2jeZ9se
6nsAdOD8RTqEPGh/fs/Msk04UpDZzRsCbwxZy+xehL+7TY5PMlzY1xZFSQbHJkTR
iOxxVTeDFObzFFsHGvMN4pmpm6RqQ5y5C5CcigQ0pueOD1F6etWdIWDmxnuzXrOG
BECIwiiKjd8IUay9z8+i7rHeSUBbhe6mwJII0gL9gwBKZ7UpXE54ve+gVEI0CCpw
zdK8xSsBRa0uPQna884Fzi/gyfDqB7S9vHedJVPDbju+VuG0cXB4AyROEYo=
-----END CERTIFICATE-----