Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2260ce1f-9b02-41b8-a35b-bdaba4786d8c.roa
File:                     2260ce1f-9b02-41b8-a35b-bdaba4786d8c.roa (raw, json)
Hash identifier:          mfp18kMXU6feTYhawIv5JWjiyWSp9soQPTAutF8O/ns=
Subject key identifier:   B3:26:E0:A3:E4:6C:0B:A8:DE:37:5F:E8:42:D6:DF:74:B5:6A:B9:34
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       59D23F99143CD6C0C588A818D2200B4E4DDE770B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2260ce1f-9b02-41b8-a35b-bdaba4786d8c.roa
Signing time:             Fri 20 Dec 2024 00:00:00 +0000
ROA not before:           Fri 20 Dec 2024 00:00:00 +0000
ROA not after:            Fri 24 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.83.98.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:d2:3f:99:14:3c:d6:c0:c5:88:a8:18:d2:20:0b:4e:4d:de:77:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 20 00:00:00 2024 GMT
            Not After : Jan 24 23:59:59 2025 GMT
        Subject: serialNumber=de726d6531d2c5e592eb034d40ac50cce63d3ff013f3002541c4b77d1b1f7b71, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:90:12:bf:7e:67:4c:02:90:03:4d:44:a4:86:
                    a9:e3:3c:e1:0c:1e:4d:c9:c0:26:88:77:e5:3b:df:
                    8d:65:ac:1d:20:48:30:67:1d:ef:6c:62:7b:4b:ec:
                    06:41:af:87:e2:e8:0a:9a:5d:95:21:37:42:dc:df:
                    9a:88:53:b1:8d:f3:6e:82:a5:50:c3:0f:50:84:39:
                    78:3d:83:82:d8:86:9d:93:cc:c4:fb:f2:d3:b4:41:
                    3e:76:4e:32:a7:07:83:0a:40:5f:16:f3:3a:b7:0f:
                    15:b5:bb:79:2d:65:3b:e3:4c:47:45:2d:2d:0d:23:
                    d7:82:94:86:83:b3:c7:3a:43:62:7b:67:0d:e2:45:
                    89:97:cd:c9:10:c6:88:d4:a6:bf:fb:06:2d:4e:e3:
                    ba:88:c2:4a:31:28:bc:2d:e7:9d:bb:5f:80:a2:67:
                    4b:b1:96:ea:5d:29:f7:02:43:a1:30:86:7b:4c:3c:
                    27:5e:14:2a:ec:63:32:18:43:53:07:6c:65:32:7e:
                    18:d9:71:2c:a1:89:e6:72:2c:33:77:d7:88:6c:06:
                    2c:c7:2c:a2:0f:36:e9:e9:5c:df:ff:c6:db:af:20:
                    39:4a:5c:c1:bd:ab:19:b4:ad:2a:e5:47:2a:9c:6e:
                    d5:97:28:2e:f5:15:16:66:18:72:42:c1:21:a8:46:
                    81:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:26:E0:A3:E4:6C:0B:A8:DE:37:5F:E8:42:D6:DF:74:B5:6A:B9:34
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2260ce1f-9b02-41b8-a35b-bdaba4786d8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.83.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:2a:9a:ba:87:33:d6:d2:70:84:c4:aa:3b:2b:26:45:7c:c9:
         44:bd:56:5a:6e:3c:fd:19:e5:a5:b0:91:5b:b7:0a:f7:08:79:
         cc:ac:3c:bb:46:33:4d:e4:fa:b1:f9:0d:b3:c9:9b:4a:53:07:
         6d:a6:dd:18:74:c3:6e:65:65:5e:1a:eb:02:36:a6:dc:d8:e7:
         63:36:38:c2:5d:93:2e:17:9a:45:a9:8a:36:08:ba:da:f1:02:
         47:f9:1a:fc:53:e6:39:ab:0b:38:dd:1e:6b:e3:2c:4e:c7:e3:
         c1:6e:8d:fb:8d:8a:28:1a:33:40:4d:b1:7a:42:d6:a0:1f:30:
         0f:5b:89:36:9a:cf:72:63:8c:30:6f:67:34:c0:66:16:3a:8a:
         b2:37:bf:4e:bb:88:d8:36:bd:6d:71:fa:60:bf:de:b7:ef:65:
         3f:4e:58:43:8a:71:94:72:c5:00:83:73:aa:66:cb:03:37:28:
         97:d7:a7:77:89:65:6c:d4:41:79:66:01:43:74:ce:c7:9d:3e:
         4c:e6:01:9f:1d:e4:0f:ff:9c:ed:02:3f:75:6f:6a:75:12:6e:
         70:e9:3a:fa:53:83:5b:37:cf:82:c3:9c:8b:e7:5f:6b:c3:21:
         83:8c:7d:88:16:20:d3:34:01:3c:08:ad:3d:28:63:0e:98:fe:
         c5:e6:4f:0b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWdI/mRQ81sDFiKgY0iALTk3edwswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIwMDAwMDAwWhcNMjUwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTcyNmQ2NTMxZDJjNWU1OTJlYjAzNGQ0MGFjNTBjY2U2
M2QzZmYwMTNmMzAwMjU0MWM0Yjc3ZDFiMWY3YjcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpkBK/fmdMApADTUSkhqnjPOEMHk3JwCaId+U7341lrB0g
SDBnHe9sYntL7AZBr4fi6AqaXZUhN0Lc35qIU7GN826CpVDDD1CEOXg9g4LYhp2T
zMT78tO0QT52TjKnB4MKQF8W8zq3DxW1u3ktZTvjTEdFLS0NI9eClIaDs8c6Q2J7
Zw3iRYmXzckQxojUpr/7Bi1O47qIwkoxKLwt5527X4CiZ0uxlupdKfcCQ6EwhntM
PCdeFCrsYzIYQ1MHbGUyfhjZcSyhieZyLDN314hsBizHLKIPNunpXN//xtuvIDlK
XMG9qxm0rSrlRyqcbtWXKC71FRZmGHJCwSGoRoGtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsybgo+RsC6jeN1/oQtbfdLVquTQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIyNjBjZTFmLTliMDItNDFiOC1hMzViLWJkYWJhNDc4NmQ4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjU2IwDQYJKoZIhvcNAQELBQADggEBAFYqmrqHM9bScITEqjsrJkV8yUS9
VlpuPP0Z5aWwkVu3CvcIecysPLtGM03k+rH5DbPJm0pTB22m3Rh0w25lZV4a6wI2
ptzY52M2OMJdky4XmkWpijYIutrxAkf5GvxT5jmrCzjdHmvjLE7H48FujfuNiiga
M0BNsXpC1qAfMA9biTaaz3JjjDBvZzTAZhY6irI3v067iNg2vW1x+mC/3rfvZT9O
WEOKcZRyxQCDc6pmywM3KJfXp3eJZWzUQXlmAUN0zsedPkzmAZ8d5A//nO0CP3Vv
anUSbnDpOvpTg1s3z4LDnIvnX2vDIYOMfYgWINM0ATwIrT0oYw6Y/sXmTws=
-----END CERTIFICATE-----