Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a59bee5-89f9-485c-8a59-86cfb9d5b61b.roa
File:                     2a59bee5-89f9-485c-8a59-86cfb9d5b61b.roa (raw, json)
Hash identifier:          TkUGtgLnewXb5ZCWZ8I0sVppk2fTfYJUKZUl7THPQr0=
Subject key identifier:   EB:93:B3:9B:F6:D0:C5:DE:C9:D6:53:3B:A5:6D:E1:14:F5:47:1C:1D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       FE5B6472D24FB0CCD53484179D7B6F041C0A61
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a59bee5-89f9-485c-8a59-86cfb9d5b61b.roa
Signing time:             Tue 04 Mar 2025 15:11:16 +0000
ROA not before:           Tue 04 Mar 2025 15:11:16 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        139.56.4.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            fe:5b:64:72:d2:4f:b0:cc:d5:34:84:17:9d:7b:6f:04:1c:0a:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar  4 15:11:16 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: serialNumber=b6888b8d917a33812c7ac6c89a02055e674a2c39728c6ed23d0ceba3cfeb96ae, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:57:69:06:30:0a:c0:ac:8e:a5:5d:d6:aa:58:
                    1e:7f:74:3c:39:f0:5d:80:5f:27:43:84:d8:9a:37:
                    a8:ff:1b:cd:c9:50:ed:64:9c:91:ed:cc:c8:1e:a0:
                    ed:12:d8:f4:1f:6e:9a:d7:2b:8c:f1:a6:3b:09:13:
                    c5:29:38:76:32:85:ed:04:01:ee:ba:45:98:4a:d2:
                    cc:25:11:dc:2d:c8:39:af:1c:94:36:40:67:cc:f6:
                    fb:09:f7:80:4b:e6:79:b0:a8:4b:e5:20:35:8f:a0:
                    ee:be:2f:9d:72:cd:e2:c3:96:58:86:f4:2c:de:88:
                    6c:02:f4:af:8a:9b:c2:a0:b8:64:57:49:c2:48:a0:
                    51:f3:d3:56:91:b8:51:39:4b:a6:eb:e2:72:66:7d:
                    7a:ed:66:5c:81:c5:01:f3:42:f5:4b:14:ce:96:a6:
                    df:6c:ff:7e:fa:4f:f8:95:2e:cd:b6:c8:ea:00:26:
                    9c:2c:45:51:90:e8:58:33:bb:c6:09:c6:71:3e:07:
                    6b:64:c2:3e:29:fc:37:39:1c:22:9a:b8:17:a7:fb:
                    7c:5d:ed:ad:46:be:ed:a1:e9:ad:42:d2:84:62:98:
                    c0:27:7c:3e:26:d3:cd:90:76:b4:91:34:8a:5e:d4:
                    5d:d9:b8:ca:bf:21:98:a1:80:1d:f5:f7:a1:9c:7b:
                    ef:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:93:B3:9B:F6:D0:C5:DE:C9:D6:53:3B:A5:6D:E1:14:F5:47:1C:1D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a59bee5-89f9-485c-8a59-86cfb9d5b61b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.56.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:42:73:b1:4a:62:d3:cd:00:c8:07:32:f8:13:72:be:68:a7:
         e3:dc:8d:e5:68:99:39:c0:fa:2c:5b:1e:a2:e5:d3:a4:37:85:
         e7:8e:55:0a:6b:d5:fa:b3:c1:0f:a1:78:59:25:a1:f1:46:5b:
         0c:39:40:ea:57:f8:9e:84:9f:cd:36:2d:c0:c5:c3:7f:72:9c:
         78:1d:ff:e9:76:79:8d:d5:a2:ff:05:52:9e:32:3c:4e:67:77:
         73:06:1f:02:17:76:be:9a:eb:d0:c8:6d:0b:b2:7a:54:1f:ee:
         0e:ef:ae:d0:64:71:dd:ca:54:3d:68:81:63:9b:d8:ee:b9:01:
         31:ae:8f:38:37:62:e3:0a:27:8f:87:fd:ad:8c:b3:42:5f:d0:
         fb:8e:64:61:cf:1c:c9:38:81:3a:10:c0:42:57:e1:f0:32:54:
         1c:fb:34:b4:dc:c8:79:35:66:dc:93:86:b8:1a:b8:7c:07:f5:
         ff:0e:08:99:be:ec:61:1e:b1:c0:aa:2c:ff:5c:a9:2f:65:03:
         fe:27:c5:ea:89:46:45:6b:f9:9f:f0:10:62:5d:b9:78:50:46:
         b5:04:04:9a:69:13:67:04:f5:e0:8e:78:42:52:55:af:b9:22:
         38:b5:78:61:74:8b:83:33:b6:11:18:07:66:44:51:0a:b0:e0:
         06:4a:a1:6e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAP5bZHLST7DM1TSEF517bwQcCmEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzA0MTUxMTE2WhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNjg4OGI4ZDkxN2EzMzgxMmM3YWM2Yzg5YTAyMDU1ZTY3
NGEyYzM5NzI4YzZlZDIzZDBjZWJhM2NmZWI5NmFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIV2kGMArArI6lXdaqWB5/dDw58F2AXydDhNiaN6j/G83J
UO1knJHtzMgeoO0S2PQfbprXK4zxpjsJE8UpOHYyhe0EAe66RZhK0swlEdwtyDmv
HJQ2QGfM9vsJ94BL5nmwqEvlIDWPoO6+L51yzeLDlliG9CzeiGwC9K+Km8KguGRX
ScJIoFHz01aRuFE5S6br4nJmfXrtZlyBxQHzQvVLFM6Wpt9s/376T/iVLs22yOoA
JpwsRVGQ6Fgzu8YJxnE+B2tkwj4p/Dc5HCKauBen+3xd7a1Gvu2h6a1C0oRimMAn
fD4m082QdrSRNIpe1F3ZuMq/IZihgB3196Gce++bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU65Ozm/bQxd7J1lM7pW3hFPVHHB0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJhNTliZWU1LTg5ZjktNDg1Yy04YTU5LTg2Y2ZiOWQ1YjYxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACLOAQwDQYJKoZIhvcNAQELBQADggEBAHdCc7FKYtPNAMgHMvgTcr5op+Pc
jeVomTnA+ixbHqLl06Q3heeOVQpr1fqzwQ+heFklofFGWww5QOpX+J6En802LcDF
w39ynHgd/+l2eY3Vov8FUp4yPE5nd3MGHwIXdr6a69DIbQuyelQf7g7vrtBkcd3K
VD1ogWOb2O65ATGujzg3YuMKJ4+H/a2Ms0Jf0PuOZGHPHMk4gToQwEJX4fAyVBz7
NLTcyHk1ZtyThrgauHwH9f8OCJm+7GEescCqLP9cqS9lA/4nxeqJRkVr+Z/wEGJd
uXhQRrUEBJppE2cE9eCOeEJSVa+5Iji1eGF0i4MzthEYB2ZEUQqw4AZKoW4=
-----END CERTIFICATE-----