Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31947fe5-7d16-401b-b300-5965ac84a944.roa
File:                     31947fe5-7d16-401b-b300-5965ac84a944.roa (raw, json)
Hash identifier:          DuPS97oqlBAHvUW802v+lXLtPwJBzN0bi+sY8DzIyCI=
Subject key identifier:   C1:54:D7:A4:94:28:74:A0:19:18:DC:17:18:0C:8D:32:F9:BD:ED:68
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       72034A6C81F057607C1FE1A9BAD626C748671985
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31947fe5-7d16-401b-b300-5965ac84a944.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        140.244.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:03:4a:6c:81:f0:57:60:7c:1f:e1:a9:ba:d6:26:c7:48:67:19:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: serialNumber=733aef360dfa5ef96bda4d304729b9cbbbd790826c63110f45966e44c1a67aff, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:57:ed:37:77:b6:f0:1b:89:44:5b:95:ea:56:
                    90:92:e1:bb:20:e4:8e:ed:91:04:79:29:e4:8c:db:
                    65:c1:b3:91:82:6e:1f:45:23:08:27:32:50:b3:d2:
                    31:c8:11:2f:66:32:94:6d:35:4b:33:a7:62:7f:0a:
                    f4:f2:41:bb:86:48:0a:f2:8e:77:e9:49:65:a1:b8:
                    59:8b:fc:05:b4:16:9a:e5:f1:48:f2:d3:d3:e9:9e:
                    f8:65:6f:d3:e8:c7:9a:21:c8:f3:a0:e7:fa:2c:d2:
                    ee:c8:cd:aa:08:03:57:b7:f8:a0:80:ca:4c:89:b4:
                    dc:07:dc:be:e2:74:74:51:22:b4:08:a6:27:92:63:
                    91:5a:2c:c9:5c:63:9f:63:09:30:7d:7e:c7:eb:cb:
                    6c:e4:71:ed:1c:b9:53:40:07:56:9e:b4:e3:01:10:
                    60:87:37:11:32:f1:5f:1f:5a:dd:d2:b0:e3:52:8c:
                    4b:2f:22:e9:5b:66:4d:63:18:84:fb:e9:4b:08:55:
                    6f:0f:f2:33:11:0c:da:de:76:93:ba:66:76:7c:93:
                    ba:8a:6f:f6:1c:d0:97:c8:0b:e2:77:a5:e4:32:9b:
                    f0:45:99:27:43:05:94:51:17:71:f0:76:c9:e1:9b:
                    a1:31:92:2b:53:38:8c:15:00:3f:f1:dd:f3:80:43:
                    13:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:54:D7:A4:94:28:74:A0:19:18:DC:17:18:0C:8D:32:F9:BD:ED:68
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31947fe5-7d16-401b-b300-5965ac84a944.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.244.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         33:f5:68:1b:70:d8:32:ab:59:ff:1c:13:36:cc:39:c7:10:75:
         a5:4d:bf:b5:ba:1b:20:14:8d:ec:51:4b:cc:ad:f6:d5:32:12:
         e6:ec:79:52:f2:ad:b0:16:b5:c3:6f:9c:86:2f:cc:8e:78:90:
         7f:ad:26:bc:8a:f8:e7:90:69:5b:4f:2a:a9:21:aa:0e:78:4a:
         5b:a4:f7:04:b0:2c:16:29:5b:1e:95:e9:3f:8e:58:d5:f4:f6:
         18:82:3d:6e:74:ab:85:1d:0d:ed:90:f3:09:83:d9:d9:77:2c:
         1b:fe:cf:0d:82:8b:31:c2:f1:cf:65:7e:3d:20:6d:ec:67:1a:
         3c:ef:73:fa:da:04:d0:cc:4d:97:54:e0:21:0b:5a:44:22:5f:
         0d:51:b6:d8:36:42:0e:5d:ef:96:96:70:0b:0d:b7:89:d9:bc:
         56:59:4f:7e:47:8b:ee:ae:b4:5c:ad:f8:f6:9e:bd:46:5c:d3:
         a2:23:c7:d5:21:52:2e:5f:1d:ed:61:e1:4f:e2:69:95:c2:a3:
         29:94:10:95:82:bf:3f:89:94:c4:f8:85:a1:f2:04:32:80:67:
         fc:d4:61:5a:92:f3:9d:be:b5:f8:82:ee:72:c2:74:e0:12:f4:
         3a:9b:fe:b3:4e:34:0f:1f:9d:6e:21:85:25:62:d0:90:f2:9b:
         fa:bd:89:f5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcgNKbIHwV2B8H+GputYmx0hnGYUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MzNhZWYzNjBkZmE1ZWY5NmJkYTRkMzA0NzI5YjljYmJi
ZDc5MDgyNmM2MzExMGY0NTk2NmU0NGMxYTY3YWZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZV+03d7bwG4lEW5XqVpCS4bsg5I7tkQR5KeSM22XBs5GC
bh9FIwgnMlCz0jHIES9mMpRtNUszp2J/CvTyQbuGSAryjnfpSWWhuFmL/AW0Fprl
8Ujy09Ppnvhlb9Pox5ohyPOg5/os0u7IzaoIA1e3+KCAykyJtNwH3L7idHRRIrQI
pieSY5FaLMlcY59jCTB9fsfry2zkce0cuVNAB1aetOMBEGCHNxEy8V8fWt3SsONS
jEsvIulbZk1jGIT76UsIVW8P8jMRDNredpO6ZnZ8k7qKb/Yc0JfIC+J3peQym/BF
mSdDBZRRF3Hwdsnhm6ExkitTOIwVAD/x3fOAQxOLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUwVTXpJQodKAZGNwXGAyNMvm97WgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxOTQ3ZmU1LTdkMTYtNDAxYi1iMzAwLTU5NjVhYzg0YTk0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCM9DANBgkqhkiG9w0BAQsFAAOCAQEAM/VoG3DYMqtZ/xwTNsw5xxB1pU2/
tbobIBSN7FFLzK321TIS5ux5UvKtsBa1w2+chi/MjniQf60mvIr455BpW08qqSGq
DnhKW6T3BLAsFilbHpXpP45Y1fT2GII9bnSrhR0N7ZDzCYPZ2XcsG/7PDYKLMcLx
z2V+PSBt7GcaPO9z+toE0MxNl1TgIQtaRCJfDVG22DZCDl3vlpZwCw23idm8VllP
fkeL7q60XK349p69RlzToiPH1SFSLl8d7WHhT+JplcKjKZQQlYK/P4mUxPiFofIE
MoBn/NRhWpLznb61+ILucsJ04BL0Opv+s040Dx+dbiGFJWLQkPKb+r2J9Q==
-----END CERTIFICATE-----