Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34cfade7-a686-4f5b-b83c-db13755073f0.roa
File:                     34cfade7-a686-4f5b-b83c-db13755073f0.roa (raw, json)
Hash identifier:          ln2zyKOuJyLyk2MT5nXB4Tyt8R2M2V+vPG8mx3B/0R0=
Subject key identifier:   BF:F2:3F:0C:CA:3C:C4:F3:6A:0D:E9:96:05:DF:1B:B1:36:3E:C3:7F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6C15F6DFE83DDF3CE52C9056C17A9994FB3734AB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34cfade7-a686-4f5b-b83c-db13755073f0.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        155.40.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:15:f6:df:e8:3d:df:3c:e5:2c:90:56:c1:7a:99:94:fb:37:34:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=20ef41eaba5d355fa83492965602198305184e8939ba6a9bb453cde3a6965e39, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ab:8f:73:d4:b9:d4:e2:bc:03:ed:79:73:56:
                    0b:43:b2:ee:18:8a:7c:f4:21:af:76:f8:f0:eb:d7:
                    b3:c9:1b:3c:ad:9d:ca:02:83:93:47:e4:64:3f:75:
                    7a:cb:c0:ec:b7:be:f2:64:1d:61:cf:19:b9:ae:d0:
                    0a:c1:13:7e:0c:91:50:08:9f:6c:4d:f0:de:53:d3:
                    84:5e:29:32:af:7a:b7:23:0c:81:63:84:16:db:50:
                    99:b6:5b:c9:1b:41:c9:8b:49:54:83:f7:0b:2b:59:
                    b7:25:3a:c9:6b:71:d0:e8:9c:c6:26:12:1d:26:ff:
                    45:0d:60:dc:1e:d0:44:4d:e8:b4:16:49:96:59:38:
                    65:1b:98:d3:b4:15:c5:9b:71:c5:04:41:1a:bd:3c:
                    3f:56:6e:b6:36:17:b1:09:ca:d3:a5:0e:ee:c6:e0:
                    03:df:58:26:6c:11:9f:0c:52:fa:cc:17:6c:9f:f3:
                    ef:f7:f2:bf:c0:02:ec:5f:15:c1:d6:c0:a7:6a:6f:
                    b9:e1:be:24:37:51:73:2f:bd:be:a7:e3:3d:dc:b5:
                    47:3b:1b:cf:cc:a7:02:fb:f4:ca:62:1e:b6:41:4a:
                    c9:e8:ab:66:35:a9:7e:a5:96:6d:f1:83:36:6b:bd:
                    3c:d5:be:fd:85:a7:59:d9:43:1d:c8:11:9a:fd:d0:
                    79:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:F2:3F:0C:CA:3C:C4:F3:6A:0D:E9:96:05:DF:1B:B1:36:3E:C3:7F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34cfade7-a686-4f5b-b83c-db13755073f0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.40.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         64:8a:36:ff:dc:48:a7:e5:95:40:ef:29:19:2a:12:77:68:8a:
         34:9d:41:a5:72:90:d3:1e:6a:6f:66:d3:ff:ce:b2:a6:3d:1a:
         12:ca:f4:bc:18:b1:cc:97:ed:6f:cb:46:ec:a4:de:8e:2e:94:
         2d:d2:63:d2:3a:2a:ad:db:22:6e:47:73:6f:5d:af:85:36:dc:
         d2:d3:28:00:2e:97:2c:26:40:ad:ab:e6:95:76:80:7c:bf:82:
         dd:41:ab:eb:dc:57:ff:c2:25:af:c3:cd:75:77:e4:bb:b9:73:
         b6:66:80:9d:08:20:c6:7a:58:0d:b8:2d:00:60:0f:a9:f6:99:
         be:47:cf:01:c6:eb:6d:09:63:f9:88:ec:75:19:b0:e1:e4:97:
         f4:47:fd:3e:52:71:9a:f5:33:1b:d6:51:d5:79:fc:a5:b2:5a:
         4c:10:72:35:e2:95:b7:ea:1a:cb:2c:ac:a4:9e:4d:aa:28:f1:
         21:84:3a:e1:bb:52:b2:1b:78:a5:f2:54:d7:e7:49:06:7d:d5:
         fb:65:f8:9b:20:b3:02:5c:9c:9c:26:e1:5f:49:ed:ff:8d:d4:
         2a:8a:76:8a:8a:f4:9f:d8:82:dc:dc:a8:39:c9:c6:21:46:2e:
         76:25:03:84:f6:73:ae:dd:d7:1d:26:b4:8d:97:f8:78:03:fa:
         b5:8a:ec:24
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbBX23+g93zzlLJBWwXqZlPs3NKswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMGVmNDFlYWJhNWQzNTVmYTgzNDkyOTY1NjAyMTk4MzA1
MTg0ZTg5MzliYTZhOWJiNDUzY2RlM2E2OTY1ZTM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeq49z1LnU4rwD7XlzVgtDsu4Yinz0Ia92+PDr17PJGzyt
ncoCg5NH5GQ/dXrLwOy3vvJkHWHPGbmu0ArBE34MkVAIn2xN8N5T04ReKTKvercj
DIFjhBbbUJm2W8kbQcmLSVSD9wsrWbclOslrcdDonMYmEh0m/0UNYNwe0ERN6LQW
SZZZOGUbmNO0FcWbccUEQRq9PD9WbrY2F7EJytOlDu7G4APfWCZsEZ8MUvrMF2yf
8+/38r/AAuxfFcHWwKdqb7nhviQ3UXMvvb6n4z3ctUc7G8/MpwL79MpiHrZBSsno
q2Y1qX6llm3xgzZrvTzVvv2Fp1nZQx3IEZr90HnnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUv/I/DMo8xPNqDemWBd8bsTY+w38wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM0Y2ZhZGU3LWE2ODYtNGY1Yi1iODNjLWRiMTM3NTUwNzNmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCbKDANBgkqhkiG9w0BAQsFAAOCAQEAZIo2/9xIp+WVQO8pGSoSd2iKNJ1B
pXKQ0x5qb2bT/86ypj0aEsr0vBixzJftb8tG7KTeji6ULdJj0joqrdsibkdzb12v
hTbc0tMoAC6XLCZAravmlXaAfL+C3UGr69xX/8Ilr8PNdXfku7lztmaAnQggxnpY
DbgtAGAPqfaZvkfPAcbrbQlj+YjsdRmw4eSX9Ef9PlJxmvUzG9ZR1Xn8pbJaTBBy
NeKVt+oayyyspJ5NqijxIYQ64btSsht4pfJU1+dJBn3V+2X4myCzAlycnCbhX0nt
/43UKop2ior0n9iC3NyoOcnGIUYudiUDhPZzrt3XHSa0jZf4eAP6tYrsJA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:27:56 2025 by rpki-client