Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f657815-9ff9-4402-8e59-74db07414844.roa
File:                     4f657815-9ff9-4402-8e59-74db07414844.roa (raw, json)
Hash identifier:          0tZ89EPJkB/b2dQJV/YjEPU40ppOCGCsCcvamxDonpE=
Subject key identifier:   19:77:89:DE:38:BC:1E:6D:85:9B:1B:5C:34:4E:B7:7A:D3:5F:02:5F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0A530CD4DB4456EAD20890E591C99F41F63569E7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f657815-9ff9-4402-8e59-74db07414844.roa
Signing time:             Mon 23 Dec 2024 00:00:00 +0000
ROA not before:           Mon 23 Dec 2024 00:00:00 +0000
ROA not after:            Mon 27 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.43.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:53:0c:d4:db:44:56:ea:d2:08:90:e5:91:c9:9f:41:f6:35:69:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 23 00:00:00 2024 GMT
            Not After : Jan 27 23:59:59 2025 GMT
        Subject: serialNumber=209891bf343ca4f89e577797048630682c0897f02a2b32265a1706f5c3fafb20, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e1:62:c5:c8:e9:80:7b:7c:73:15:cc:e6:c9:
                    a7:3d:3c:73:e7:38:ef:f5:ce:88:36:ef:70:01:90:
                    a8:da:85:38:fa:9d:ed:c3:61:3f:76:a2:63:4e:dd:
                    69:c8:50:7c:a1:ba:3c:93:50:e8:fd:97:ed:11:c3:
                    55:6e:7a:46:7a:66:cb:66:c9:af:91:09:6d:cc:3f:
                    a1:af:f3:b1:f3:80:5f:b2:36:61:ee:43:2c:df:59:
                    e9:f9:ad:33:a6:5e:9e:f7:0e:34:53:e2:f6:f6:be:
                    b5:07:32:70:40:14:d8:75:b5:63:e0:9b:5b:79:07:
                    3d:6b:3b:d9:bf:5e:e6:79:8e:cb:b0:5b:47:d0:4e:
                    f0:8e:d7:2d:57:83:a5:59:8c:17:86:5c:95:a0:1d:
                    fe:1b:a5:5b:a6:36:7c:f1:08:83:d6:5c:a4:80:5e:
                    0e:fb:1c:aa:1a:1d:3a:2a:00:f7:40:9b:f2:6e:4d:
                    9f:63:d7:4d:5c:86:37:38:41:5d:cc:1b:a5:fa:61:
                    06:91:16:67:25:01:49:e4:88:05:f1:fb:a6:11:ad:
                    55:38:8b:eb:98:63:59:4d:71:2f:1a:9a:f3:58:57:
                    5b:08:65:3f:2c:c7:c4:70:e9:a1:28:6e:d0:5c:69:
                    a1:db:ab:0b:c8:01:f8:6e:94:d4:71:b4:5c:83:ac:
                    4f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:77:89:DE:38:BC:1E:6D:85:9B:1B:5C:34:4E:B7:7A:D3:5F:02:5F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4f657815-9ff9-4402-8e59-74db07414844.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.43.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7a:5c:ad:d7:41:a9:5b:89:15:f7:fa:2c:32:6b:08:03:b3:ac:
         a8:9b:e0:ff:9a:ce:4c:50:f8:79:5b:2b:f4:5f:c9:2b:5f:ea:
         b9:cd:71:f5:9a:61:91:4d:a4:dd:af:82:80:cd:43:a9:8c:85:
         5e:53:9e:19:f2:25:f9:45:22:fd:99:de:b4:0a:a2:06:d0:b0:
         21:c2:3e:53:d9:70:6e:89:c2:16:9d:a3:07:16:ee:c7:dc:b3:
         54:be:1b:96:9d:a6:c6:5e:8b:6b:b0:38:fe:72:2e:30:12:d9:
         b8:d2:d2:a5:db:c2:18:a9:36:56:9b:94:3e:14:c0:18:07:9c:
         c0:e8:7c:41:d1:a4:7c:e7:b2:ed:ac:aa:88:44:e2:1f:ad:54:
         4a:b4:a9:b9:ef:a2:4f:03:6c:df:ca:d1:bd:d1:55:7a:66:c2:
         47:77:5d:42:15:51:01:0a:a2:5e:b3:9c:66:b9:15:43:d4:39:
         14:2b:64:33:ac:81:4a:63:bb:bf:5a:4f:c4:73:7a:3d:23:b7:
         7f:8c:83:86:7e:79:80:4e:2e:c6:9c:17:98:5d:85:1e:19:dc:
         28:ba:52:61:5d:77:21:f0:99:82:90:32:30:03:9c:b1:bd:b0:
         26:5d:a5:7c:39:90:f3:98:e2:ba:a8:f1:d6:20:dd:0a:76:c5:
         17:26:30:ec
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUClMM1NtEVurSCJDlkcmfQfY1aecwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDk4OTFiZjM0M2NhNGY4OWU1Nzc3OTcwNDg2MzA2ODJj
MDg5N2YwMmEyYjMyMjY1YTE3MDZmNWMzZmFmYjIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+4WLFyOmAe3xzFczmyac9PHPnOO/1zog273ABkKjahTj6
ne3DYT92omNO3WnIUHyhujyTUOj9l+0Rw1VuekZ6Zstmya+RCW3MP6Gv87HzgF+y
NmHuQyzfWen5rTOmXp73DjRT4vb2vrUHMnBAFNh1tWPgm1t5Bz1rO9m/XuZ5jsuw
W0fQTvCO1y1Xg6VZjBeGXJWgHf4bpVumNnzxCIPWXKSAXg77HKoaHToqAPdAm/Ju
TZ9j101chjc4QV3MG6X6YQaRFmclAUnkiAXx+6YRrVU4i+uYY1lNcS8amvNYV1sI
ZT8sx8Rw6aEobtBcaaHbqwvIAfhulNRxtFyDrE/VAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUGXeJ3ji8Hm2FmxtcNE63etNfAl8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRmNjU3ODE1LTlmZjktNDQwMi04ZTU5LTc0ZGIwNzQxNDg0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4KzANBgkqhkiG9w0BAQsFAAOCAQEAelyt10GpW4kV9/osMmsIA7OsqJvg
/5rOTFD4eVsr9F/JK1/quc1x9ZphkU2k3a+CgM1DqYyFXlOeGfIl+UUi/ZnetAqi
BtCwIcI+U9lwbonCFp2jBxbux9yzVL4blp2mxl6La7A4/nIuMBLZuNLSpdvCGKk2
VpuUPhTAGAecwOh8QdGkfOey7ayqiETiH61USrSpue+iTwNs38rRvdFVembCR3dd
QhVRAQqiXrOcZrkVQ9Q5FCtkM6yBSmO7v1pPxHN6PSO3f4yDhn55gE4uxpwXmF2F
HhncKLpSYV13IfCZgpAyMAOcsb2wJl2lfDmQ85jiuqjx1iDdCnbFFyYw7A==
-----END CERTIFICATE-----