Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/56406bba-497c-49e2-95fc-66276fc59fb7.roa
File:                     56406bba-497c-49e2-95fc-66276fc59fb7.roa (raw, json)
Hash identifier:          CyzHlFuk6kfb67vtvMLV4vv86XM0YwjIohWWUDNtg4k=
Subject key identifier:   04:AE:D6:9D:61:F9:5A:4B:D8:E0:13:87:1F:1F:06:B3:06:FD:DC:52
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3EB18C12AB6E7FE21BFB57FD852FA3016980C9B8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/56406bba-497c-49e2-95fc-66276fc59fb7.roa
Signing time:             Sat 04 Jan 2025 00:00:00 +0000
ROA not before:           Sat 04 Jan 2025 00:00:00 +0000
ROA not after:            Sat 08 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.250.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:b1:8c:12:ab:6e:7f:e2:1b:fb:57:fd:85:2f:a3:01:69:80:c9:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  4 00:00:00 2025 GMT
            Not After : Feb  8 23:59:59 2025 GMT
        Subject: serialNumber=c7ee47f343ebc205642653da83cd985cd195a1dd73fb50a43526a6652b4e177b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:29:38:b8:14:63:2b:31:f3:31:b6:c7:22:34:
                    bc:a1:16:83:40:19:cf:b3:a8:c8:d9:8f:ae:98:9d:
                    ae:08:f1:1d:1d:cf:8d:73:32:a6:5e:64:f5:ca:fc:
                    57:15:c3:ac:78:20:01:cf:98:32:3e:59:8a:21:2b:
                    3d:2b:e0:61:5e:ad:eb:8b:6a:11:f0:98:dc:31:52:
                    bf:71:89:4a:e1:3d:be:d7:1b:6e:1c:8b:2d:ec:2c:
                    fe:38:f3:8f:bb:4a:f8:03:ab:df:d9:2f:42:f5:3e:
                    10:30:8c:10:a3:71:6f:4e:91:a0:f3:b7:9d:7c:db:
                    f8:3e:fb:ad:ca:a7:62:ba:38:84:47:93:0c:24:23:
                    d4:a6:c9:de:ef:66:23:61:8f:aa:c1:1d:f0:3c:f7:
                    03:d7:53:91:b8:e2:9e:f6:b0:8d:61:37:06:d0:ec:
                    7a:16:18:f3:83:3b:5c:f7:7e:aa:e1:35:ba:f7:03:
                    2e:ba:ec:86:b8:05:48:68:f0:89:15:47:68:ba:82:
                    6a:20:24:23:e0:d1:4b:b1:3d:34:82:a7:74:04:01:
                    5d:a7:c1:30:77:5f:24:0f:56:8a:7c:5f:a2:24:27:
                    96:39:0e:b0:18:f2:d0:4b:8a:8b:07:0c:0b:30:a7:
                    2c:4e:34:08:fc:c3:ed:17:ba:79:b3:df:ee:9e:92:
                    e1:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:AE:D6:9D:61:F9:5A:4B:D8:E0:13:87:1F:1F:06:B3:06:FD:DC:52
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/56406bba-497c-49e2-95fc-66276fc59fb7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.250.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c8:79:c1:fc:a3:66:c8:94:82:31:62:d5:da:4a:66:a5:74:09:
         a2:7e:b0:64:8f:69:f8:cb:27:8d:0a:50:96:a5:95:fe:2e:93:
         55:cc:98:86:1d:c0:30:f6:f2:ca:44:6c:76:48:2e:fe:8a:3b:
         11:cd:6c:3e:72:0d:61:db:96:dd:7f:71:9a:2f:ef:d3:2e:4a:
         85:6d:b2:d6:8e:63:9a:65:65:45:04:59:a3:b5:0c:48:bf:a3:
         92:21:62:ae:37:a0:c8:9f:a6:50:0e:05:3e:3c:99:bf:4d:2a:
         d0:58:db:f7:38:4d:5d:c6:57:e9:9c:4e:b2:54:86:01:13:b9:
         fc:09:42:37:dd:8a:7a:86:bf:f9:ba:22:81:9f:7f:99:a9:e8:
         d4:bf:57:a6:8a:bb:a5:b4:a5:03:54:ff:95:e7:46:2b:7a:0e:
         cf:52:c1:65:f3:d8:d9:47:80:cd:06:4f:b0:e1:12:13:98:c1:
         3f:9d:ef:6e:cd:9c:8e:e5:f2:2f:0f:df:39:aa:92:79:4e:66:
         77:cb:84:12:1b:76:b9:08:f6:e2:74:09:85:1c:89:57:e5:3e:
         be:cb:de:44:80:d7:bd:e6:56:ec:29:1a:24:1c:22:95:95:67:
         96:dc:5c:f3:01:75:68:16:49:62:50:4c:87:09:40:16:43:09:
         db:1e:bf:2d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPrGMEqtuf+Ib+1f9hS+jAWmAybgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjN2VlNDdmMzQzZWJjMjA1NjQyNjUzZGE4M2NkOTg1Y2Qx
OTVhMWRkNzNmYjUwYTQzNTI2YTY2NTJiNGUxNzdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZKTi4FGMrMfMxtsciNLyhFoNAGc+zqMjZj66Yna4I8R0d
z41zMqZeZPXK/FcVw6x4IAHPmDI+WYohKz0r4GFereuLahHwmNwxUr9xiUrhPb7X
G24ciy3sLP4484+7SvgDq9/ZL0L1PhAwjBCjcW9OkaDzt5182/g++63Kp2K6OIRH
kwwkI9Smyd7vZiNhj6rBHfA89wPXU5G44p72sI1hNwbQ7HoWGPODO1z3fqrhNbr3
Ay667Ia4BUho8IkVR2i6gmogJCPg0UuxPTSCp3QEAV2nwTB3XyQPVop8X6IkJ5Y5
DrAY8tBLiosHDAswpyxONAj8w+0Xunmz3+6ekuGPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBK7WnWH5WkvY4BOHHx8Gswb93FIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU2NDA2YmJhLTQ5N2MtNDllMi05NWZjLTY2Mjc2ZmM1OWZiNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4+jANBgkqhkiG9w0BAQsFAAOCAQEAyHnB/KNmyJSCMWLV2kpmpXQJon6w
ZI9p+MsnjQpQlqWV/i6TVcyYhh3AMPbyykRsdkgu/oo7Ec1sPnINYduW3X9xmi/v
0y5KhW2y1o5jmmVlRQRZo7UMSL+jkiFirjegyJ+mUA4FPjyZv00q0Fjb9zhNXcZX
6ZxOslSGARO5/AlCN92Keoa/+boigZ9/mano1L9Xpoq7pbSlA1T/ledGK3oOz1LB
ZfPY2UeAzQZPsOESE5jBP53vbs2cjuXyLw/fOaqSeU5md8uEEht2uQj24nQJhRyJ
V+U+vsveRIDXveZW7CkaJBwilZVnltxc8wF1aBZJYlBMhwlAFkMJ2x6/LQ==
-----END CERTIFICATE-----