Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60f7e199-6b4c-4f79-8eed-8bac621e1468.roa
File:                     60f7e199-6b4c-4f79-8eed-8bac621e1468.roa (raw, json)
Hash identifier:          HPgxoAc0vPPQyz/QOpFCz2jmp98dWrvQQPs8KovjExY=
Subject key identifier:   40:F1:FB:28:D7:62:3F:1D:1F:50:B7:63:D3:55:48:B2:DD:50:AE:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       282BD93B0BBE037BA9035E1F14AEFD632D5F72D2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60f7e199-6b4c-4f79-8eed-8bac621e1468.roa
Signing time:             Tue 17 Dec 2024 00:00:00 +0000
ROA not before:           Tue 17 Dec 2024 00:00:00 +0000
ROA not after:            Tue 21 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        5.60.180.0/22 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:2b:d9:3b:0b:be:03:7b:a9:03:5e:1f:14:ae:fd:63:2d:5f:72:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 17 00:00:00 2024 GMT
            Not After : Jan 21 23:59:59 2025 GMT
        Subject: serialNumber=2336f7f61d9d46ffa752d53020d0c26ed60b54f42759af2f705c06cbae2242cb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:14:25:29:ab:1f:f8:79:7d:53:3f:a3:7e:c9:
                    44:72:ca:41:0b:ae:e9:a7:0a:96:af:f8:f0:0a:90:
                    1d:6e:71:22:9c:35:d8:52:39:ac:8b:d3:fb:97:35:
                    2e:b8:80:18:50:f9:d9:4d:1a:de:fa:a4:cd:bb:df:
                    81:94:d2:8c:26:2f:97:61:41:a3:7b:94:91:b3:85:
                    c6:85:f6:c6:2b:96:ab:4e:5b:10:ad:63:3f:b4:e0:
                    a1:92:b0:17:bf:b8:9c:8c:18:7b:1f:a2:f0:ff:17:
                    b1:48:b9:45:12:66:43:33:9c:5d:1f:b8:8d:50:c8:
                    cd:12:55:40:23:fb:06:7d:47:68:bc:0e:73:db:86:
                    44:ef:bb:9b:90:d7:4d:3f:0f:e9:54:c9:7c:e6:39:
                    e8:9b:ca:5d:59:0d:e4:ee:93:89:59:fb:92:f5:8f:
                    bc:34:15:28:00:07:be:bc:68:98:c5:d6:99:f9:9a:
                    d6:5f:8f:fc:43:6a:c4:5e:17:af:25:3f:ca:e5:d5:
                    5b:39:6e:97:cb:fb:95:78:15:0e:e4:15:6f:dc:b0:
                    c6:a2:ab:4e:1c:40:96:ef:64:d2:79:b9:39:be:db:
                    94:82:83:84:18:78:43:11:cb:7a:44:af:e5:31:01:
                    cf:c3:dc:81:06:25:ec:72:0a:db:85:ee:6c:43:b1:
                    17:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:F1:FB:28:D7:62:3F:1D:1F:50:B7:63:D3:55:48:B2:DD:50:AE:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60f7e199-6b4c-4f79-8eed-8bac621e1468.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.60.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:08:ed:4d:8f:32:d8:c6:70:3b:bf:cf:27:42:90:5e:e8:2e:
         6c:51:c3:a6:e1:a9:fe:83:61:ba:78:22:f0:51:11:64:20:6f:
         a0:00:67:70:d9:c8:f6:dd:1e:fa:e3:bc:4d:f2:2c:4e:9c:f4:
         08:dd:2d:d7:09:fe:46:14:03:a9:81:c2:d1:30:da:a2:66:4b:
         3b:de:23:fd:b6:04:1c:fa:a8:96:85:d9:b0:ea:35:dd:d1:85:
         39:7a:c9:62:f9:9e:e5:10:a2:45:09:61:8a:94:98:72:13:c0:
         6c:7b:a7:f7:2d:bc:8c:88:86:7f:2c:2f:41:4f:1d:fe:de:bb:
         9f:6e:4e:6e:ef:38:7d:8e:5a:09:b8:1d:39:6f:49:c2:17:4c:
         b8:53:18:18:5b:5c:39:bd:9c:98:36:c8:e5:31:95:99:26:af:
         a7:32:b4:c2:d9:f7:dc:fb:f9:78:e6:ac:15:ee:c8:4a:fb:2f:
         29:f1:92:f9:3c:21:84:7d:3c:67:29:3f:13:64:7b:4a:dc:53:
         f3:a5:9b:62:74:5f:01:b5:20:77:88:ea:6d:37:79:67:38:3c:
         7a:fe:92:4c:71:48:70:8c:3e:50:5a:ee:9a:cd:42:68:f6:1a:
         be:bf:f1:3e:23:93:ee:ae:3c:a1:b6:7b:a1:45:67:d3:46:6c:
         f8:36:3e:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKCvZOwu+A3upA14fFK79Yy1fctIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjE3MDAwMDAwWhcNMjUwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMzM2ZjdmNjFkOWQ0NmZmYTc1MmQ1MzAyMGQwYzI2ZWQ2
MGI1NGY0Mjc1OWFmMmY3MDVjMDZjYmFlMjI0MmNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbFCUpqx/4eX1TP6N+yURyykELrumnCpav+PAKkB1ucSKc
NdhSOayL0/uXNS64gBhQ+dlNGt76pM2734GU0owmL5dhQaN7lJGzhcaF9sYrlqtO
WxCtYz+04KGSsBe/uJyMGHsfovD/F7FIuUUSZkMznF0fuI1QyM0SVUAj+wZ9R2i8
DnPbhkTvu5uQ100/D+lUyXzmOeibyl1ZDeTuk4lZ+5L1j7w0FSgAB768aJjF1pn5
mtZfj/xDasReF68lP8rl1Vs5bpfL+5V4FQ7kFW/csMaiq04cQJbvZNJ5uTm+25SC
g4QYeEMRy3pEr+UxAc/D3IEGJexyCtuF7mxDsRdrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQPH7KNdiPx0fULdj01VIst1QrnIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwZjdlMTk5LTZiNGMtNGY3OS04ZWVkLThiYWM2MjFlMTQ2OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIFPLQwDQYJKoZIhvcNAQELBQADggEBACAI7U2PMtjGcDu/zydCkF7oLmxR
w6bhqf6DYbp4IvBREWQgb6AAZ3DZyPbdHvrjvE3yLE6c9AjdLdcJ/kYUA6mBwtEw
2qJmSzveI/22BBz6qJaF2bDqNd3RhTl6yWL5nuUQokUJYYqUmHITwGx7p/ctvIyI
hn8sL0FPHf7eu59uTm7vOH2OWgm4HTlvScIXTLhTGBhbXDm9nJg2yOUxlZkmr6cy
tMLZ99z7+XjmrBXuyEr7Lynxkvk8IYR9PGcpPxNke0rcU/Olm2J0XwG1IHeI6m03
eWc4PHr+kkxxSHCMPlBa7prNQmj2Gr6/8T4jk+6uPKG2e6FFZ9NGbPg2Po4=
-----END CERTIFICATE-----