Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a445471-61b1-4712-8591-4dec245edbea.roa
File:                     6a445471-61b1-4712-8591-4dec245edbea.roa (raw, json)
Hash identifier:          Jsn3vAjaYCGUuYxdeNLpRKg9G8Dud8lp1BJ1GQNJDPg=
Subject key identifier:   87:CE:32:62:21:1F:84:7B:0A:A5:C7:53:D3:83:85:68:72:3F:26:04
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       74397ABC917280FC86B0C4776009F85B68AA0B45
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a445471-61b1-4712-8591-4dec245edbea.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        13.154.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:39:7a:bc:91:72:80:fc:86:b0:c4:77:60:09:f8:5b:68:aa:0b:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=3452fd58a84d54eae116d3092a7a3d3a4f3bad1beefad2c911eaa9e9262ac00c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:31:e2:ce:36:99:1e:43:47:be:80:63:7b:27:
                    3b:27:ac:fa:39:f2:18:04:b3:80:0d:fb:f7:06:53:
                    0b:e9:e1:02:47:7e:bd:bc:7b:ad:10:83:8b:71:65:
                    dd:eb:e4:91:c3:33:b2:ea:9a:cc:87:6b:63:9b:82:
                    8b:15:74:05:95:b3:99:04:f4:00:10:09:70:c4:11:
                    3e:ea:0a:ee:6a:8e:49:41:a0:b7:0f:7d:6c:94:77:
                    09:a4:85:c7:66:78:b1:8c:f4:e4:0a:7a:4c:b9:8b:
                    c7:6e:14:f8:9c:42:2d:16:87:fe:91:b9:79:b6:25:
                    f4:9c:05:c6:ce:32:94:d7:10:07:da:48:2d:63:d5:
                    51:20:00:bb:d4:c7:dd:4c:65:b6:a3:0b:b1:37:b9:
                    d8:7e:1e:59:f3:a6:81:ee:84:38:3b:d3:ca:ca:65:
                    c3:c6:d5:38:34:58:3e:85:89:8e:69:d5:2d:f0:d9:
                    72:4e:47:81:c2:0b:da:37:2f:e1:cf:58:fd:2f:32:
                    6a:87:bb:d6:7a:7f:d3:08:fb:7e:d3:10:48:37:79:
                    51:e7:92:25:24:ef:c7:84:20:53:26:03:e3:07:30:
                    d5:e8:b5:21:56:b0:a2:19:23:77:14:fc:89:21:a0:
                    8c:38:b9:3f:18:65:4a:68:16:59:b5:48:62:4b:6b:
                    72:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:CE:32:62:21:1F:84:7B:0A:A5:C7:53:D3:83:85:68:72:3F:26:04
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a445471-61b1-4712-8591-4dec245edbea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.154.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         16:84:a3:be:77:12:e2:74:78:3b:cf:44:94:ba:cf:b5:3c:88:
         86:cb:67:66:47:19:ea:b4:23:89:2e:51:cd:bf:c1:69:b3:d9:
         ae:9c:d5:4c:60:15:a1:5d:51:72:7b:56:ce:2b:29:5c:52:75:
         29:37:59:79:43:b3:de:f4:d3:1f:a7:ca:86:00:fd:c7:40:57:
         fb:6d:d2:45:1b:53:fc:56:61:df:2e:d2:4f:bb:6a:7e:43:04:
         05:8f:21:37:01:2f:7f:a1:b3:de:b2:f6:96:bb:f6:d4:1c:95:
         42:82:c7:df:5b:5c:9e:43:f4:db:2a:b1:95:68:71:48:6d:90:
         16:f8:85:03:e5:af:19:a7:09:d7:2b:82:2e:1f:ea:f8:0a:57:
         8d:5a:77:bf:e2:d5:10:02:3e:95:b5:80:13:98:44:59:56:01:
         34:6e:57:d1:db:53:5d:a4:20:26:cc:b4:31:4d:9a:45:ee:42:
         33:8a:de:f4:5f:e4:ba:9f:3b:92:9e:d9:a8:c3:72:da:f2:37:
         4f:b2:e6:66:67:75:aa:67:ab:5c:f8:9e:0b:dc:38:d1:1a:26:
         60:5f:74:8d:46:c4:3a:ff:d4:ce:8a:2a:cd:94:be:98:b7:3f:
         2f:4c:51:b9:e5:c9:47:25:dc:1a:0c:de:25:af:07:50:7e:d1:
         d5:17:6d:17
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdDl6vJFygPyGsMR3YAn4W2iqC0UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNDUyZmQ1OGE4NGQ1NGVhZTExNmQzMDkyYTdhM2QzYTRm
M2JhZDFiZWVmYWQyYzkxMWVhYTllOTI2MmFjMDBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNMeLONpkeQ0e+gGN7JzsnrPo58hgEs4AN+/cGUwvp4QJH
fr28e60Qg4txZd3r5JHDM7LqmsyHa2ObgosVdAWVs5kE9AAQCXDEET7qCu5qjklB
oLcPfWyUdwmkhcdmeLGM9OQKeky5i8duFPicQi0Wh/6RuXm2JfScBcbOMpTXEAfa
SC1j1VEgALvUx91MZbajC7E3udh+HlnzpoHuhDg708rKZcPG1Tg0WD6FiY5p1S3w
2XJOR4HCC9o3L+HPWP0vMmqHu9Z6f9MI+37TEEg3eVHnkiUk78eEIFMmA+MHMNXo
tSFWsKIZI3cU/IkhoIw4uT8YZUpoFlm1SGJLa3JrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUh84yYiEfhHsKpcdT04OFaHI/JgQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZhNDQ1NDcxLTYxYjEtNDcxMi04NTkxLTRkZWMyNDVlZGJlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwANmjANBgkqhkiG9w0BAQsFAAOCAQEAFoSjvncS4nR4O89ElLrPtTyIhstn
ZkcZ6rQjiS5Rzb/BabPZrpzVTGAVoV1RcntWzispXFJ1KTdZeUOz3vTTH6fKhgD9
x0BX+23SRRtT/FZh3y7ST7tqfkMEBY8hNwEvf6Gz3rL2lrv21ByVQoLH31tcnkP0
2yqxlWhxSG2QFviFA+WvGacJ1yuCLh/q+ApXjVp3v+LVEAI+lbWAE5hEWVYBNG5X
0dtTXaQgJsy0MU2aRe5CM4re9F/kup87kp7ZqMNy2vI3T7LmZmd1qmerXPieC9w4
0RomYF90jUbEOv/UzooqzZS+mLc/L0xRueXJRyXcGgzeJa8HUH7R1RdtFw==
-----END CERTIFICATE-----