Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7803a2a0-363a-49b4-8df1-4c0f872f565c.roa
File:                     7803a2a0-363a-49b4-8df1-4c0f872f565c.roa (raw, json)
Hash identifier:          eWzY0Fk57oKU/RJSQ4x94HrC4mTLj9HxhnED9H7bHVY=
Subject key identifier:   F7:3F:15:72:4F:8A:25:06:FC:54:1E:6E:AD:AD:E9:E3:83:53:4D:26
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       60F6F20EC8E35D7E2C4D0449B291029BB7A3FCC7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7803a2a0-363a-49b4-8df1-4c0f872f565c.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.187.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:f6:f2:0e:c8:e3:5d:7e:2c:4d:04:49:b2:91:02:9b:b7:a3:fc:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=c80afe1d41a1430bfaf7cec13b392ea93913503939bc2e85c1b79afa9d70ead3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f0:e9:60:13:52:04:c2:f8:66:a6:57:79:47:
                    27:44:8c:4d:e2:76:f1:02:f0:b2:0b:21:51:a5:1f:
                    83:4f:c3:06:98:3d:1b:db:96:f7:36:9c:1d:80:a3:
                    b6:a3:44:e7:91:06:57:68:82:2e:be:d2:2c:de:7d:
                    cf:9f:1d:3a:ad:84:f9:b5:c5:11:4c:ef:1e:b5:43:
                    68:97:33:7c:cc:4e:90:f5:85:9d:29:73:af:01:5b:
                    70:1c:94:92:3e:fc:7e:c0:78:0c:6a:84:61:64:67:
                    87:ee:0d:02:31:9d:4e:b3:3f:dc:c6:8f:ec:75:e8:
                    59:c5:fb:7c:f7:f6:83:2d:87:54:7a:62:e1:37:05:
                    6c:80:5e:0c:5b:5f:5a:be:58:a1:2f:ed:3e:10:41:
                    54:b6:8b:5a:02:70:3d:6e:6c:e7:9d:0f:b3:35:ea:
                    85:76:db:87:f5:0a:05:8f:fe:b4:db:26:ec:a0:0b:
                    e4:ef:b9:63:bf:28:24:41:65:0b:b8:fd:da:97:30:
                    0c:d0:cc:a8:81:80:47:9f:42:ac:35:14:44:28:f7:
                    f5:06:62:1a:e0:99:20:5f:da:c5:61:41:a1:6b:ec:
                    80:a6:3c:78:21:45:ef:3b:81:ec:53:88:11:a9:6a:
                    a6:72:36:c6:94:91:11:37:83:c9:02:d1:b1:32:cc:
                    7d:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:3F:15:72:4F:8A:25:06:FC:54:1E:6E:AD:AD:E9:E3:83:53:4D:26
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7803a2a0-363a-49b4-8df1-4c0f872f565c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.187.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         01:4c:62:87:d7:d0:e5:7c:10:40:c8:88:e5:e0:a6:25:6e:45:
         00:ed:ef:0b:45:d5:50:93:d5:b4:d5:37:e8:17:4a:5f:9e:3a:
         a0:c3:b5:1f:a9:12:64:e1:9d:53:3e:e3:08:24:ec:a3:08:9f:
         9e:4c:33:23:e4:41:98:67:86:6a:c3:0a:fa:99:67:95:ec:8e:
         11:ed:43:58:e2:8c:a4:27:ec:be:c3:91:7a:4d:ff:1c:67:d3:
         fa:16:90:35:6a:46:0d:69:24:01:29:ee:8d:4b:5e:7b:85:89:
         ec:24:3c:36:4a:e3:68:a5:e2:b9:94:0b:b3:dc:8b:08:3c:01:
         42:5f:25:87:3d:97:7f:73:dd:4a:5e:80:44:17:b6:97:4f:1c:
         0a:70:d7:b2:9f:d8:54:9a:25:98:09:af:00:38:d7:d4:8d:13:
         73:d0:d5:bf:9d:77:cf:c7:a8:96:d3:d6:33:92:5f:8f:35:0a:
         35:97:55:6b:2b:01:1f:3b:00:91:0c:5d:7a:a7:25:01:ec:86:
         a6:05:aa:56:eb:a3:11:9d:22:a4:be:24:8d:a6:ca:f4:66:fd:
         a0:6f:95:40:66:62:de:d1:9d:93:94:44:0f:23:db:fb:ea:39:
         11:fe:6a:48:9c:d9:ec:8a:41:d8:81:6e:7d:6b:21:48:6c:3b:
         12:23:24:a6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYPbyDsjjXX4sTQRJspECm7ej/McwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjODBhZmUxZDQxYTE0MzBiZmFmN2NlYzEzYjM5MmVhOTM5
MTM1MDM5MzliYzJlODVjMWI3OWFmYTlkNzBlYWQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL8OlgE1IEwvhmpld5RydEjE3idvEC8LILIVGlH4NPwwaY
PRvblvc2nB2Ao7ajROeRBldogi6+0izefc+fHTqthPm1xRFM7x61Q2iXM3zMTpD1
hZ0pc68BW3AclJI+/H7AeAxqhGFkZ4fuDQIxnU6zP9zGj+x16FnF+3z39oMth1R6
YuE3BWyAXgxbX1q+WKEv7T4QQVS2i1oCcD1ubOedD7M16oV224f1CgWP/rTbJuyg
C+TvuWO/KCRBZQu4/dqXMAzQzKiBgEefQqw1FEQo9/UGYhrgmSBf2sVhQaFr7ICm
PHghRe87gexTiBGpaqZyNsaUkRE3g8kC0bEyzH3JAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9z8Vck+KJQb8VB5ura3p44NTTSYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc4MDNhMmEwLTM2M2EtNDliNC04ZGYxLTRjMGY4NzJmNTY1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4uzANBgkqhkiG9w0BAQsFAAOCAQEAAUxih9fQ5XwQQMiI5eCmJW5FAO3v
C0XVUJPVtNU36BdKX546oMO1H6kSZOGdUz7jCCTsowifnkwzI+RBmGeGasMK+pln
leyOEe1DWOKMpCfsvsORek3/HGfT+haQNWpGDWkkASnujUtee4WJ7CQ8NkrjaKXi
uZQLs9yLCDwBQl8lhz2Xf3PdSl6ARBe2l08cCnDXsp/YVJolmAmvADjX1I0Tc9DV
v513z8eoltPWM5JfjzUKNZdVaysBHzsAkQxdeqclAeyGpgWqVuujEZ0ipL4kjabK
9Gb9oG+VQGZi3tGdk5REDyPb++o5Ef5qSJzZ7IpB2IFufWshSGw7EiMkpg==
-----END CERTIFICATE-----