Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7836a783-e9c3-46a0-841f-a6b3de57f611.roa
File:                     7836a783-e9c3-46a0-841f-a6b3de57f611.roa (raw, json)
Hash identifier:          xHCvnk2w0YesE75LSDWVLuqcBUi/OPab3gARKE0vPDE=
Subject key identifier:   13:8C:0F:0B:02:7D:FA:BB:DF:3B:4B:7E:E5:4F:7D:51:5E:59:E9:9A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46959FD01EF64BF91233EBE4DC69C86C78600AAD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7836a783-e9c3-46a0-841f-a6b3de57f611.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:10c0::/46 maxlen: 46
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:95:9f:d0:1e:f6:4b:f9:12:33:eb:e4:dc:69:c8:6c:78:60:0a:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=9b019bb48ecf70ae2ce6c2bfeb726e0ef2b6dc970187a5f13c1586666aebf7c3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:3b:7c:e6:8b:54:c3:b9:b1:e7:86:a6:53:5d:
                    fa:82:95:e5:04:d8:70:b5:0c:ef:a4:62:7d:a6:c4:
                    8d:2c:8e:03:cc:d4:a2:f5:df:db:b5:4b:3e:9b:99:
                    0f:7c:e2:8a:d1:0e:64:8a:1f:0f:37:6d:3a:c8:60:
                    1c:c1:29:a2:63:8f:f5:0e:46:4f:c0:47:d4:e0:a4:
                    a6:a7:81:b0:7b:c2:10:3c:ab:e6:6d:d9:04:6c:00:
                    c6:59:50:0b:7d:7a:3a:db:83:d0:cf:a3:e9:ea:9f:
                    3b:da:07:ef:cd:37:57:e8:f8:39:69:23:20:75:ba:
                    f6:75:a8:33:49:05:28:d7:07:ab:af:82:a3:6d:35:
                    92:15:01:b2:d1:9a:f0:70:f5:33:95:cb:58:01:ed:
                    75:1c:39:15:40:a5:3c:fe:87:5a:f4:85:4e:ff:ed:
                    ed:d6:4b:f6:cf:6c:9f:8e:9b:d6:6d:11:06:c7:73:
                    9c:49:6e:46:f3:16:cb:f7:4d:45:5a:b6:3d:df:fa:
                    85:b4:62:5b:76:94:bf:02:c3:a5:c6:04:43:91:40:
                    47:7f:0c:6a:b1:11:bc:98:c3:bb:21:d0:8d:90:31:
                    fa:9c:18:b1:6d:51:4f:a0:a8:15:31:7f:c3:84:f3:
                    e9:25:e0:1d:ef:29:ad:d4:ca:bd:ee:fb:46:c0:f7:
                    98:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:8C:0F:0B:02:7D:FA:BB:DF:3B:4B:7E:E5:4F:7D:51:5E:59:E9:9A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7836a783-e9c3-46a0-841f-a6b3de57f611.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:10c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         82:7e:b2:a5:59:ca:3f:aa:c9:58:af:78:9b:8f:8d:e0:8e:fe:
         8a:bd:c9:4e:8b:01:f7:34:27:51:47:76:f1:22:76:c3:13:67:
         36:90:04:9c:f8:67:ad:c1:4e:e1:52:15:e9:3b:84:f0:f7:4c:
         60:e8:4e:2b:17:4e:75:b1:eb:76:86:11:5d:ec:62:b2:e1:f3:
         60:6a:d1:dd:0d:cc:1d:87:8c:05:13:1d:ff:14:84:18:34:fc:
         ed:60:f6:ce:6e:0e:da:67:51:bd:69:ee:ec:f6:36:ea:e4:54:
         37:8a:c9:8d:69:5e:46:91:31:30:4a:2a:e9:64:1f:6d:60:64:
         17:e9:65:7d:c6:fb:6e:8c:19:00:ee:4f:20:47:b4:6f:f8:01:
         1f:33:ed:c2:06:d0:b9:d6:6c:03:dc:23:8b:cf:ce:5a:c3:d8:
         d6:62:ff:19:ba:ad:a6:ba:dd:82:75:80:4a:bc:e3:62:af:54:
         b8:ba:4e:ab:80:87:17:0e:ca:ea:51:38:a6:69:82:8d:48:73:
         8f:26:5c:2b:b6:cc:01:37:d3:26:7e:4a:d7:98:16:1c:73:2b:
         94:ad:c9:63:bc:40:44:17:c4:d1:b6:91:a0:6c:db:8b:e9:1f:
         0a:ed:29:65:83:7e:b4:b5:85:c2:24:32:22:88:b7:04:2d:62:
         7f:de:7c:ff
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURpWf0B72S/kSM+vk3GnIbHhgCq0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YjAxOWJiNDhlY2Y3MGFlMmNlNmMyYmZlYjcyNmUwZWYy
YjZkYzk3MDE4N2E1ZjEzYzE1ODY2NjZhZWJmN2MzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8O3zmi1TDubHnhqZTXfqCleUE2HC1DO+kYn2mxI0sjgPM
1KL139u1Sz6bmQ984orRDmSKHw83bTrIYBzBKaJjj/UORk/AR9TgpKangbB7whA8
q+Zt2QRsAMZZUAt9ejrbg9DPo+nqnzvaB+/NN1fo+DlpIyB1uvZ1qDNJBSjXB6uv
gqNtNZIVAbLRmvBw9TOVy1gB7XUcORVApTz+h1r0hU7/7e3WS/bPbJ+Om9ZtEQbH
c5xJbkbzFsv3TUVatj3f+oW0Ylt2lL8Cw6XGBEORQEd/DGqxEbyYw7sh0I2QMfqc
GLFtUU+gqBUxf8OE8+kl4B3vKa3Uyr3u+0bA95hXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUE4wPCwJ9+rvfO0t+5U99UV5Z6ZowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc4MzZhNzgzLWU5YzMtNDZhMC04NDFmLWE2YjNkZTU3ZjYxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9gEMAwDQYJKoZIhvcNAQELBQADggEBAIJ+sqVZyj+qyViveJuPjeCO
/oq9yU6LAfc0J1FHdvEidsMTZzaQBJz4Z63BTuFSFek7hPD3TGDoTisXTnWx63aG
EV3sYrLh82Bq0d0NzB2HjAUTHf8UhBg0/O1g9s5uDtpnUb1p7uz2NurkVDeKyY1p
XkaRMTBKKulkH21gZBfpZX3G+26MGQDuTyBHtG/4AR8z7cIG0LnWbAPcI4vPzlrD
2NZi/xm6raa63YJ1gEq842KvVLi6TquAhxcOyupROKZpgo1Ic48mXCu2zAE30yZ+
SteYFhxzK5StyWO8QEQXxNG2kaBs24vpHwrtKWWDfrS1hcIkMiKItwQtYn/efP8=
-----END CERTIFICATE-----