Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7fae9f91-639c-4c55-a31e-3bd2c8f579b9.roa
File:                     7fae9f91-639c-4c55-a31e-3bd2c8f579b9.roa (raw, json)
Hash identifier:          /cILPGsn6dDiJPIiMRai9cM8AgRXnSHDMFjA6sIFJiY=
Subject key identifier:   AC:E4:12:A3:21:58:76:94:1D:84:B3:C1:8C:5E:82:20:5C:59:00:8F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1AB0B9B2E8891D444FD4A0006D3D417F1FC0FDC4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7fae9f91-639c-4c55-a31e-3bd2c8f579b9.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.209.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:b0:b9:b2:e8:89:1d:44:4f:d4:a0:00:6d:3d:41:7f:1f:c0:fd:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: serialNumber=00697357c3e256194215c7a8b6e39743140ae9227fc7e9835c4411fe138d1b52, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d9:5c:6a:18:1b:de:ff:9b:01:34:5f:cc:8b:
                    bc:89:43:d2:54:b0:31:67:b9:19:b0:37:a6:fb:ce:
                    f4:23:2e:f9:fb:d4:f4:bd:27:53:e0:ac:46:1e:c8:
                    07:a6:eb:ff:22:10:c1:d3:b7:b3:f4:9a:b2:17:db:
                    f9:03:d9:f9:a9:f6:86:d2:5b:fd:a1:b4:11:43:bb:
                    8c:6a:35:99:d9:a2:b0:18:cc:88:59:3d:26:55:7f:
                    52:50:22:99:2c:5d:db:f2:df:3b:6a:0a:28:38:d1:
                    4f:e4:56:c8:8f:f7:3c:19:e8:e4:af:2b:7a:9c:1c:
                    bf:ec:c9:0d:73:f3:43:21:a7:85:3c:7a:98:4e:ab:
                    3b:d5:df:ac:c0:2d:9c:f8:df:4a:7d:c9:48:bb:61:
                    9a:d6:65:01:9e:90:b3:26:4e:3a:2b:ba:ad:3c:77:
                    43:69:82:26:61:39:c3:ba:8d:29:13:e4:25:c3:32:
                    01:8f:3a:7d:a3:2c:e0:58:24:cd:4a:4c:cd:43:ad:
                    a9:e6:5f:db:c3:21:99:d9:09:71:b2:41:b0:10:8b:
                    ae:95:9d:cb:05:15:2e:dc:8a:95:1c:88:3c:05:b4:
                    3f:ac:09:79:8c:da:c4:fa:c4:d2:36:36:6c:a2:34:
                    59:58:eb:37:7b:b6:31:c3:59:b7:3d:cc:74:73:46:
                    ce:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:E4:12:A3:21:58:76:94:1D:84:B3:C1:8C:5E:82:20:5C:59:00:8F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7fae9f91-639c-4c55-a31e-3bd2c8f579b9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.209.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         35:eb:a8:c7:5b:bc:71:12:e5:a7:c0:3f:04:5f:ec:ba:bc:3b:
         4f:fe:ab:89:a6:f4:f4:bc:19:e8:94:c2:89:3f:02:ae:58:8e:
         ca:36:3e:eb:b3:82:41:41:1b:82:4e:62:20:b0:ac:ef:93:66:
         cf:1a:66:cb:0d:ec:93:83:05:fd:90:4e:de:12:66:62:38:cf:
         64:ed:6c:91:aa:a1:4e:4b:ae:d9:f2:42:0b:a3:6e:76:7a:8f:
         9b:c9:d5:25:fb:64:10:76:6c:0a:0e:5f:9f:87:72:08:94:d3:
         6b:59:f5:09:35:2f:28:a4:9c:c5:58:70:6a:9b:8f:fe:b0:2e:
         e3:01:d3:e0:9e:12:9e:61:e8:d9:3f:0f:5b:6a:3c:1c:38:69:
         df:2a:f3:d1:44:40:f2:5c:a5:ce:49:87:b3:d1:db:60:a7:45:
         0f:45:e5:fd:4f:69:62:f2:18:f8:ee:ef:8b:a1:11:00:61:db:
         c6:d8:51:21:b7:53:74:be:77:18:93:f6:d1:65:1b:ca:61:a4:
         d9:de:e8:29:e0:c1:ed:d3:76:6a:a3:93:e6:a2:07:c4:9f:be:
         83:ec:32:96:13:90:01:b0:0a:61:8d:18:c4:81:46:6e:63:3d:
         82:8d:fe:93:c6:8c:e9:25:4e:a7:f8:ae:45:d6:69:62:b8:d0:
         b5:86:90:c9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGrC5suiJHURP1KAAbT1Bfx/A/cQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDY5NzM1N2MzZTI1NjE5NDIxNWM3YThiNmUzOTc0MzE0
MGFlOTIyN2ZjN2U5ODM1YzQ0MTFmZTEzOGQxYjUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCp2VxqGBve/5sBNF/Mi7yJQ9JUsDFnuRmwN6b7zvQjLvn7
1PS9J1PgrEYeyAem6/8iEMHTt7P0mrIX2/kD2fmp9obSW/2htBFDu4xqNZnZorAY
zIhZPSZVf1JQIpksXdvy3ztqCig40U/kVsiP9zwZ6OSvK3qcHL/syQ1z80Mhp4U8
ephOqzvV36zALZz430p9yUi7YZrWZQGekLMmTjoruq08d0NpgiZhOcO6jSkT5CXD
MgGPOn2jLOBYJM1KTM1DranmX9vDIZnZCXGyQbAQi66VncsFFS7cipUciDwFtD+s
CXmM2sT6xNI2NmyiNFlY6zd7tjHDWbc9zHRzRs6pAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUrOQSoyFYdpQdhLPBjF6CIFxZAI8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdmYWU5ZjkxLTYzOWMtNGM1NS1hMzFlLTNiZDJjOGY1NzliOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA40TANBgkqhkiG9w0BAQsFAAOCAQEANeuox1u8cRLlp8A/BF/surw7T/6r
iab09LwZ6JTCiT8CrliOyjY+67OCQUEbgk5iILCs75Nmzxpmyw3sk4MF/ZBO3hJm
YjjPZO1skaqhTkuu2fJCC6NudnqPm8nVJftkEHZsCg5fn4dyCJTTa1n1CTUvKKSc
xVhwapuP/rAu4wHT4J4SnmHo2T8PW2o8HDhp3yrz0URA8lylzkmHs9HbYKdFD0Xl
/U9pYvIY+O7vi6ERAGHbxthRIbdTdL53GJP20WUbymGk2d7oKeDB7dN2aqOT5qIH
xJ++g+wylhOQAbAKYY0YxIFGbmM9go3+k8aM6SVOp/iuRdZpYrjQtYaQyQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:31:26 2025 by rpki-client