Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/83112f49-230e-4af8-abdc-ddcc9f9f0c19.roa
File:                     83112f49-230e-4af8-abdc-ddcc9f9f0c19.roa (raw, json)
Hash identifier:          AkrTsje8sMvJg/Pb5TZkIwKbhRwkPf5FN1WUG+jdhSM=
Subject key identifier:   6A:44:6D:E7:BC:E5:49:23:D1:B2:45:78:A4:AA:90:16:E8:4A:AD:5D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3AB9885088B9075C35CC6654B056EDDE75EE813A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/83112f49-230e-4af8-abdc-ddcc9f9f0c19.roa
Signing time:             Wed 15 Jan 2025 00:00:00 +0000
ROA not before:           Wed 15 Jan 2025 00:00:00 +0000
ROA not after:            Wed 19 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        104.144.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:b9:88:50:88:b9:07:5c:35:cc:66:54:b0:56:ed:de:75:ee:81:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 15 00:00:00 2025 GMT
            Not After : Feb 19 23:59:59 2025 GMT
        Subject: serialNumber=e70992039e4f06de84a38eccfd7c5a6d5a3034051cf5292dc4f7d86251e0a107, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:73:f5:fd:a1:8f:27:cb:9e:70:f7:d3:a7:64:
                    da:39:48:c1:69:82:eb:3e:d1:1b:52:a5:b4:79:54:
                    c9:c4:9d:f5:f8:02:6f:2e:6e:12:3e:9e:82:f4:f4:
                    67:2a:68:83:4e:ad:77:64:a8:4f:7e:98:01:e9:40:
                    7c:0e:d7:39:c9:b9:a9:dc:fa:f9:db:b2:4e:1b:b7:
                    e2:bb:b9:04:c5:69:11:0b:ba:62:da:15:10:a7:e9:
                    3d:8c:10:bb:7f:4a:81:3c:13:80:f3:ea:14:16:10:
                    69:f7:9d:46:6c:60:1a:b2:b5:94:7d:be:48:d5:5d:
                    23:f6:62:ec:9f:95:6b:bc:b0:6a:ed:d6:42:e2:ca:
                    e0:78:da:cb:88:bb:aa:85:46:ff:0c:0b:19:6f:6b:
                    92:6d:dc:05:8c:74:e1:da:03:f9:1d:25:e9:9c:33:
                    ae:c4:8d:28:52:ca:bc:52:14:0d:62:ef:d5:b2:ee:
                    12:93:c3:fb:27:23:df:2e:c3:6d:e7:b5:41:0f:51:
                    f5:1a:7c:74:d7:b2:21:9c:c0:bb:0f:91:c5:79:18:
                    0c:b8:12:a5:d9:ed:84:a5:78:54:3d:6d:c0:07:ca:
                    13:67:a1:07:59:bf:fe:e9:60:d5:b1:2b:d7:1d:36:
                    71:4f:f2:35:76:66:ab:37:9e:0d:87:cb:0f:49:b1:
                    e6:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:44:6D:E7:BC:E5:49:23:D1:B2:45:78:A4:AA:90:16:E8:4A:AD:5D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/83112f49-230e-4af8-abdc-ddcc9f9f0c19.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.144.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d0:81:e5:9c:e9:03:54:25:b0:48:f0:ca:93:3b:c3:c1:f8:f0:
         42:7b:b3:b2:e5:0d:08:08:80:49:12:33:a9:a6:e4:5d:34:1a:
         d5:56:77:10:ac:ee:2d:4f:50:9a:37:60:a5:1d:ec:eb:72:a1:
         a3:c9:90:a1:cc:d6:22:0e:4f:6a:c7:ed:ec:fa:e3:2e:55:fe:
         f6:33:7d:1f:02:2d:51:c7:31:11:dd:61:b5:bc:07:9e:10:ab:
         1d:93:31:13:4c:3c:35:f6:73:47:0b:40:50:33:31:e6:1e:95:
         20:76:ea:9c:51:76:73:9c:32:d4:2b:46:3d:e7:3d:2c:62:04:
         28:59:1e:42:a9:8a:11:27:0d:1c:b0:ee:db:e7:3e:0b:ec:5a:
         22:b9:66:3b:eb:9f:28:14:ef:da:a0:f4:dc:45:df:20:5b:a6:
         cf:f8:3a:91:bd:37:4b:cb:d7:30:b9:04:86:12:06:f6:ab:a5:
         8e:eb:e0:c4:50:2b:10:9f:e0:d0:6e:bd:a6:0d:b2:17:78:15:
         42:f6:73:ab:5c:4e:f8:59:b0:e9:ce:80:e2:b7:53:57:1a:94:
         76:9f:f6:c0:db:3f:33:76:47:c5:5d:da:39:b0:af:9b:de:03:
         75:ce:05:66:f8:09:9c:62:43:a5:d9:68:d1:89:f9:fe:53:16:
         89:fb:61:ba
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOrmIUIi5B1w1zGZUsFbt3nXugTowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNzA5OTIwMzllNGYwNmRlODRhMzhlY2NmZDdjNWE2ZDVh
MzAzNDA1MWNmNTI5MmRjNGY3ZDg2MjUxZTBhMTA3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD6c/X9oY8ny55w99OnZNo5SMFpgus+0RtSpbR5VMnEnfX4
Am8ubhI+noL09GcqaINOrXdkqE9+mAHpQHwO1znJuanc+vnbsk4bt+K7uQTFaREL
umLaFRCn6T2MELt/SoE8E4Dz6hQWEGn3nUZsYBqytZR9vkjVXSP2YuyflWu8sGrt
1kLiyuB42suIu6qFRv8MCxlva5Jt3AWMdOHaA/kdJemcM67EjShSyrxSFA1i79Wy
7hKTw/snI98uw23ntUEPUfUafHTXsiGcwLsPkcV5GAy4EqXZ7YSleFQ9bcAHyhNn
oQdZv/7pYNWxK9cdNnFP8jV2Zqs3ng2Hyw9JseY/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUakRt57zlSSPRskV4pKqQFuhKrV0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgzMTEyZjQ5LTIzMGUtNGFmOC1hYmRjLWRkY2M5ZjlmMGMxOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBokDANBgkqhkiG9w0BAQsFAAOCAQEA0IHlnOkDVCWwSPDKkzvDwfjwQnuz
suUNCAiASRIzqabkXTQa1VZ3EKzuLU9QmjdgpR3s63Kho8mQoczWIg5Pasft7Prj
LlX+9jN9HwItUccxEd1htbwHnhCrHZMxE0w8NfZzRwtAUDMx5h6VIHbqnFF2c5wy
1CtGPec9LGIEKFkeQqmKEScNHLDu2+c+C+xaIrlmO+ufKBTv2qD03EXfIFumz/g6
kb03S8vXMLkEhhIG9quljuvgxFArEJ/g0G69pg2yF3gVQvZzq1xO+Fmw6c6A4rdT
VxqUdp/2wNs/M3ZHxV3aObCvm94Ddc4FZvgJnGJDpdlo0Yn5/lMWifthug==
-----END CERTIFICATE-----