Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87dc9e10-0566-4596-b812-6ecfdd21f34b.roa
File:                     87dc9e10-0566-4596-b812-6ecfdd21f34b.roa (raw, json)
Hash identifier:          7s03bXsAIHLMz2NSajl+IKf4PqHYHv6iuViujKdmfiY=
Subject key identifier:   89:57:9B:FB:72:D9:89:D6:F6:4A:27:E8:74:23:59:BF:86:59:26:F4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5A225E13114835595B02A08BB0A0F4BF9048DEEF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87dc9e10-0566-4596-b812-6ecfdd21f34b.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        93.79.128.0/17 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:22:5e:13:11:48:35:59:5b:02:a0:8b:b0:a0:f4:bf:90:48:de:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=fe5975599b2cf7588510e133784b45d06fc07b953ac2e8688a89ed87e2b8a8ef, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:01:79:b3:d8:55:a1:40:9f:a0:8f:c7:b5:e9:
                    5a:33:ee:a8:c6:22:75:63:b9:d1:54:53:bf:6b:e4:
                    5e:7a:12:03:73:4e:9c:2f:e5:d3:11:85:ef:e5:57:
                    37:16:a7:45:98:11:4b:39:fe:cf:87:ee:ee:44:12:
                    7f:ee:f9:d5:d0:f7:fb:bc:92:80:6b:ed:9b:2d:22:
                    05:cf:4e:52:78:12:c1:c1:86:20:4b:32:ad:9b:8f:
                    34:40:48:3e:0f:9a:d2:b0:d9:7b:2a:02:8b:8f:3b:
                    4f:57:a6:eb:9b:94:97:6b:3e:b7:b8:f8:48:89:d2:
                    8e:a7:62:0a:0d:e3:da:32:af:9f:17:75:a9:5b:25:
                    6c:20:6d:58:fe:fc:5f:9b:b9:f8:7d:31:79:6e:dd:
                    66:2a:28:63:0b:0a:91:26:0e:34:9d:a7:27:f8:4a:
                    2c:0d:98:39:62:8e:50:0c:85:c3:6c:3c:37:73:b1:
                    24:66:76:51:b3:14:0a:45:1c:13:7d:f4:0b:25:36:
                    14:ba:1d:a8:5d:58:86:f4:af:63:c5:bb:32:5c:cb:
                    d5:f5:56:ca:32:d8:e6:8d:49:48:4f:35:b9:da:d4:
                    e8:40:04:6a:0a:fa:a6:d3:7b:75:b4:8e:99:86:64:
                    65:f4:c9:3b:4b:8d:53:0c:46:5a:00:e3:28:69:60:
                    74:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:57:9B:FB:72:D9:89:D6:F6:4A:27:E8:74:23:59:BF:86:59:26:F4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87dc9e10-0566-4596-b812-6ecfdd21f34b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.79.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         75:70:af:c5:82:96:10:f2:ae:16:88:3c:c3:b3:c9:6c:86:a0:
         fc:6f:bd:29:d1:84:b1:d4:6e:d3:7a:64:d1:c6:4c:97:eb:b0:
         98:45:09:0e:dd:f8:90:c0:8d:35:93:13:84:68:fe:23:ae:1d:
         82:62:51:21:4d:4d:b1:26:2a:9b:af:17:15:99:24:41:d2:e4:
         40:89:d1:0c:41:ab:4c:1b:99:7a:aa:d3:79:3a:6b:7b:8e:8c:
         4b:67:78:65:c0:00:54:e9:99:79:a6:29:ba:8f:b9:69:2f:f7:
         b6:f1:85:19:62:85:2e:00:31:a6:73:12:63:93:03:cc:ab:cd:
         fc:22:35:6a:17:8c:1f:74:22:8b:68:02:da:a1:ed:c7:aa:e6:
         1c:6d:5d:65:76:b7:81:71:ba:d4:a1:95:fc:f2:ba:bc:72:17:
         d5:07:d1:de:61:ba:c0:ce:33:f1:25:a7:ab:5f:da:b2:87:6e:
         1f:68:04:ba:cf:8a:d2:fc:7d:c2:de:29:c7:86:c3:ce:08:f6:
         13:35:18:c2:ed:c6:82:ce:f1:5c:13:d9:d7:04:09:a0:c7:ec:
         03:48:c8:ce:70:c2:22:9a:47:c7:22:cb:c8:03:a9:a5:70:0b:
         3a:c3:ed:8c:27:92:ad:d9:14:c7:eb:30:28:e5:58:72:f2:43:
         ea:57:a3:db
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWiJeExFINVlbAqCLsKD0v5BI3u8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZTU5NzU1OTliMmNmNzU4ODUxMGUxMzM3ODRiNDVkMDZm
YzA3Yjk1M2FjMmU4Njg4YTg5ZWQ4N2UyYjhhOGVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUAXmz2FWhQJ+gj8e16Voz7qjGInVjudFUU79r5F56EgNz
Tpwv5dMRhe/lVzcWp0WYEUs5/s+H7u5EEn/u+dXQ9/u8koBr7ZstIgXPTlJ4EsHB
hiBLMq2bjzRASD4PmtKw2XsqAouPO09XpuublJdrPre4+EiJ0o6nYgoN49oyr58X
dalbJWwgbVj+/F+bufh9MXlu3WYqKGMLCpEmDjSdpyf4SiwNmDlijlAMhcNsPDdz
sSRmdlGzFApFHBN99AslNhS6HahdWIb0r2PFuzJcy9X1Vsoy2OaNSUhPNbna1OhA
BGoK+qbTe3W0jpmGZGX0yTtLjVMMRloA4yhpYHRjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiVeb+3LZidb2SifodCNZv4ZZJvQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg3ZGM5ZTEwLTA1NjYtNDU5Ni1iODEyLTZlY2ZkZDIxZjM0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAddT4AwDQYJKoZIhvcNAQELBQADggEBAHVwr8WClhDyrhaIPMOzyWyGoPxv
vSnRhLHUbtN6ZNHGTJfrsJhFCQ7d+JDAjTWTE4Ro/iOuHYJiUSFNTbEmKpuvFxWZ
JEHS5ECJ0QxBq0wbmXqq03k6a3uOjEtneGXAAFTpmXmmKbqPuWkv97bxhRlihS4A
MaZzEmOTA8yrzfwiNWoXjB90IotoAtqh7ceq5hxtXWV2t4FxutShlfzyurxyF9UH
0d5husDOM/Elp6tf2rKHbh9oBLrPitL8fcLeKceGw84I9hM1GMLtxoLO8VwT2dcE
CaDH7ANIyM5wwiKaR8ciy8gDqaVwCzrD7Ywnkq3ZFMfrMCjlWHLyQ+pXo9s=
-----END CERTIFICATE-----