Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89e4ba23-91ab-40dd-ba19-bcc55063a417.roa
File:                     89e4ba23-91ab-40dd-ba19-bcc55063a417.roa (raw, json)
Hash identifier:          hTBF/dT664Rr9imdwc4lILlI68N2sfSJS6uLm7Jm/6c=
Subject key identifier:   5F:CE:D4:82:CE:0C:A0:C1:A9:0A:B0:AA:DB:33:6B:82:A6:BD:B7:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       45A716D0EE3C67E7BFA958CC8A719BB18819786D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89e4ba23-91ab-40dd-ba19-bcc55063a417.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.83.76.0/22 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:a7:16:d0:ee:3c:67:e7:bf:a9:58:cc:8a:71:9b:b1:88:19:78:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=60ff05142e77e50731abd37d28f07891b31af093e08937b76a244661e813ecb1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5b:3e:16:1f:e9:39:fb:1c:58:f5:3d:8e:e4:
                    5c:20:1d:47:65:96:86:48:38:04:95:92:64:27:25:
                    db:64:63:be:0f:15:a2:4c:44:8f:27:4f:56:fe:62:
                    cb:23:aa:86:74:1a:8b:54:99:8f:ae:98:e4:ad:c3:
                    6d:df:26:79:b4:2b:c7:ed:0a:ad:5d:c0:85:47:d4:
                    30:05:43:5d:fa:8a:6e:64:81:6c:a7:15:70:9a:2d:
                    80:dd:a5:90:c9:77:9d:73:75:c7:31:e4:bd:41:c7:
                    72:e3:2c:07:5b:92:c3:23:3d:ed:a7:cb:78:da:90:
                    f7:18:a2:90:9d:90:3f:bd:c4:65:55:4e:bf:15:cd:
                    58:dc:2e:85:73:18:a8:56:b7:56:53:a7:ed:74:2c:
                    89:b9:63:b2:e2:fc:61:69:d9:c0:ad:2d:f4:15:65:
                    30:13:e0:eb:30:57:57:e1:b6:06:f4:b5:51:63:f6:
                    32:e9:b9:32:c6:71:70:b0:a5:e6:78:43:d4:55:3c:
                    12:d1:ab:e3:1c:df:d9:74:8d:1f:7f:a5:ff:16:78:
                    d2:0e:cd:7b:fa:23:db:b3:66:af:f5:e0:4d:f2:d0:
                    3d:24:e7:44:51:cd:bd:a4:41:10:90:c9:a7:66:d3:
                    f0:e9:d7:40:f5:05:40:5a:e9:1a:ea:20:4d:17:a9:
                    d2:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:CE:D4:82:CE:0C:A0:C1:A9:0A:B0:AA:DB:33:6B:82:A6:BD:B7:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89e4ba23-91ab-40dd-ba19-bcc55063a417.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.83.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:d3:1b:89:4f:82:20:a7:36:3c:fe:6a:57:9c:aa:11:a7:6a:
         a2:76:5d:94:43:f7:40:8a:27:db:7a:c6:01:0f:2e:74:0a:6f:
         25:13:a4:bd:f0:a3:d7:2c:7d:00:89:6d:86:91:c1:f9:28:59:
         ce:cd:92:88:8b:a0:08:23:01:8a:03:33:e8:b3:f6:a4:f6:ac:
         92:c5:8f:38:32:21:b6:23:43:d3:31:99:ca:4b:2d:38:c9:db:
         f2:78:69:d8:53:98:7e:a5:9f:03:5e:9e:d9:5a:a6:bb:78:86:
         09:db:2d:a3:12:2a:37:16:fc:62:48:7e:73:c0:6e:60:86:80:
         d1:44:86:35:3c:f1:0d:2e:47:5a:93:93:ad:2a:be:c3:3f:b2:
         92:c7:c9:43:a4:a0:1f:09:82:64:d3:af:d1:2a:58:b3:69:e9:
         14:3e:ec:4c:52:f0:8f:78:fe:9d:cc:81:71:7b:3d:eb:2b:ae:
         b4:86:10:e8:fe:02:b2:8e:ce:cb:bb:26:b4:1c:4a:e5:f0:35:
         5b:b0:5c:b0:04:12:1a:53:51:33:04:a4:61:01:db:c3:b6:22:
         59:82:58:32:bf:e8:ae:b5:70:68:42:72:b4:1e:54:8c:cd:64:
         51:c1:a4:36:be:eb:71:a5:69:4a:7f:96:d0:98:ba:46:80:7e:
         32:d8:5c:22
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURacW0O48Z+e/qVjMinGbsYgZeG0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MGZmMDUxNDJlNzdlNTA3MzFhYmQzN2QyOGYwNzg5MWIz
MWFmMDkzZTA4OTM3Yjc2YTI0NDY2MWU4MTNlY2IxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyWz4WH+k5+xxY9T2O5FwgHUdlloZIOASVkmQnJdtkY74P
FaJMRI8nT1b+YssjqoZ0GotUmY+umOStw23fJnm0K8ftCq1dwIVH1DAFQ136im5k
gWynFXCaLYDdpZDJd51zdccx5L1Bx3LjLAdbksMjPe2ny3jakPcYopCdkD+9xGVV
Tr8VzVjcLoVzGKhWt1ZTp+10LIm5Y7Li/GFp2cCtLfQVZTAT4OswV1fhtgb0tVFj
9jLpuTLGcXCwpeZ4Q9RVPBLRq+Mc39l0jR9/pf8WeNIOzXv6I9uzZq/14E3y0D0k
50RRzb2kQRCQyadm0/Dp10D1BUBa6RrqIE0XqdJDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUX87Ugs4MoMGpCrCq2zNrgqa9txIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg5ZTRiYTIzLTkxYWItNDBkZC1iYTE5LWJjYzU1MDYzYTQxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjU0wwDQYJKoZIhvcNAQELBQADggEBACTTG4lPgiCnNjz+alecqhGnaqJ2
XZRD90CKJ9t6xgEPLnQKbyUTpL3wo9csfQCJbYaRwfkoWc7NkoiLoAgjAYoDM+iz
9qT2rJLFjzgyIbYjQ9MxmcpLLTjJ2/J4adhTmH6lnwNentlaprt4hgnbLaMSKjcW
/GJIfnPAbmCGgNFEhjU88Q0uR1qTk60qvsM/spLHyUOkoB8JgmTTr9EqWLNp6RQ+
7ExS8I94/p3MgXF7PesrrrSGEOj+ArKOzsu7JrQcSuXwNVuwXLAEEhpTUTMEpGEB
28O2IlmCWDK/6K61cGhCcrQeVIzNZFHBpDa+63GlaUp/ltCYukaAfjLYXCI=
-----END CERTIFICATE-----