Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9fb4c3-973f-40a1-bb95-624d92aafacf.roa
File:                     8a9fb4c3-973f-40a1-bb95-624d92aafacf.roa (raw, json)
Hash identifier:          9dstuVFjSI6pHXUDFYmZqGyvowUarA/H0RxWy8AvO8Y=
Subject key identifier:   5F:0E:4F:8D:69:EB:B6:B6:9E:5D:B6:56:EC:03:9A:44:E0:9C:45:A1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       01338396AB433FA1DAFF22ED07D1764B420D4050
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9fb4c3-973f-40a1-bb95-624d92aafacf.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        208.86.88.0/22 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:33:83:96:ab:43:3f:a1:da:ff:22:ed:07:d1:76:4b:42:0d:40:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=5abd96377e6aea9890c8c53d3db121ef4c47facfa5e82f5ef107f5e72db9dc91, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7b:0f:e9:ba:f8:ac:0d:e7:7f:b2:e8:5a:8d:
                    c6:43:86:7f:29:d2:75:6c:e3:a6:b3:fe:a3:19:30:
                    e3:54:51:f9:66:43:b8:45:90:cb:5f:81:94:3b:bc:
                    65:fb:fb:03:f4:b4:30:43:4f:f1:ef:fb:32:94:36:
                    ff:cf:28:24:0a:ec:57:46:71:5d:cf:e9:89:a4:f3:
                    88:9b:5c:40:19:b0:b4:34:ee:94:11:13:b8:fb:00:
                    7b:f8:9d:bb:74:02:47:13:b4:2a:b2:c3:a9:3f:8d:
                    51:ec:ed:c3:d3:e2:8f:80:62:be:51:8a:b8:99:90:
                    c0:76:56:04:b6:58:8e:4e:48:69:74:51:97:18:c0:
                    6c:26:9f:d7:46:fb:93:e9:01:09:c4:a5:6a:93:44:
                    ab:88:33:8c:6c:98:64:86:15:cc:02:d3:3a:7e:57:
                    22:f9:d0:e2:97:b2:a4:65:6d:0e:0c:da:1b:8f:ba:
                    9c:18:8d:34:f9:80:b6:b1:50:51:c9:ae:ad:77:32:
                    32:ce:c4:60:3a:19:67:b0:2f:bb:9b:c1:59:8e:80:
                    18:7a:0d:54:14:6b:e6:a5:4e:41:f6:a7:95:8b:29:
                    2d:df:25:50:f4:e1:67:be:c1:4e:40:e9:bb:b8:48:
                    66:98:72:76:96:d2:17:88:72:2f:06:a5:51:04:9c:
                    19:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:0E:4F:8D:69:EB:B6:B6:9E:5D:B6:56:EC:03:9A:44:E0:9C:45:A1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9fb4c3-973f-40a1-bb95-624d92aafacf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  208.86.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:1c:32:95:b0:e8:01:b6:36:ad:5d:a9:eb:ee:06:42:87:44:
         2f:64:08:01:b4:21:cc:9b:60:68:44:22:00:bb:a2:bc:4d:9c:
         67:56:6b:41:d3:49:90:64:96:f4:40:be:f8:e5:34:13:56:8c:
         ce:40:a5:30:52:74:62:4c:ad:d6:15:b1:b7:10:ed:36:94:76:
         18:29:b5:19:2f:be:d9:b6:e9:3f:4b:c8:58:97:59:01:dc:d3:
         2d:ca:23:7d:d9:e6:d8:f8:14:37:dc:0b:a3:50:87:5e:d2:27:
         36:dc:8e:d8:0d:a6:d1:84:60:3b:9a:1c:93:dd:3b:b6:3e:e3:
         86:42:3c:88:36:3d:6a:22:77:64:b1:8a:65:1d:37:21:f3:12:
         f7:38:fd:ff:09:e0:3d:22:ad:ce:da:51:44:b1:ff:3a:92:81:
         4a:08:11:6f:48:d7:97:af:ef:eb:db:9f:43:5b:b3:be:cd:50:
         db:32:12:b2:af:cb:3d:73:4d:ea:02:4a:cf:eb:33:38:02:1b:
         f8:16:15:aa:e7:4b:17:62:a4:ee:d2:f8:bb:ec:71:be:82:ce:
         1c:f0:89:1f:1d:a2:03:f9:cf:c7:bd:d7:31:14:b2:15:25:1a:
         44:96:91:4c:ba:6c:31:7b:50:a5:96:d5:ea:8f:3c:a9:92:9c:
         92:82:e2:88
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUATODlqtDP6Ha/yLtB9F2S0INQFAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YWJkOTYzNzdlNmFlYTk4OTBjOGM1M2QzZGIxMjFlZjRj
NDdmYWNmYTVlODJmNWVmMTA3ZjVlNzJkYjlkYzkxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrew/puvisDed/suhajcZDhn8p0nVs46az/qMZMONUUflm
Q7hFkMtfgZQ7vGX7+wP0tDBDT/Hv+zKUNv/PKCQK7FdGcV3P6Ymk84ibXEAZsLQ0
7pQRE7j7AHv4nbt0AkcTtCqyw6k/jVHs7cPT4o+AYr5RiriZkMB2VgS2WI5OSGl0
UZcYwGwmn9dG+5PpAQnEpWqTRKuIM4xsmGSGFcwC0zp+VyL50OKXsqRlbQ4M2huP
upwYjTT5gLaxUFHJrq13MjLOxGA6GWewL7ubwVmOgBh6DVQUa+alTkH2p5WLKS3f
JVD04We+wU5A6bu4SGaYcnaW0heIci8GpVEEnBmZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXw5PjWnrtraeXbZW7AOaROCcRaEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhOWZiNGMzLTk3M2YtNDBhMS1iYjk1LTYyNGQ5MmFhZmFjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALQVlgwDQYJKoZIhvcNAQELBQADggEBALAcMpWw6AG2Nq1dqevuBkKHRC9k
CAG0IcybYGhEIgC7orxNnGdWa0HTSZBklvRAvvjlNBNWjM5ApTBSdGJMrdYVsbcQ
7TaUdhgptRkvvtm26T9LyFiXWQHc0y3KI33Z5tj4FDfcC6NQh17SJzbcjtgNptGE
YDuaHJPdO7Y+44ZCPIg2PWoid2SximUdNyHzEvc4/f8J4D0irc7aUUSx/zqSgUoI
EW9I15ev7+vbn0Nbs77NUNsyErKvyz1zTeoCSs/rMzgCG/gWFarnSxdipO7S+Lvs
cb6CzhzwiR8dogP5z8e91zEUshUlGkSWkUy6bDF7UKWW1eqPPKmSnJKC4og=
-----END CERTIFICATE-----