Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c5f1bc0-ea2f-4120-8fc6-1e5aa76bd9ba.roa
File:                     8c5f1bc0-ea2f-4120-8fc6-1e5aa76bd9ba.roa (raw, json)
Hash identifier:          rqk/v98l1zOxMQE9i2RopsDWuvSAryC7ota77EYlIMk=
Subject key identifier:   86:B3:64:AF:77:F2:33:FD:83:FA:B7:91:09:CE:4B:C6:D6:29:10:30
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3A27807BE6364C2E23536C787ABE9F6976435899
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c5f1bc0-ea2f-4120-8fc6-1e5aa76bd9ba.roa
Signing time:             Mon 09 Dec 2024 00:00:00 +0000
ROA not before:           Mon 09 Dec 2024 00:00:00 +0000
ROA not after:            Mon 13 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        16.57.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:27:80:7b:e6:36:4c:2e:23:53:6c:78:7a:be:9f:69:76:43:58:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  9 00:00:00 2024 GMT
            Not After : Jan 13 23:59:59 2025 GMT
        Subject: serialNumber=c64880e416f62b1b81fb795b31b1776c270177fbfe372bfb82ad61f47cd572aa, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:69:1c:9e:bb:40:a1:af:db:25:9e:ea:4a:3e:
                    8c:c4:b0:c3:2c:c8:b1:8f:dd:7c:1a:a4:4a:52:5a:
                    15:de:3b:96:6c:8e:03:ef:9d:1d:f4:f1:5a:f3:0b:
                    56:e3:89:86:68:cf:d6:4e:f6:9f:b9:d3:0c:36:03:
                    e1:47:e3:7c:3a:71:67:32:72:bf:be:3a:ae:09:1c:
                    72:75:b3:f5:ed:cb:cf:55:cb:b3:c7:4a:0a:9a:ef:
                    5e:e4:02:ad:8c:24:cb:d4:53:5d:93:d6:1d:73:3a:
                    68:8e:34:5f:ec:04:76:cc:73:cc:44:78:ee:3c:ea:
                    54:b7:e1:8a:4d:91:c9:9b:12:e2:79:92:f3:fa:1b:
                    72:3d:7c:09:77:24:45:8e:da:c2:a2:5f:a3:17:b6:
                    d2:76:53:8b:58:ee:4f:85:d7:3f:3d:5c:de:5f:cd:
                    e0:f2:02:36:91:6f:19:58:8d:fa:63:da:ae:cd:df:
                    ff:13:2c:8b:63:74:c5:6b:76:cd:8b:76:ad:7f:dc:
                    c2:c1:da:02:2b:7c:f4:b2:16:9a:ef:93:a2:0d:47:
                    2a:11:fd:d0:c9:73:bf:b2:e9:8a:5e:51:c8:b5:a9:
                    b4:ea:b1:07:05:ea:c7:8d:6d:6c:4f:84:91:46:1f:
                    78:1e:d3:17:ed:56:e9:8e:7d:79:ce:59:bc:b7:15:
                    d1:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:B3:64:AF:77:F2:33:FD:83:FA:B7:91:09:CE:4B:C6:D6:29:10:30
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c5f1bc0-ea2f-4120-8fc6-1e5aa76bd9ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.57.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         19:70:7a:39:57:00:2f:c7:67:a3:c7:33:96:a2:65:76:69:9a:
         39:fa:69:13:75:f0:c9:5e:0d:52:42:35:9c:b8:c7:6d:b8:5d:
         c3:67:0d:dc:18:94:87:d7:6d:59:1d:38:d1:ae:83:c1:b6:2e:
         aa:78:17:8f:ed:bc:93:18:5a:07:f7:f9:16:e1:25:30:5d:5d:
         0e:63:cc:a0:ce:62:87:2d:88:db:b8:b2:c8:f9:ad:4a:ad:d3:
         e0:cf:33:92:19:98:88:d6:55:e7:c9:ad:ff:ad:6a:3a:b1:87:
         fc:fd:b8:96:3a:1e:13:7e:99:10:f6:f9:4f:63:50:5d:63:de:
         94:7a:09:8a:21:a1:2a:80:70:e7:b1:4c:08:ab:62:41:1b:a9:
         ad:fc:6e:6d:e6:77:e1:18:80:a1:a3:6d:21:0f:5a:58:62:95:
         37:da:b9:42:15:b1:dd:3d:65:9a:47:53:80:64:c4:3c:28:5e:
         8f:13:1c:3d:80:93:f1:0a:14:6b:44:e0:3b:58:42:b5:fc:b0:
         ff:8a:d5:27:87:ad:f7:f6:56:35:59:e5:f9:cd:71:58:8f:e1:
         0c:03:7f:f2:b6:86:40:d7:91:58:c1:ed:ad:2d:e9:eb:cb:96:
         bd:68:98:8f:f2:24:2a:7c:bb:a7:34:a4:30:c2:45:1a:8f:6d:
         e7:c1:7b:80
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOieAe+Y2TC4jU2x4er6faXZDWJkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjA5MDAwMDAwWhcNMjUwMTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNjQ4ODBlNDE2ZjYyYjFiODFmYjc5NWIzMWIxNzc2YzI3
MDE3N2ZiZmUzNzJiZmI4MmFkNjFmNDdjZDU3MmFhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFaRyeu0Chr9slnupKPozEsMMsyLGP3XwapEpSWhXeO5Zs
jgPvnR308VrzC1bjiYZoz9ZO9p+50ww2A+FH43w6cWcycr++Oq4JHHJ1s/Xty89V
y7PHSgqa717kAq2MJMvUU12T1h1zOmiONF/sBHbMc8xEeO486lS34YpNkcmbEuJ5
kvP6G3I9fAl3JEWO2sKiX6MXttJ2U4tY7k+F1z89XN5fzeDyAjaRbxlYjfpj2q7N
3/8TLItjdMVrds2Ldq1/3MLB2gIrfPSyFprvk6INRyoR/dDJc7+y6YpeUci1qbTq
sQcF6seNbWxPhJFGH3ge0xftVumOfXnOWby3FdHNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhrNkr3fyM/2D+reRCc5LxtYpEDAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhjNWYxYmMwLWVhMmYtNDEyMC04ZmM2LTFlNWFhNzZiZDliYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQOTANBgkqhkiG9w0BAQsFAAOCAQEAGXB6OVcAL8dno8czlqJldmmaOfpp
E3XwyV4NUkI1nLjHbbhdw2cN3BiUh9dtWR040a6DwbYuqngXj+28kxhaB/f5FuEl
MF1dDmPMoM5ihy2I27iyyPmtSq3T4M8zkhmYiNZV58mt/61qOrGH/P24ljoeE36Z
EPb5T2NQXWPelHoJiiGhKoBw57FMCKtiQRuprfxubeZ34RiAoaNtIQ9aWGKVN9q5
QhWx3T1lmkdTgGTEPChejxMcPYCT8QoUa0TgO1hCtfyw/4rVJ4et9/ZWNVnl+c1x
WI/hDAN/8raGQNeRWMHtrS3p68uWvWiYj/IkKny7pzSkMMJFGo9t58F7gA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 03:39:42 2025 by rpki-client