Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b05e0150-ed84-4d55-8a09-358f6631a5c9.roa
File:                     b05e0150-ed84-4d55-8a09-358f6631a5c9.roa (raw, json)
Hash identifier:          sKtqafIEcSjgVBs74GVLmwfHLl2hxxbdlNYA9yja+ZM=
Subject key identifier:   81:CE:62:59:6A:6D:1A:D9:AB:04:06:BF:2A:CA:2C:2A:8C:E2:50:56
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4261B46C6DB67AAF2860E4BCB68B313663DC365F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b05e0150-ed84-4d55-8a09-358f6631a5c9.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:c000::/40 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:61:b4:6c:6d:b6:7a:af:28:60:e4:bc:b6:8b:31:36:63:dc:36:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=478f84dbf13990b179c6cd52c2ac942bc58126fd4d5816fdf03075401ec293ae, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:20:a1:da:25:e8:4a:18:d3:e2:60:b4:ad:69:
                    95:bc:55:81:a7:39:29:ae:63:8f:91:04:a1:15:d7:
                    b4:ad:3c:25:5a:fc:46:be:1c:0b:10:44:ed:03:f9:
                    53:3a:c3:64:c5:cc:7f:2f:bd:1f:d7:41:5a:c1:04:
                    cb:d9:71:13:81:4c:0d:99:bf:b9:08:46:0a:26:bf:
                    3d:64:14:4d:74:77:29:79:59:83:3f:78:00:c8:d3:
                    a7:22:bd:7a:62:69:75:a4:c1:06:5c:47:e6:a7:49:
                    65:f7:85:5e:cf:b3:2b:e6:b6:11:e8:d9:d4:ce:bc:
                    93:36:a3:23:ab:b9:2b:32:f5:8f:91:64:7d:b8:0d:
                    11:50:cc:b1:9c:85:b2:c2:d7:42:21:fe:2d:8f:8f:
                    58:23:28:ca:45:5e:23:e4:8b:f6:90:4b:4f:c3:43:
                    07:81:c6:c9:fb:03:28:91:7e:ef:1c:ff:30:fe:49:
                    8c:68:bd:bb:4f:ca:1d:b4:0f:ac:e4:52:fc:51:dd:
                    e7:00:18:43:95:13:23:77:fc:90:7a:6d:dc:4a:09:
                    08:a0:9d:85:f0:06:e4:90:d9:64:2f:ed:13:b3:88:
                    73:18:62:09:1d:a5:bc:82:d2:17:9b:fa:94:1f:b3:
                    67:bc:f8:3c:78:1e:48:b1:0f:c0:b0:26:04:e5:71:
                    2f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:CE:62:59:6A:6D:1A:D9:AB:04:06:BF:2A:CA:2C:2A:8C:E2:50:56
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b05e0150-ed84-4d55-8a09-358f6631a5c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         ae:37:e4:15:58:0f:19:cf:ac:81:35:d7:92:bb:3a:c2:29:71:
         72:d0:57:b7:67:bf:3d:81:f1:84:3c:67:13:ab:a2:83:a0:8f:
         8d:66:16:bd:b3:12:98:86:30:73:21:f1:97:33:44:00:2b:ab:
         d2:cb:4d:7b:df:64:76:7c:cc:b3:f7:42:1d:c4:d7:31:ec:5b:
         69:5c:28:32:ea:be:16:1b:fc:93:ba:95:93:ee:d8:b2:98:37:
         a7:56:ee:d6:d4:9d:68:31:bd:10:05:75:db:a3:48:eb:f4:ff:
         54:85:b0:ea:c4:6d:1f:45:3d:c9:55:7f:a2:74:56:f8:29:b7:
         6d:b6:8a:8e:9f:7a:5f:c1:f9:2d:e6:27:c0:94:79:f2:6b:80:
         2a:2e:84:c9:e8:d4:48:87:c9:b0:e5:af:69:26:14:f5:73:0a:
         c5:e5:ab:3d:f8:31:f1:b4:3f:0b:2a:f6:2b:5c:81:4e:83:fc:
         3a:18:77:02:f9:44:2e:2d:59:3a:8b:02:c8:3d:bb:4d:b5:c8:
         69:84:8f:51:99:bd:e5:e8:fc:53:36:57:4f:cc:6a:0c:26:9b:
         a4:8f:e1:04:88:b0:8f:72:e0:53:46:14:fb:2c:05:2a:56:79:
         64:90:69:8a:a8:60:c3:56:aa:72:95:7b:72:9a:6f:71:60:87:
         3b:d3:5e:ee
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQmG0bG22eq8oYOS8tosxNmPcNl8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzhmODRkYmYxMzk5MGIxNzljNmNkNTJjMmFjOTQyYmM1
ODEyNmZkNGQ1ODE2ZmRmMDMwNzU0MDFlYzI5M2FlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCIKHaJehKGNPiYLStaZW8VYGnOSmuY4+RBKEV17StPCVa
/Ea+HAsQRO0D+VM6w2TFzH8vvR/XQVrBBMvZcROBTA2Zv7kIRgomvz1kFE10dyl5
WYM/eADI06civXpiaXWkwQZcR+anSWX3hV7PsyvmthHo2dTOvJM2oyOruSsy9Y+R
ZH24DRFQzLGchbLC10Ih/i2Pj1gjKMpFXiPki/aQS0/DQweBxsn7AyiRfu8c/zD+
SYxovbtPyh20D6zkUvxR3ecAGEOVEyN3/JB6bdxKCQignYXwBuSQ2WQv7ROziHMY
YgkdpbyC0heb+pQfs2e8+Dx4HkixD8CwJgTlcS8dAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUgc5iWWptGtmrBAa/KsosKoziUFYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IwNWUwMTUwLWVkODQtNGQ1NS04YTA5LTM1OGY2NjMxYTVjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9hwDANBgkqhkiG9w0BAQsFAAOCAQEArjfkFVgPGc+sgTXXkrs6wilx
ctBXt2e/PYHxhDxnE6uig6CPjWYWvbMSmIYwcyHxlzNEACur0stNe99kdnzMs/dC
HcTXMexbaVwoMuq+Fhv8k7qVk+7Yspg3p1bu1tSdaDG9EAV126NI6/T/VIWw6sRt
H0U9yVV/onRW+Cm3bbaKjp96X8H5LeYnwJR58muAKi6EyejUSIfJsOWvaSYU9XMK
xeWrPfgx8bQ/Cyr2K1yBToP8Ohh3AvlELi1ZOosCyD27TbXIaYSPUZm95ej8UzZX
T8xqDCabpI/hBIiwj3LgU0YU+ywFKlZ5ZJBpiqhgw1aqcpV7cppvcWCHO9Ne7g==
-----END CERTIFICATE-----