Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b47a56e5-7b83-4f20-b1e0-75aae38f3bc2.roa
File:                     b47a56e5-7b83-4f20-b1e0-75aae38f3bc2.roa (raw, json)
Hash identifier:          7k9soiODykiQXmuX00JKl6HZgn63b38XDeggEnO6sZs=
Subject key identifier:   8A:2D:CF:63:DD:3E:E9:3D:2A:D9:97:F5:85:00:50:97:5F:18:F6:11
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7D6D8D6FD47AF015BBA15A5777FF0BB8D514AA30
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b47a56e5-7b83-4f20-b1e0-75aae38f3bc2.roa
Signing time:             Tue 17 Dec 2024 00:00:00 +0000
ROA not before:           Tue 17 Dec 2024 00:00:00 +0000
ROA not after:            Tue 21 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        5.60.228.0/22 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:6d:8d:6f:d4:7a:f0:15:bb:a1:5a:57:77:ff:0b:b8:d5:14:aa:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 17 00:00:00 2024 GMT
            Not After : Jan 21 23:59:59 2025 GMT
        Subject: serialNumber=ad09199026bb52e8cbb0f7284d199ed48e87b587f0aa72ed2b0d02fa4f1762f7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ed:b1:07:85:8f:2d:7b:07:28:ef:93:02:62:
                    c5:a7:a2:af:d5:d2:d3:14:fd:98:9d:8e:c9:be:39:
                    0b:82:ac:78:17:c9:0e:4f:2c:f4:b2:9b:47:0c:18:
                    e4:08:eb:bf:e5:f6:05:6c:19:5d:8e:43:7e:d3:e4:
                    1f:0f:b1:74:19:98:09:81:7d:ca:35:85:53:ba:36:
                    99:7c:03:de:bb:e1:ed:49:2d:a2:0f:15:cf:4e:77:
                    83:bd:53:2a:f9:ab:30:81:73:92:e4:c7:3a:27:de:
                    37:ca:2d:40:14:ce:bf:9c:24:c2:d9:20:6f:7f:88:
                    fa:c3:5a:af:77:e6:50:f6:99:96:93:7c:a0:bd:f3:
                    b1:44:05:17:87:f6:ba:18:2f:42:8c:3b:86:dc:9d:
                    8c:aa:ea:dd:c7:06:ec:d5:e2:72:4c:08:ff:23:d6:
                    5d:46:4d:2b:0e:3e:0f:81:6f:07:33:55:0b:89:e7:
                    eb:a9:80:f6:35:22:be:4e:bb:8c:85:c9:e6:28:18:
                    4a:1d:ef:bd:43:0d:8e:46:70:0f:b6:4d:ad:a3:f1:
                    e2:82:df:53:ad:f8:77:63:f2:ef:b9:3b:18:67:dc:
                    f1:fd:ac:b3:86:dd:a0:2b:d2:55:6c:fc:93:5f:cb:
                    bd:22:40:92:9d:73:f9:e7:9e:a3:0f:e8:18:1f:6e:
                    cc:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:2D:CF:63:DD:3E:E9:3D:2A:D9:97:F5:85:00:50:97:5F:18:F6:11
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b47a56e5-7b83-4f20-b1e0-75aae38f3bc2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.60.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:45:d8:ab:bb:01:1c:26:23:d8:a9:e7:48:2f:a3:3d:2a:49:
         7d:a4:c0:36:20:3a:90:80:d4:d9:34:f5:26:51:9d:09:e3:35:
         3d:79:6c:ac:f7:18:2b:b2:cb:8d:dc:b5:ed:cc:ef:50:5c:b7:
         21:3d:9c:1c:f6:ad:ea:5b:5d:1b:c2:17:dd:19:62:bb:74:41:
         0e:ff:7e:68:54:04:95:d8:ab:a5:42:e3:93:e6:eb:20:f4:71:
         76:2c:33:f8:42:a7:71:e6:e6:74:7e:42:30:6b:2e:7d:da:43:
         9f:0c:a5:08:c2:12:1a:ba:b0:17:54:20:47:30:9b:d2:84:0b:
         8e:ff:be:88:41:6a:29:73:92:2a:18:00:63:f3:4d:89:62:f1:
         dd:9c:7a:c1:71:11:f6:e7:6f:fe:6f:00:18:c0:a5:c3:94:92:
         e7:2f:3b:62:c1:67:b4:dc:b3:c0:08:2d:a3:30:93:a1:6b:05:
         15:20:ee:25:b2:f9:ea:e3:b1:a9:81:5f:26:0d:c4:7c:7a:27:
         b7:61:a2:4b:d4:9c:b5:07:2c:db:15:22:5d:d8:c8:36:45:b4:
         f6:3e:1d:38:89:37:c3:64:e2:a1:fe:6c:dc:46:21:d7:6b:e7:
         af:35:48:a5:9f:c9:02:ef:c0:a1:d8:e7:7c:c1:5a:84:b3:1d:
         ed:4b:9c:ff
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfW2Nb9R68BW7oVpXd/8LuNUUqjAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjE3MDAwMDAwWhcNMjUwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZDA5MTk5MDI2YmI1MmU4Y2JiMGY3Mjg0ZDE5OWVkNDhl
ODdiNTg3ZjBhYTcyZWQyYjBkMDJmYTRmMTc2MmY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDM7bEHhY8tewco75MCYsWnoq/V0tMU/Zidjsm+OQuCrHgX
yQ5PLPSym0cMGOQI67/l9gVsGV2OQ37T5B8PsXQZmAmBfco1hVO6Npl8A9674e1J
LaIPFc9Od4O9Uyr5qzCBc5Lkxzon3jfKLUAUzr+cJMLZIG9/iPrDWq935lD2mZaT
fKC987FEBReH9roYL0KMO4bcnYyq6t3HBuzV4nJMCP8j1l1GTSsOPg+BbwczVQuJ
5+upgPY1Ir5Ou4yFyeYoGEod771DDY5GcA+2Ta2j8eKC31Ot+Hdj8u+5Oxhn3PH9
rLOG3aAr0lVs/JNfy70iQJKdc/nnnqMP6BgfbsxxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUii3PY90+6T0q2Zf1hQBQl18Y9hEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0N2E1NmU1LTdiODMtNGYyMC1iMWUwLTc1YWFlMzhmM2JjMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIFPOQwDQYJKoZIhvcNAQELBQADggEBAIZF2Ku7ARwmI9ip50gvoz0qSX2k
wDYgOpCA1Nk09SZRnQnjNT15bKz3GCuyy43cte3M71BctyE9nBz2repbXRvCF90Z
Yrt0QQ7/fmhUBJXYq6VC45Pm6yD0cXYsM/hCp3Hm5nR+QjBrLn3aQ58MpQjCEhq6
sBdUIEcwm9KEC47/vohBailzkioYAGPzTYli8d2cesFxEfbnb/5vABjApcOUkucv
O2LBZ7Tcs8AILaMwk6FrBRUg7iWy+erjsamBXyYNxHx6J7dhokvUnLUHLNsVIl3Y
yDZFtPY+HTiJN8Nk4qH+bNxGIddr5681SKWfyQLvwKHY53zBWoSzHe1LnP8=
-----END CERTIFICATE-----