Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5ac516c-d780-432f-8d26-fdc5e6cbdaac.roa
File:                     c5ac516c-d780-432f-8d26-fdc5e6cbdaac.roa (raw, json)
Hash identifier:          EelHGTj0ZjGtrntPL+HezGv9fl1KJC+6WDEaF9Cia9I=
Subject key identifier:   FE:A5:49:1C:59:95:C4:C9:2D:78:21:F2:82:2B:5D:1B:C5:E7:E9:D1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1F697F36CA692726727CE0143FD84BACF16EA7EE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5ac516c-d780-432f-8d26-fdc5e6cbdaac.roa
Signing time:             Sat 28 Dec 2024 00:00:00 +0000
ROA not before:           Sat 28 Dec 2024 00:00:00 +0000
ROA not after:            Sat 01 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        16.21.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:69:7f:36:ca:69:27:26:72:7c:e0:14:3f:d8:4b:ac:f1:6e:a7:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 28 00:00:00 2024 GMT
            Not After : Feb  1 23:59:59 2025 GMT
        Subject: serialNumber=e8cff66fde56858de39e673cfb70089fb1d0fb356757080907b391de6d94a19d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:c5:b6:22:41:85:04:ea:96:f2:09:bc:fe:72:
                    4a:54:c7:82:77:10:84:df:49:b8:83:2f:bd:c4:6c:
                    6a:6a:49:c8:3a:05:db:e9:27:92:d6:39:11:9f:aa:
                    da:5e:3b:37:c6:89:88:d1:c1:97:cb:9c:d9:be:52:
                    b7:8f:9a:4b:9f:4c:a3:c6:a1:4d:c4:27:cf:f2:22:
                    7f:1e:6a:64:dc:97:f9:48:b0:ee:67:62:d7:00:d2:
                    6b:34:90:1f:1f:3e:6d:74:ea:d6:73:05:d0:3e:db:
                    e5:57:f6:4f:73:af:0b:8e:f0:0e:15:c3:33:7d:a9:
                    92:c9:98:ea:0d:62:4d:00:70:04:af:7e:96:57:92:
                    36:3d:77:37:77:2f:ac:d1:55:dd:14:21:b2:f4:e6:
                    21:6a:e0:fb:3a:bc:a6:46:5c:31:a0:b4:44:b3:ee:
                    1c:87:4b:c7:8d:c1:d7:9c:16:ee:4b:25:e1:25:ee:
                    02:ba:17:35:74:44:93:bf:7f:6c:ff:94:0b:b7:f9:
                    d3:50:d0:88:f1:65:8e:7f:fc:78:ca:a7:7c:52:8d:
                    45:9a:b0:bb:4a:d1:77:80:eb:5e:0b:44:74:e8:21:
                    ec:6c:46:89:5b:69:be:8c:14:8e:e8:a7:ab:69:3d:
                    8d:cf:14:59:d8:a0:04:bf:46:e0:4b:28:80:89:f5:
                    28:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:A5:49:1C:59:95:C4:C9:2D:78:21:F2:82:2B:5D:1B:C5:E7:E9:D1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5ac516c-d780-432f-8d26-fdc5e6cbdaac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.21.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d9:4d:48:82:46:c8:1c:5e:5f:ad:4f:0d:76:85:51:22:cf:21:
         d3:b7:29:04:24:86:fd:51:84:3d:7a:f2:4a:ae:d5:12:d6:de:
         da:9d:2e:a0:c8:a7:e9:4b:5a:23:f8:5c:b8:12:47:e2:ba:4c:
         37:f1:d5:24:15:9c:a5:f4:5e:63:14:4f:66:ca:1b:ce:f4:f0:
         96:ad:9b:6f:ba:ad:16:b5:aa:d8:f3:f0:f6:79:ea:30:98:8f:
         c6:0d:98:d8:80:ed:58:71:e7:79:ba:e0:67:38:74:2b:6c:5e:
         11:5e:ee:31:f1:43:ac:d0:bb:99:0e:14:5e:95:01:16:07:5a:
         ce:78:c8:24:eb:12:93:8a:b5:70:03:60:e6:07:89:49:64:6c:
         67:f4:d4:c0:d6:3a:8d:e8:d6:1c:3c:42:4d:39:28:33:ee:50:
         92:2c:0a:3b:b8:ca:b3:8d:4b:5f:01:f5:fd:66:96:57:cf:dd:
         c9:ff:ae:91:05:06:ed:06:62:30:88:86:13:7e:31:e2:1e:b1:
         16:3a:88:0e:6a:b8:02:1d:38:17:3e:05:f7:a3:80:48:79:46:
         9e:4e:b4:2c:40:14:0d:fc:bd:d9:99:39:53:bc:c2:9f:ff:0a:
         4e:f8:52:d7:01:7b:39:cb:27:7b:2e:76:4a:91:9b:2a:c1:2a:
         7f:c3:cf:94
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUH2l/NsppJyZyfOAUP9hLrPFup+4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI4MDAwMDAwWhcNMjUwMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlOGNmZjY2ZmRlNTY4NThkZTM5ZTY3M2NmYjcwMDg5ZmIx
ZDBmYjM1Njc1NzA4MDkwN2IzOTFkZTZkOTRhMTlkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSxbYiQYUE6pbyCbz+ckpUx4J3EITfSbiDL73EbGpqScg6
BdvpJ5LWORGfqtpeOzfGiYjRwZfLnNm+UrePmkufTKPGoU3EJ8/yIn8eamTcl/lI
sO5nYtcA0ms0kB8fPm106tZzBdA+2+VX9k9zrwuO8A4VwzN9qZLJmOoNYk0AcASv
fpZXkjY9dzd3L6zRVd0UIbL05iFq4Ps6vKZGXDGgtESz7hyHS8eNwdecFu5LJeEl
7gK6FzV0RJO/f2z/lAu3+dNQ0IjxZY5//HjKp3xSjUWasLtK0XeA614LRHToIexs
Rolbab6MFI7op6tpPY3PFFnYoAS/RuBLKICJ9SiZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU/qVJHFmVxMkteCHygitdG8Xn6dEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1YWM1MTZjLWQ3ODAtNDMyZi04ZDI2LWZkYzVlNmNiZGFhYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQFTANBgkqhkiG9w0BAQsFAAOCAQEA2U1IgkbIHF5frU8NdoVRIs8h07cp
BCSG/VGEPXrySq7VEtbe2p0uoMin6UtaI/hcuBJH4rpMN/HVJBWcpfReYxRPZsob
zvTwlq2bb7qtFrWq2PPw9nnqMJiPxg2Y2IDtWHHnebrgZzh0K2xeEV7uMfFDrNC7
mQ4UXpUBFgdaznjIJOsSk4q1cANg5geJSWRsZ/TUwNY6jejWHDxCTTkoM+5QkiwK
O7jKs41LXwH1/WaWV8/dyf+ukQUG7QZiMIiGE34x4h6xFjqIDmq4Ah04Fz4F96OA
SHlGnk60LEAUDfy92Zk5U7zCn/8KTvhS1wF7Ocsney52SpGbKsEqf8PPlA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:09:44 2025 by rpki-client