Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c605dd4d-0d7e-4ad9-8cd5-693433ba8fc1.roa
File:                     c605dd4d-0d7e-4ad9-8cd5-693433ba8fc1.roa (raw, json)
Hash identifier:          r8N5MHy3XR5YbtQJz+Xr/cDea7DuQXSIQoXIDiorG0Y=
Subject key identifier:   9B:B8:38:84:00:99:20:59:D2:07:94:24:E1:87:17:C3:07:6A:84:E9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2444B0B19BDD287ED5B57C24746039E598EE9A9B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c605dd4d-0d7e-4ad9-8cd5-693433ba8fc1.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.12.56.0/23 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:44:b0:b1:9b:dd:28:7e:d5:b5:7c:24:74:60:39:e5:98:ee:9a:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=5462d2834e0534d6c2f13282dfc5eaa8c14c8121fe38dd8a52950e3880c9ed07, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:cb:e3:42:c5:3a:41:67:91:68:72:c5:b0:73:
                    b0:b7:0c:c6:e9:35:e3:35:4d:60:b1:c4:0c:6d:9a:
                    a5:30:7b:25:70:75:87:66:53:6a:87:5f:f0:6f:60:
                    fd:5a:9b:9c:c8:23:ec:72:0f:d4:12:78:60:e5:c6:
                    cd:af:07:96:ef:33:1a:41:6c:73:43:ae:45:8c:6c:
                    99:a7:25:cf:40:4c:a3:49:79:81:10:96:68:cb:4a:
                    ce:2e:ea:55:03:97:ae:b5:3a:a4:f3:a9:d9:ba:11:
                    c2:a8:95:06:62:76:ee:58:74:0f:69:23:3a:fe:88:
                    6d:56:89:32:fa:1a:34:a0:bf:e6:77:38:55:07:6c:
                    4c:42:cb:2f:cd:e4:af:37:9f:11:ad:69:be:7a:b8:
                    ba:a6:0f:bd:c5:27:b9:30:07:af:1d:d8:70:9c:ac:
                    45:f2:5c:8a:b2:50:49:9a:f7:11:00:92:83:1a:b8:
                    3a:0f:86:47:74:e9:3d:40:4d:12:32:53:c2:6e:49:
                    8d:3e:ca:62:6e:e9:95:96:fc:2c:5b:e7:3e:07:dd:
                    15:89:11:42:c3:91:c6:a8:38:4f:e3:24:3c:0d:5a:
                    40:70:2e:40:86:9e:4d:12:aa:93:9b:cc:4a:f7:62:
                    79:f4:e4:cf:e3:04:44:41:24:b6:2a:d9:15:86:8a:
                    2e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:B8:38:84:00:99:20:59:D2:07:94:24:E1:87:17:C3:07:6A:84:E9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c605dd4d-0d7e-4ad9-8cd5-693433ba8fc1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.12.56.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5e:ad:f7:1e:6b:0a:0a:ed:b8:2e:32:5e:82:f5:9e:a8:e8:2e:
         78:68:9b:da:11:5a:f2:11:10:88:ad:bd:59:24:d2:36:3e:b3:
         7f:8b:30:09:d8:9b:0e:4a:f7:ed:19:fb:2c:2e:34:28:92:1d:
         a7:8d:94:a2:1e:bf:f2:be:14:53:67:06:5e:55:6f:2b:e5:b8:
         12:1d:6e:50:3b:4a:49:34:e8:e9:cd:7e:11:44:a7:22:e1:b4:
         be:b6:37:50:7f:e0:4a:75:00:ba:fc:f1:ab:f6:12:c6:c7:da:
         14:a6:e5:86:ca:66:22:33:5f:50:a9:ff:23:e2:0f:0a:12:aa:
         5c:2a:c1:e7:20:a4:a9:fc:25:a5:3a:c5:b4:f3:2e:72:7c:af:
         ce:76:32:ba:84:63:63:b0:0d:53:56:aa:b8:37:1e:15:0c:22:
         3a:6d:b5:19:0f:52:de:53:cc:06:64:86:05:c9:32:44:89:65:
         4c:4c:de:84:f6:ff:97:2a:41:86:59:30:6e:70:8d:dd:53:7f:
         7e:fa:60:4c:8c:0f:69:65:ea:99:45:01:24:2e:79:63:99:f0:
         ff:1b:6f:de:d3:24:9d:ea:bd:c2:03:67:3a:49:06:89:95:b1:
         3a:18:ba:c7:d3:72:c8:cb:d2:18:d6:0a:fd:23:22:2f:1e:69:
         ae:b7:29:f3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJESwsZvdKH7VtXwkdGA55ZjumpswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NDYyZDI4MzRlMDUzNGQ2YzJmMTMyODJkZmM1ZWFhOGMx
NGM4MTIxZmUzOGRkOGE1Mjk1MGUzODgwYzllZDA3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1y+NCxTpBZ5FocsWwc7C3DMbpNeM1TWCxxAxtmqUweyVw
dYdmU2qHX/BvYP1am5zII+xyD9QSeGDlxs2vB5bvMxpBbHNDrkWMbJmnJc9ATKNJ
eYEQlmjLSs4u6lUDl661OqTzqdm6EcKolQZidu5YdA9pIzr+iG1WiTL6GjSgv+Z3
OFUHbExCyy/N5K83nxGtab56uLqmD73FJ7kwB68d2HCcrEXyXIqyUEma9xEAkoMa
uDoPhkd06T1ATRIyU8JuSY0+ymJu6ZWW/Cxb5z4H3RWJEULDkcaoOE/jJDwNWkBw
LkCGnk0SqpObzEr3Ynn05M/jBERBJLYq2RWGii75AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUm7g4hACZIFnSB5Qk4YcXwwdqhOkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M2MDVkZDRkLTBkN2UtNGFkOS04Y2Q1LTY5MzQzM2JhOGZjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEQDDgwDQYJKoZIhvcNAQELBQADggEBAF6t9x5rCgrtuC4yXoL1nqjoLnho
m9oRWvIREIitvVkk0jY+s3+LMAnYmw5K9+0Z+ywuNCiSHaeNlKIev/K+FFNnBl5V
byvluBIdblA7Skk06OnNfhFEpyLhtL62N1B/4Ep1ALr88av2EsbH2hSm5YbKZiIz
X1Cp/yPiDwoSqlwqwecgpKn8JaU6xbTzLnJ8r852MrqEY2OwDVNWqrg3HhUMIjpt
tRkPUt5TzAZkhgXJMkSJZUxM3oT2/5cqQYZZMG5wjd1Tf376YEyMD2ll6plFASQu
eWOZ8P8bb97TJJ3qvcIDZzpJBomVsToYusfTcsjL0hjWCv0jIi8eaa63KfM=
-----END CERTIFICATE-----