Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cda5ed17-bc3e-4af0-ad99-44f518053bfc.roa
File:                     cda5ed17-bc3e-4af0-ad99-44f518053bfc.roa (raw, json)
Hash identifier:          RzWHirGthvN6wxBtLUH2YTGz7XdwRoydsvaTlx7SfmY=
Subject key identifier:   2C:03:B6:E5:C4:BC:2E:55:46:AF:AB:B9:9F:A1:43:9E:44:0B:27:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7473D44C43894A99802AA482C7CDD83422FA536E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cda5ed17-bc3e-4af0-ad99-44f518053bfc.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        216.113.224.0/19 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:73:d4:4c:43:89:4a:99:80:2a:a4:82:c7:cd:d8:34:22:fa:53:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=5c3821659e0db6958c287633d70b61499fc8daa1b7bf3c7aed8ca3c3e6f42f85, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ad:66:d1:54:01:28:91:e2:83:ed:dd:8d:71:
                    46:cd:1c:6b:6a:e9:a3:5e:83:20:a8:c3:20:80:1f:
                    fa:bb:c6:d0:c6:1f:46:b8:24:36:7c:d5:78:98:06:
                    e8:e4:4e:16:f4:35:94:26:71:d8:28:91:ce:ea:94:
                    99:aa:83:af:6f:bb:5e:31:5e:93:90:c9:22:3f:0c:
                    54:c6:9d:1a:fd:6a:fa:64:57:90:da:02:26:15:4d:
                    5c:36:e7:f5:6c:66:3f:a7:69:d7:a9:4f:29:07:9b:
                    1a:8d:e0:af:a7:84:8b:09:01:6e:b8:92:5b:e7:bb:
                    5a:6b:86:84:3b:55:23:5f:3d:e8:6d:f4:31:4b:38:
                    4a:07:29:39:2a:67:42:95:bf:cf:3c:e4:f6:b2:4d:
                    3d:c9:86:5b:41:89:b8:43:fe:03:7a:0d:b9:00:80:
                    6d:b1:c9:15:fd:93:a5:d4:29:fc:f7:f4:37:e7:4d:
                    a1:8c:7b:c7:51:80:24:42:90:f0:e3:ae:59:14:ce:
                    3a:94:7c:4c:63:da:60:a8:7d:50:d5:d6:6d:2c:5c:
                    63:af:98:0c:b3:a9:f6:39:50:64:f6:cd:44:99:52:
                    b1:ee:f7:d8:72:4b:c6:1f:11:2f:77:cc:fe:fc:8f:
                    89:32:07:f8:7b:35:55:6d:87:56:d3:f9:0a:c7:a0:
                    8b:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:03:B6:E5:C4:BC:2E:55:46:AF:AB:B9:9F:A1:43:9E:44:0B:27:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cda5ed17-bc3e-4af0-ad99-44f518053bfc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.113.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         67:e5:9a:c0:98:41:59:be:41:b4:c3:94:a9:ba:e5:ba:38:24:
         7a:9c:5e:ba:f0:92:0c:dd:8e:5a:04:a6:87:57:33:a8:9e:37:
         92:c7:46:05:99:da:0d:30:95:cd:0a:f2:14:4b:91:ce:3f:dd:
         48:39:72:a1:6b:97:0e:4d:f4:25:ef:bb:d0:24:9e:cb:a9:91:
         f4:8e:12:79:a8:b1:66:b3:3f:8d:ea:15:a2:e3:58:19:d9:73:
         da:58:59:cc:b5:08:11:65:60:c6:d3:93:69:6b:9a:0c:95:6b:
         a7:ae:31:3c:b3:d5:b2:3f:ab:38:20:8d:1d:fa:57:64:62:ba:
         ac:6d:a6:73:59:52:89:99:58:1c:23:69:2e:2d:af:75:a4:c3:
         27:9a:5d:1b:68:ad:ba:9b:db:7d:a7:d5:45:0d:b7:01:dc:95:
         c1:59:e2:10:b9:4d:f6:2e:87:c6:94:67:54:f5:18:35:14:3b:
         31:8a:fd:4d:20:f6:ed:2f:58:c0:15:e4:23:cc:10:83:a2:ae:
         cb:57:4f:5d:80:67:c6:73:48:fe:c4:d1:d6:03:11:f3:bd:cb:
         bc:0e:71:20:c9:51:6d:7a:78:ef:03:36:15:67:d7:67:91:95:
         b6:9b:a8:8f:38:5e:77:c1:9d:71:35:68:60:3b:35:2a:2b:26:
         71:29:e6:d7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdHPUTEOJSpmAKqSCx83YNCL6U24wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YzM4MjE2NTllMGRiNjk1OGMyODc2MzNkNzBiNjE0OTlm
YzhkYWExYjdiZjNjN2FlZDhjYTNjM2U2ZjQyZjg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0rWbRVAEokeKD7d2NcUbNHGtq6aNegyCowyCAH/q7xtDG
H0a4JDZ81XiYBujkThb0NZQmcdgokc7qlJmqg69vu14xXpOQySI/DFTGnRr9avpk
V5DaAiYVTVw25/VsZj+nadepTykHmxqN4K+nhIsJAW64klvnu1prhoQ7VSNfPeht
9DFLOEoHKTkqZ0KVv8885PayTT3JhltBibhD/gN6DbkAgG2xyRX9k6XUKfz39Dfn
TaGMe8dRgCRCkPDjrlkUzjqUfExj2mCofVDV1m0sXGOvmAyzqfY5UGT2zUSZUrHu
99hyS8YfES93zP78j4kyB/h7NVVth1bT+QrHoIthAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULAO25cS8LlVGr6u5n6FDnkQLJ/YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NkYTVlZDE3LWJjM2UtNGFmMC1hZDk5LTQ0ZjUxODA1M2JmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXYceAwDQYJKoZIhvcNAQELBQADggEBAGflmsCYQVm+QbTDlKm65bo4JHqc
XrrwkgzdjloEpodXM6ieN5LHRgWZ2g0wlc0K8hRLkc4/3Ug5cqFrlw5N9CXvu9Ak
nsupkfSOEnmosWazP43qFaLjWBnZc9pYWcy1CBFlYMbTk2lrmgyVa6euMTyz1bI/
qzggjR36V2RiuqxtpnNZUomZWBwjaS4tr3WkwyeaXRtorbqb232n1UUNtwHclcFZ
4hC5TfYuh8aUZ1T1GDUUOzGK/U0g9u0vWMAV5CPMEIOirstXT12AZ8ZzSP7E0dYD
EfO9y7wOcSDJUW16eO8DNhVn12eRlbabqI84XnfBnXE1aGA7NSorJnEp5tc=
-----END CERTIFICATE-----