Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdefbe7f-027a-48b3-9ebb-81dcb353976a.roa
File:                     cdefbe7f-027a-48b3-9ebb-81dcb353976a.roa (raw, json)
Hash identifier:          tLeafU6sPMO6kxt8Fzd7JIpgnSgpH6o8hsVvVVksoWQ=
Subject key identifier:   DE:59:0C:49:14:80:6B:00:26:50:97:02:F3:36:49:F5:D4:DB:7D:6E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7619BF4FD5813A2BF695FB4FCE2D869352D07EFA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdefbe7f-027a-48b3-9ebb-81dcb353976a.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.113.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:19:bf:4f:d5:81:3a:2b:f6:95:fb:4f:ce:2d:86:93:52:d0:7e:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=91f632aa88ccdc6c537d271b270f3c210b7ec34dad959950bff3d21157d6e4ea, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:05:4e:0f:35:73:a2:55:65:0b:bc:fb:1d:ff:
                    29:77:ad:e7:ec:db:f5:f3:bd:fb:e9:26:3c:ca:63:
                    a7:9e:71:bc:dc:4a:7f:20:fd:96:f3:fc:53:7f:77:
                    18:04:2e:82:58:48:af:a2:b5:99:73:ca:91:0f:df:
                    52:fc:0d:4e:c8:e7:a4:a9:4c:75:19:38:f8:a0:ff:
                    a5:d4:58:4d:ba:d8:4d:b4:e2:08:ec:66:03:8a:e2:
                    8a:62:e7:4f:12:8d:6c:73:09:b1:5f:2c:c3:ba:c9:
                    a1:41:b7:36:b2:ad:df:85:f3:30:e3:bf:d6:80:4c:
                    95:9d:cc:cb:9c:51:c0:5e:6f:ad:d2:1f:ad:93:3e:
                    23:1d:fe:e3:17:08:f0:ec:45:2a:71:c0:e0:42:31:
                    49:20:3a:77:fe:27:ff:12:6f:47:05:c7:7f:3f:e4:
                    b7:6c:fc:5c:a3:bd:0d:7e:77:0e:0d:51:1d:7c:55:
                    e8:f3:96:8d:e9:86:bf:18:35:ea:79:81:f3:3d:0b:
                    12:79:be:a8:48:e7:e6:58:3a:7c:40:5e:6b:e4:c3:
                    1d:fb:65:87:a2:01:31:8b:b3:5b:96:85:88:a6:b5:
                    c3:61:96:cf:e5:11:4b:a0:3e:9e:98:70:1d:4d:ff:
                    05:9b:bf:b0:a4:4b:41:f1:3f:3c:69:f3:93:2f:b9:
                    a5:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:59:0C:49:14:80:6B:00:26:50:97:02:F3:36:49:F5:D4:DB:7D:6E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cdefbe7f-027a-48b3-9ebb-81dcb353976a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.113.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         60:e5:9a:50:d7:98:ff:d1:6d:66:5a:d9:29:8a:7b:54:ca:b6:
         c0:4e:0c:f9:1e:19:64:6b:49:58:f6:84:b4:c9:0e:e8:02:29:
         99:5a:2e:fb:aa:16:35:17:fb:96:a5:9c:9e:7f:90:85:9f:1b:
         0c:50:df:ae:6d:60:50:b1:0b:7f:ae:6e:53:44:d0:df:fd:6a:
         eb:fc:9a:c9:eb:33:50:b2:f2:ae:d7:7d:14:94:f5:ba:1a:e3:
         2c:55:56:9e:81:0e:a7:58:80:dd:c3:e8:53:81:0e:25:a3:5c:
         9a:9d:33:8a:de:04:0d:0b:87:99:de:82:ef:09:38:90:a4:2c:
         72:cb:fe:25:5c:ba:6a:7c:cc:1d:0c:da:ba:9b:54:4e:89:8b:
         8a:ae:a8:d2:f9:84:d0:cc:55:bc:83:e5:4b:d4:56:a2:f3:36:
         6a:b3:45:06:54:84:a0:87:8b:d4:f9:a6:1d:74:d2:29:44:6c:
         23:29:6d:f2:a5:6e:7a:f3:6c:20:4e:85:6e:45:00:b3:64:3d:
         f7:e1:f1:ab:a8:d7:d3:27:6f:bd:eb:ca:2f:3f:d9:2b:22:4d:
         f3:8d:28:dd:16:fc:84:bc:d0:46:a4:a4:bb:c4:a6:e8:6f:7f:
         30:89:d5:93:1c:41:1a:e6:94:49:48:8e:3c:ed:33:eb:d1:98:
         50:fa:39:50
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdhm/T9WBOiv2lftPzi2Gk1LQfvowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MWY2MzJhYTg4Y2NkYzZjNTM3ZDI3MWIyNzBmM2MyMTBi
N2VjMzRkYWQ5NTk5NTBiZmYzZDIxMTU3ZDZlNGVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDBU4PNXOiVWULvPsd/yl3refs2/XzvfvpJjzKY6eecbzc
Sn8g/Zbz/FN/dxgELoJYSK+itZlzypEP31L8DU7I56SpTHUZOPig/6XUWE262E20
4gjsZgOK4opi508SjWxzCbFfLMO6yaFBtzayrd+F8zDjv9aATJWdzMucUcBeb63S
H62TPiMd/uMXCPDsRSpxwOBCMUkgOnf+J/8Sb0cFx38/5Lds/FyjvQ1+dw4NUR18
Vejzlo3phr8YNep5gfM9CxJ5vqhI5+ZYOnxAXmvkwx37ZYeiATGLs1uWhYimtcNh
ls/lEUugPp6YcB1N/wWbv7CkS0HxPzxp85MvuaW1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3lkMSRSAawAmUJcC8zZJ9dTbfW4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NkZWZiZTdmLTAyN2EtNDhiMy05ZWJiLTgxZGNiMzUzOTc2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4cTANBgkqhkiG9w0BAQsFAAOCAQEAYOWaUNeY/9FtZlrZKYp7VMq2wE4M
+R4ZZGtJWPaEtMkO6AIpmVou+6oWNRf7lqWcnn+QhZ8bDFDfrm1gULELf65uU0TQ
3/1q6/yayeszULLyrtd9FJT1uhrjLFVWnoEOp1iA3cPoU4EOJaNcmp0zit4EDQuH
md6C7wk4kKQscsv+JVy6anzMHQzauptUTomLiq6o0vmE0MxVvIPlS9RWovM2arNF
BlSEoIeL1PmmHXTSKURsIylt8qVuevNsIE6FbkUAs2Q99+Hxq6jX0ydvvevKLz/Z
KyJN840o3Rb8hLzQRqSku8Sm6G9/MInVkxxBGuaUSUiOPO0z69GYUPo5UA==
-----END CERTIFICATE-----