Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d24b1778-23f2-404a-8015-4ad08d65849a.roa
File:                     d24b1778-23f2-404a-8015-4ad08d65849a.roa (raw, json)
Hash identifier:          tmEkx580Z9bufnrDMWFOFiukRXmHX+HzlQFN3K4NzuA=
Subject key identifier:   96:1F:C6:69:2D:20:5F:23:2F:77:C4:5F:D4:9D:E4:23:C6:FA:D2:B8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3CA447A142B7C0DDF5A6BD81EF1F0B955C20F479
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d24b1778-23f2-404a-8015-4ad08d65849a.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        32.192.0.0/12 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:a4:47:a1:42:b7:c0:dd:f5:a6:bd:81:ef:1f:0b:95:5c:20:f4:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=da00107ee61640584dd6770731cbd5f8758a75309e30fcc070ad655b6af40e3d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c8:01:13:91:78:cf:b7:46:79:0e:ba:a7:fd:
                    d2:2a:f1:42:43:c3:c8:95:2a:25:7a:21:ba:69:39:
                    ff:3d:c5:40:16:d3:4f:6f:0e:b9:54:8c:23:ad:b5:
                    0a:a6:4b:31:28:53:22:83:50:9e:02:f2:8e:36:2d:
                    72:67:0d:af:8b:b8:08:78:bb:9a:1a:51:bc:9c:b6:
                    f4:8d:41:43:e0:6c:28:e6:90:64:ba:fc:62:c5:84:
                    18:48:9d:e3:35:8d:d8:50:c4:b1:f8:b7:8f:48:e4:
                    b7:35:01:a2:bd:ca:69:95:0a:de:27:a2:02:99:e4:
                    2b:b8:86:12:23:6c:3c:53:eb:09:a4:c7:26:c9:9a:
                    36:48:80:d2:a7:69:4a:b3:e0:2d:22:ad:1d:90:fe:
                    7d:16:b2:a3:15:01:94:3c:7e:61:70:be:c6:03:13:
                    21:40:fa:2b:0e:cf:bb:62:41:96:66:b1:3d:76:21:
                    a7:e4:99:84:3a:9f:55:18:86:46:16:0d:08:7d:78:
                    d4:46:64:6f:ec:35:72:f8:7a:12:da:e1:16:a6:9c:
                    b6:03:36:f2:b0:3c:30:6c:04:32:cb:68:68:6a:a7:
                    23:1f:9d:63:e8:4c:11:2b:6c:47:25:b6:9d:24:20:
                    87:ae:a2:25:ee:82:19:c8:0c:58:2a:c5:35:15:6f:
                    b9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:1F:C6:69:2D:20:5F:23:2F:77:C4:5F:D4:9D:E4:23:C6:FA:D2:B8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d24b1778-23f2-404a-8015-4ad08d65849a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  32.192.0.0/12

    Signature Algorithm: sha256WithRSAEncryption
         2a:d1:fb:e9:6a:3b:d9:44:af:0b:de:45:82:ee:1f:0f:4c:db:
         bb:ee:1a:d8:d1:e2:d3:83:d4:df:e9:78:77:fc:de:83:1e:09:
         1c:5f:a1:d9:9b:04:86:90:c4:8f:18:12:a6:01:88:8a:9f:33:
         27:5f:c6:b0:e6:05:d4:07:56:e3:83:58:39:2b:e2:c6:1b:e8:
         7a:93:d9:2d:2e:fd:b4:f0:dc:94:15:d4:b9:83:91:6a:4f:0e:
         f8:45:f1:b2:e0:8d:df:26:cc:14:58:d9:86:04:c4:bf:1c:57:
         64:74:5a:3d:4d:b3:fb:d9:ed:33:16:14:c5:b4:3f:e1:ce:54:
         ef:b4:60:9d:d3:56:bb:81:b8:66:4a:19:f9:35:c8:c3:fa:33:
         1c:35:0e:47:67:51:a3:b7:8b:4d:6e:41:66:76:6f:e3:b0:1a:
         31:f7:c9:ee:03:25:4b:89:74:18:a0:52:90:83:e9:7d:3a:ee:
         e9:e0:e2:d5:f3:9a:5e:ad:7d:22:af:9c:bc:b8:5d:02:df:d5:
         e4:d2:9a:cf:ba:61:5a:42:3e:db:fa:0e:8c:e3:e1:f7:23:07:
         a6:24:63:a7:a2:71:62:dd:bc:de:ed:cf:75:78:1c:be:f6:7b:
         a4:9c:a2:a4:7d:3c:e2:fa:12:c3:8c:ce:44:7c:7c:59:4e:b1:
         4b:80:63:2c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPKRHoUK3wN31pr2B7x8LlVwg9HkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTAwMTA3ZWU2MTY0MDU4NGRkNjc3MDczMWNiZDVmODc1
OGE3NTMwOWUzMGZjYzA3MGFkNjU1YjZhZjQwZTNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwyAETkXjPt0Z5Drqn/dIq8UJDw8iVKiV6IbppOf89xUAW
009vDrlUjCOttQqmSzEoUyKDUJ4C8o42LXJnDa+LuAh4u5oaUbyctvSNQUPgbCjm
kGS6/GLFhBhIneM1jdhQxLH4t49I5Lc1AaK9ymmVCt4nogKZ5Cu4hhIjbDxT6wmk
xybJmjZIgNKnaUqz4C0irR2Q/n0WsqMVAZQ8fmFwvsYDEyFA+isOz7tiQZZmsT12
IafkmYQ6n1UYhkYWDQh9eNRGZG/sNXL4ehLa4RamnLYDNvKwPDBsBDLLaGhqpyMf
nWPoTBErbEcltp0kIIeuoiXughnIDFgqxTUVb7mpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUlh/GaS0gXyMvd8Rf1J3kI8b60rgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QyNGIxNzc4LTIzZjItNDA0YS04MDE1LTRhZDA4ZDY1ODQ5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwQgwDANBgkqhkiG9w0BAQsFAAOCAQEAKtH76Wo72USvC95Fgu4fD0zbu+4a
2NHi04PU3+l4d/zegx4JHF+h2ZsEhpDEjxgSpgGIip8zJ1/GsOYF1AdW44NYOSvi
xhvoepPZLS79tPDclBXUuYORak8O+EXxsuCN3ybMFFjZhgTEvxxXZHRaPU2z+9nt
MxYUxbQ/4c5U77RgndNWu4G4ZkoZ+TXIw/ozHDUOR2dRo7eLTW5BZnZv47AaMffJ
7gMlS4l0GKBSkIPpfTru6eDi1fOaXq19Iq+cvLhdAt/V5NKaz7phWkI+2/oOjOPh
9yMHpiRjp6JxYt283u3PdXgcvvZ7pJyipH084voSw4zORHx8WU6xS4BjLA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:11:03 2025 by rpki-client