Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d36486f0-0677-44ad-9f5e-5f005263302f.roa
File:                     d36486f0-0677-44ad-9f5e-5f005263302f.roa (raw, json)
Hash identifier:          3rQk2EPDkKnVal67nA8/z9cn7ulsuQjB7YC7b8aM1nw=
Subject key identifier:   50:D6:4C:79:AD:14:16:C3:D6:A9:97:33:08:12:07:FA:94:52:8D:28
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1EEAA777DB35E2BBB3367C045DAF9CC8BF3B8FB9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d36486f0-0677-44ad-9f5e-5f005263302f.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f12::/36 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:ea:a7:77:db:35:e2:bb:b3:36:7c:04:5d:af:9c:c8:bf:3b:8f:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=a929d24e6ee96abb6fa525888d11a54ec81656d3c9ba9bc531c098051c656106, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b9:36:4e:63:b7:2b:f7:9d:a1:25:1c:6e:bc:
                    b6:3c:4b:7b:25:7a:27:5c:39:d6:47:63:96:a1:94:
                    f4:5f:25:20:1f:80:97:fd:5e:e9:57:f5:e1:3f:f0:
                    78:ba:2c:c9:db:24:f8:05:fc:56:d2:0a:e8:49:a3:
                    c7:ed:5a:ad:99:81:e5:95:70:80:61:69:c5:40:24:
                    5d:f3:9a:6a:32:6e:05:07:c9:ab:2a:d9:bc:21:70:
                    c8:5c:92:1a:fa:0a:fe:ac:fa:98:4e:94:bf:df:34:
                    34:ea:af:bf:31:55:87:31:87:06:86:1e:04:99:ce:
                    5b:53:01:82:f9:8e:37:27:75:46:44:c3:7d:64:24:
                    6f:08:60:a9:3f:cf:a2:c1:f3:20:1d:67:5a:db:26:
                    51:56:87:f9:d6:3b:bd:38:4b:2e:57:99:b6:eb:57:
                    bc:07:8e:ec:d6:1d:d8:42:f5:81:37:c5:cd:0c:46:
                    16:d0:e4:a0:e4:e5:6b:1d:c0:fa:89:8a:3d:9c:38:
                    92:a9:8b:c8:f2:37:56:27:a4:a9:fe:15:85:ba:50:
                    ce:61:eb:0e:fc:d2:51:d4:69:ac:43:bd:98:10:0f:
                    1b:89:81:50:c5:2c:79:af:f7:a7:64:51:53:80:31:
                    8d:80:fa:a1:ca:50:37:34:86:a9:90:97:da:93:09:
                    2b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:D6:4C:79:AD:14:16:C3:D6:A9:97:33:08:12:07:FA:94:52:8D:28
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d36486f0-0677-44ad-9f5e-5f005263302f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f12::/36

    Signature Algorithm: sha256WithRSAEncryption
         af:a5:2a:32:85:f6:49:e9:48:ed:96:4f:cc:d5:b5:dd:4e:ba:
         ee:64:b6:aa:a9:89:88:23:a1:ec:36:da:89:ba:27:99:bb:c6:
         38:3e:e9:0e:c3:39:1a:12:cb:54:87:da:88:f8:98:dc:e2:53:
         75:b5:76:aa:10:68:68:66:d1:2a:14:d3:26:37:6b:d0:97:a2:
         09:a1:ff:26:ef:1d:4e:70:27:78:71:06:26:9f:ff:2c:a5:08:
         eb:76:76:9b:b3:05:b3:94:18:fa:86:2d:ab:e2:e4:8d:5d:d5:
         de:a4:46:15:2a:bb:78:74:3c:ba:d9:7e:86:2d:9a:26:7f:e3:
         2e:c6:e7:ca:61:0b:7d:5e:6c:20:83:c6:94:66:40:85:64:aa:
         8b:04:51:81:17:88:77:82:e4:14:8b:b5:98:52:42:14:4e:71:
         06:bc:4e:45:21:bf:35:ac:3a:ba:9d:c2:09:f6:1f:06:0c:ca:
         49:74:3f:51:54:9c:6b:ba:0b:da:3e:03:79:45:45:8c:c6:40:
         d4:65:85:74:cb:1f:52:69:f6:0f:58:c7:03:2f:3f:7f:86:56:
         60:d1:12:f1:a9:3e:7e:9b:df:f3:c9:e6:18:08:13:3a:a9:19:
         3f:be:91:8c:0f:e1:59:20:96:9a:6e:03:9d:c1:67:46:df:6b:
         27:4d:cb:ac
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHuqnd9s14ruzNnwEXa+cyL87j7kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTI5ZDI0ZTZlZTk2YWJiNmZhNTI1ODg4ZDExYTU0ZWM4
MTY1NmQzYzliYTliYzUzMWMwOTgwNTFjNjU2MTA2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9uTZOY7cr952hJRxuvLY8S3sleidcOdZHY5ahlPRfJSAf
gJf9XulX9eE/8Hi6LMnbJPgF/FbSCuhJo8ftWq2ZgeWVcIBhacVAJF3zmmoybgUH
yasq2bwhcMhckhr6Cv6s+phOlL/fNDTqr78xVYcxhwaGHgSZzltTAYL5jjcndUZE
w31kJG8IYKk/z6LB8yAdZ1rbJlFWh/nWO704Sy5XmbbrV7wHjuzWHdhC9YE3xc0M
RhbQ5KDk5WsdwPqJij2cOJKpi8jyN1YnpKn+FYW6UM5h6w780lHUaaxDvZgQDxuJ
gVDFLHmv96dkUVOAMY2A+qHKUDc0hqmQl9qTCSvpAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUUNZMea0UFsPWqZczCBIH+pRSjSgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QzNjQ4NmYwLTA2NzctNDRhZC05ZjVlLTVmMDA1MjYzMzAyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8SADANBgkqhkiG9w0BAQsFAAOCAQEAr6UqMoX2SelI7ZZPzNW13U66
7mS2qqmJiCOh7DbaibonmbvGOD7pDsM5GhLLVIfaiPiY3OJTdbV2qhBoaGbRKhTT
Jjdr0JeiCaH/Ju8dTnAneHEGJp//LKUI63Z2m7MFs5QY+oYtq+LkjV3V3qRGFSq7
eHQ8utl+hi2aJn/jLsbnymELfV5sIIPGlGZAhWSqiwRRgReId4LkFIu1mFJCFE5x
BrxORSG/Naw6up3CCfYfBgzKSXQ/UVSca7oL2j4DeUVFjMZA1GWFdMsfUmn2D1jH
Ay8/f4ZWYNES8ak+fpvf88nmGAgTOqkZP76RjA/hWSCWmm4DncFnRt9rJ03LrA==
-----END CERTIFICATE-----