Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0bf3e48-57ba-4dc1-a533-c3b048a00391.roa
File:                     e0bf3e48-57ba-4dc1-a533-c3b048a00391.roa (raw, json)
Hash identifier:          fSZVW4yirX1yDG4UtsE/SRrQibH9UcZ4PMsFwC8wSiw=
Subject key identifier:   4B:B7:1C:CE:43:09:86:A2:8A:57:C3:EE:74:2B:F9:6D:02:E2:DC:C9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       744EB32A0FF702226B9A2B3DE7A6D56A01731B13
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0bf3e48-57ba-4dc1-a533-c3b048a00391.roa
Signing time:             Fri 20 Dec 2024 00:00:00 +0000
ROA not before:           Fri 20 Dec 2024 00:00:00 +0000
ROA not after:            Fri 24 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        82.176.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:4e:b3:2a:0f:f7:02:22:6b:9a:2b:3d:e7:a6:d5:6a:01:73:1b:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 20 00:00:00 2024 GMT
            Not After : Jan 24 23:59:59 2025 GMT
        Subject: serialNumber=c8e3d56f3c7436b59f3dae80a1094b9988608979adc203d365edf714203d27f3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:61:d6:46:d4:46:74:89:06:a9:b1:56:2c:f8:
                    b5:ab:ba:17:46:b0:21:96:46:5f:c6:9f:2a:d3:b1:
                    56:1c:bf:d1:fc:9a:b8:e8:d5:0a:69:ea:9d:9d:14:
                    9b:cd:9e:68:6b:d6:94:f4:f8:07:77:73:3b:4e:c0:
                    51:9c:a6:27:fd:67:cf:bf:30:55:69:8d:30:41:aa:
                    86:c5:a9:fb:f6:b0:97:27:c9:96:d3:ae:97:78:12:
                    65:fd:38:3c:20:d6:80:c2:6c:6f:50:1a:4b:18:18:
                    c6:99:92:33:69:39:43:54:af:81:09:c7:c1:92:d9:
                    02:32:67:f0:7a:22:b2:9d:9e:5d:9f:d6:ab:a7:12:
                    48:e0:82:2f:c5:a1:47:d9:c7:74:3d:c0:48:a0:0b:
                    3a:99:6d:e1:20:51:35:92:6a:30:b9:e4:ef:1d:5f:
                    ba:a5:35:0c:6d:6d:4a:80:bc:1a:36:e2:42:eb:1c:
                    34:f7:69:76:34:5a:32:4d:0f:07:14:f4:56:b1:6f:
                    8f:7f:b6:a3:6e:29:6b:7f:27:ea:94:44:43:96:75:
                    05:5a:c5:4c:24:dc:e7:d5:9f:e3:d4:b0:36:24:80:
                    e4:b1:d6:dd:06:c0:73:41:1c:33:54:34:0b:a8:d1:
                    39:94:90:a8:e4:39:d2:5b:17:f8:bb:7b:96:b6:c7:
                    71:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:B7:1C:CE:43:09:86:A2:8A:57:C3:EE:74:2B:F9:6D:02:E2:DC:C9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0bf3e48-57ba-4dc1-a533-c3b048a00391.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.176.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:f6:07:4f:c3:bc:bd:93:31:8d:78:56:30:98:69:ff:79:6e:
         5b:22:97:66:70:ab:38:6f:90:07:bb:8a:76:e4:9a:66:8b:a7:
         b9:5f:2b:e0:fc:52:3b:65:84:6a:2c:c4:81:5c:19:84:81:56:
         82:97:91:ae:c7:97:75:a3:a9:8f:92:5a:7b:fd:9c:c9:05:7d:
         44:17:7a:df:d9:f9:ce:2d:23:e6:f3:96:3b:32:d8:72:b1:d8:
         e3:7d:bf:33:2d:5b:2f:c5:90:cb:b1:48:98:b7:ae:f3:38:52:
         22:63:ad:2e:ff:70:ab:64:68:6b:67:52:8c:5d:dc:86:e4:f4:
         7d:6b:f1:51:12:5d:25:28:41:54:c0:99:d7:a3:d1:88:51:80:
         fa:7b:0d:f4:94:be:3f:81:9b:ee:aa:fb:32:7a:83:fd:4a:ce:
         47:c1:46:b9:7c:33:4e:79:64:c7:63:64:34:c0:a4:a4:a4:2a:
         96:2f:65:f3:64:26:8b:0f:ac:9f:de:03:c2:68:05:be:df:74:
         72:fc:3d:a2:61:c9:6c:67:e8:df:87:da:92:21:81:ab:48:0a:
         9d:c5:a9:20:16:4b:c0:58:f3:88:a4:41:b8:eb:f8:33:21:99:
         14:71:4b:7f:bd:29:6c:35:9a:07:ae:07:5b:46:57:f4:2d:5b:
         91:23:38:02
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdE6zKg/3AiJrmis956bVagFzGxMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIwMDAwMDAwWhcNMjUwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjOGUzZDU2ZjNjNzQzNmI1OWYzZGFlODBhMTA5NGI5OTg4
NjA4OTc5YWRjMjAzZDM2NWVkZjcxNDIwM2QyN2YzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzYdZG1EZ0iQapsVYs+LWruhdGsCGWRl/GnyrTsVYcv9H8
mrjo1Qpp6p2dFJvNnmhr1pT0+Ad3cztOwFGcpif9Z8+/MFVpjTBBqobFqfv2sJcn
yZbTrpd4EmX9ODwg1oDCbG9QGksYGMaZkjNpOUNUr4EJx8GS2QIyZ/B6IrKdnl2f
1qunEkjggi/FoUfZx3Q9wEigCzqZbeEgUTWSajC55O8dX7qlNQxtbUqAvBo24kLr
HDT3aXY0WjJNDwcU9Faxb49/tqNuKWt/J+qUREOWdQVaxUwk3OfVn+PUsDYkgOSx
1t0GwHNBHDNUNAuo0TmUkKjkOdJbF/i7e5a2x3FxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUS7cczkMJhqKKV8PudCv5bQLi3MkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UwYmYzZTQ4LTU3YmEtNGRjMS1hNTMzLWMzYjA0OGEwMDM5MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBSsDANBgkqhkiG9w0BAQsFAAOCAQEAgfYHT8O8vZMxjXhWMJhp/3luWyKX
ZnCrOG+QB7uKduSaZounuV8r4PxSO2WEaizEgVwZhIFWgpeRrseXdaOpj5Jae/2c
yQV9RBd639n5zi0j5vOWOzLYcrHY432/My1bL8WQy7FImLeu8zhSImOtLv9wq2Ro
a2dSjF3chuT0fWvxURJdJShBVMCZ16PRiFGA+nsN9JS+P4Gb7qr7MnqD/UrOR8FG
uXwzTnlkx2NkNMCkpKQqli9l82Qmiw+sn94DwmgFvt90cvw9omHJbGfo34fakiGB
q0gKncWpIBZLwFjziKRBuOv4MyGZFHFLf70pbDWaB64HW0ZX9C1bkSM4Ag==
-----END CERTIFICATE-----