Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e289dd8a-aa31-4ceb-9d71-28e1800b4b63.roa
File:                     e289dd8a-aa31-4ceb-9d71-28e1800b4b63.roa (raw, json)
Hash identifier:          +LUOliR+HHtwsMx331Fw8FP9DMt4NKqmwVgULx5YPCw=
Subject key identifier:   F6:AB:4B:9F:93:15:B1:BB:92:AF:84:BD:2B:41:CE:EC:1C:75:B4:33
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0CE767D016A768BF21DC4C897FE8031BE28CFA07
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e289dd8a-aa31-4ceb-9d71-28e1800b4b63.roa
Signing time:             Sat 28 Dec 2024 00:00:00 +0000
ROA not before:           Sat 28 Dec 2024 00:00:00 +0000
ROA not after:            Sat 01 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        16.209.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:e7:67:d0:16:a7:68:bf:21:dc:4c:89:7f:e8:03:1b:e2:8c:fa:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 28 00:00:00 2024 GMT
            Not After : Feb  1 23:59:59 2025 GMT
        Subject: serialNumber=70b72777742701f1c8d67df6e81037a88e2296404d86f0cf34c08f878f54a2e9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:68:5b:07:d9:2f:3a:44:8c:f0:de:2a:db:7e:
                    0e:01:37:ba:eb:cc:8e:8f:44:bb:25:50:9a:9b:35:
                    58:67:22:00:1a:a7:b4:ab:ed:0a:96:63:e1:45:6d:
                    35:e2:3c:8c:96:4e:99:61:5b:53:45:b4:74:f7:fe:
                    95:67:ff:f5:3b:c4:ce:36:36:2a:57:91:f0:f8:58:
                    48:ae:69:ea:d0:c8:51:12:87:e4:dc:bc:a5:b4:0e:
                    bc:16:da:44:48:9a:7e:03:61:27:a9:b0:31:00:74:
                    13:03:c5:27:9e:bf:61:8f:55:30:41:8b:8b:22:94:
                    ed:bc:62:8f:f6:e1:9f:23:e9:52:11:2d:7a:dd:72:
                    8f:8d:65:bf:05:fb:da:b2:20:69:34:2b:8d:81:31:
                    0b:86:ab:1e:83:0a:44:b1:05:73:a4:c6:ec:b2:d6:
                    59:12:34:ab:99:06:c9:93:f9:87:89:f7:72:da:98:
                    f1:c6:db:93:33:91:8a:e4:c4:f9:7d:85:27:65:a4:
                    9b:b8:81:cb:37:af:e7:c4:99:93:b1:34:4b:6f:a5:
                    33:cf:60:c9:7b:77:d9:f0:b8:4d:b7:7c:e9:9c:d0:
                    eb:2d:f0:8d:a3:b8:72:a9:d4:c5:db:5b:c1:74:66:
                    7f:6d:1a:ee:fa:28:b7:4b:a3:ca:bd:cb:b1:1a:e8:
                    15:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:AB:4B:9F:93:15:B1:BB:92:AF:84:BD:2B:41:CE:EC:1C:75:B4:33
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e289dd8a-aa31-4ceb-9d71-28e1800b4b63.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.209.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         97:f1:b1:7b:3a:84:2b:9b:92:46:6d:34:c6:62:7b:c8:c0:cd:
         0b:19:49:89:e1:72:a7:ab:b5:05:62:82:6a:24:7b:3d:57:0b:
         38:b7:aa:78:16:08:07:0e:d3:09:4a:2b:66:fc:aa:54:e9:14:
         98:94:df:bd:b9:df:a3:1b:b7:f3:ac:62:1b:24:f2:b6:c3:b1:
         5c:9f:cf:95:94:cc:2f:3a:e7:d0:0b:98:25:ae:f3:65:0e:fc:
         57:a3:8c:30:97:f0:7d:5e:e8:a5:e0:f3:f3:20:62:b0:b4:69:
         1e:0c:ba:96:41:22:72:40:0a:8c:c8:57:36:ad:9e:ee:1e:a9:
         45:66:5d:ae:38:1f:88:00:af:9e:31:fe:9a:ae:b6:e9:68:a8:
         a6:5d:7e:9e:f9:3f:e6:ce:e7:c5:b9:08:e3:4b:51:58:c4:dd:
         85:14:08:88:7e:80:db:28:9a:74:02:4b:2f:bc:47:9d:78:8b:
         52:63:b6:e5:dd:5f:d4:34:b1:75:b1:e8:2c:1a:7d:30:79:a4:
         3e:a6:36:ac:a3:98:8c:7a:88:01:34:2d:cd:19:a0:46:d3:f2:
         39:20:ec:a3:55:73:d8:21:95:56:b8:6d:da:15:f5:b5:77:9d:
         b9:7d:c1:79:99:87:2a:1e:3c:ad:81:d7:00:5e:aa:97:b4:37:
         cf:fa:e1:c7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDOdn0BanaL8h3EyJf+gDG+KM+gcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI4MDAwMDAwWhcNMjUwMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MGI3Mjc3Nzc0MjcwMWYxYzhkNjdkZjZlODEwMzdhODhl
MjI5NjQwNGQ4NmYwY2YzNGMwOGY4NzhmNTRhMmU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChaFsH2S86RIzw3irbfg4BN7rrzI6PRLslUJqbNVhnIgAa
p7Sr7QqWY+FFbTXiPIyWTplhW1NFtHT3/pVn//U7xM42NipXkfD4WEiuaerQyFES
h+TcvKW0DrwW2kRImn4DYSepsDEAdBMDxSeev2GPVTBBi4silO28Yo/24Z8j6VIR
LXrdco+NZb8F+9qyIGk0K42BMQuGqx6DCkSxBXOkxuyy1lkSNKuZBsmT+YeJ93La
mPHG25MzkYrkxPl9hSdlpJu4gcs3r+fEmZOxNEtvpTPPYMl7d9nwuE23fOmc0Ost
8I2juHKp1MXbW8F0Zn9tGu76KLdLo8q9y7Ea6BVTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9qtLn5MVsbuSr4S9K0HO7Bx1tDMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyODlkZDhhLWFhMzEtNGNlYi05ZDcxLTI4ZTE4MDBiNGI2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQ0TANBgkqhkiG9w0BAQsFAAOCAQEAl/GxezqEK5uSRm00xmJ7yMDNCxlJ
ieFyp6u1BWKCaiR7PVcLOLeqeBYIBw7TCUorZvyqVOkUmJTfvbnfoxu386xiGyTy
tsOxXJ/PlZTMLzrn0AuYJa7zZQ78V6OMMJfwfV7opeDz8yBisLRpHgy6lkEickAK
jMhXNq2e7h6pRWZdrjgfiACvnjH+mq626Wiopl1+nvk/5s7nxbkI40tRWMTdhRQI
iH6A2yiadAJLL7xHnXiLUmO25d1f1DSxdbHoLBp9MHmkPqY2rKOYjHqIATQtzRmg
RtPyOSDso1Vz2CGVVrht2hX1tXeduX3BeZmHKh48rYHXAF6ql7Q3z/rhxw==
-----END CERTIFICATE-----