Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a65e10-48ad-4936-804e-a92f5d78a1b6.roa
File:                     e9a65e10-48ad-4936-804e-a92f5d78a1b6.roa (raw, json)
Hash identifier:          gcaBlEpZ+fmmPikTPrBpr6asvkXQR86ud7VtbsTchiQ=
Subject key identifier:   C4:9A:E9:1B:DD:77:F2:13:DC:F4:A8:17:D3:17:5D:B6:4A:1B:3E:2A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6AD41E449F0517B31B5CC52B23CD492BE880C895
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a65e10-48ad-4936-804e-a92f5d78a1b6.roa
Signing time:             Tue 31 Dec 2024 00:00:00 +0000
ROA not before:           Tue 31 Dec 2024 00:00:00 +0000
ROA not after:            Tue 04 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.174.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:d4:1e:44:9f:05:17:b3:1b:5c:c5:2b:23:cd:49:2b:e8:80:c8:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 31 00:00:00 2024 GMT
            Not After : Feb  4 23:59:59 2025 GMT
        Subject: serialNumber=aabf7583525099917285a2ea53507d3ee091bd487b57978ccec7817cc653089c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:bf:d0:39:6e:d8:44:98:a7:03:73:97:5b:21:
                    f2:42:f2:57:19:ec:d5:3d:a1:a1:0f:88:af:bd:52:
                    68:f7:5a:b2:93:6b:74:e6:22:9d:71:ea:23:30:a0:
                    ca:90:3a:3f:41:23:17:da:5e:8a:17:48:ea:c0:a8:
                    1c:e2:88:f1:ec:0f:d7:29:a3:f0:9a:1b:14:36:48:
                    d4:97:1b:2b:d9:1c:b4:ed:51:15:ef:38:7a:42:82:
                    73:9d:61:1b:47:5b:89:9d:6a:52:9f:c2:04:f9:f4:
                    96:b4:6a:52:58:e6:f5:50:5e:ce:d6:4a:45:90:85:
                    bd:93:ab:ac:a0:00:b2:99:d1:45:31:66:40:4d:11:
                    3e:9c:87:27:88:ad:d9:25:f1:ec:ce:93:09:a2:ef:
                    5c:fd:af:f8:c5:25:71:fc:dc:fd:af:d0:22:2a:61:
                    ca:d4:9f:b8:b3:90:53:7d:49:93:fb:a0:1b:94:38:
                    06:7b:3c:c7:39:23:4a:c1:d0:4b:0e:7d:99:a3:8a:
                    b4:85:e2:01:a2:1e:fe:27:71:8b:16:0c:e2:e3:0e:
                    21:af:d3:84:27:93:f2:21:20:4d:38:08:7a:01:ce:
                    8b:ef:32:05:e9:2e:15:bb:53:6a:55:86:a6:a2:34:
                    ca:d8:c6:59:da:24:63:e8:b2:c0:c4:b5:76:3c:6e:
                    f0:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:9A:E9:1B:DD:77:F2:13:DC:F4:A8:17:D3:17:5D:B6:4A:1B:3E:2A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a65e10-48ad-4936-804e-a92f5d78a1b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.174.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2b:e0:3a:e7:ee:6b:7f:80:4d:b3:c1:01:dd:fe:29:73:07:6e:
         4a:9c:93:a7:a8:dd:2b:f0:a9:6e:29:1d:5d:2d:d4:f9:b3:08:
         f3:0c:5e:50:cc:cc:e5:5c:e4:25:32:9a:e1:a5:39:ee:46:4d:
         f2:77:2c:5f:13:60:cd:d4:75:ed:75:8e:02:63:37:a5:14:d8:
         c4:d1:7f:f8:95:ca:5b:f3:cd:2f:3a:83:61:a5:a0:b4:fd:c1:
         f6:f0:e7:0b:be:26:ae:22:37:5a:6e:44:96:d5:3e:37:a5:88:
         a2:64:44:e9:96:1a:94:1f:15:8f:16:7b:4b:dc:75:e5:4a:33:
         4c:15:37:02:58:6f:4f:d7:3b:55:98:e7:e5:5a:6c:16:f1:23:
         4d:53:55:f5:8a:c8:62:c1:13:af:79:bf:6b:17:49:1b:74:3b:
         3b:2f:31:56:ce:c1:1e:ca:ea:70:b0:bd:f4:d7:fd:c2:68:03:
         bb:ad:0a:88:88:bd:f3:10:58:ff:46:29:b2:a9:26:bc:0e:ec:
         6a:8e:08:24:18:92:22:ce:23:db:0a:38:20:33:97:e4:0e:bb:
         94:a6:39:51:a5:73:44:53:e0:7d:88:75:dc:46:ca:87:62:b7:
         cb:9e:2c:c7:ea:72:66:ca:9d:e2:fe:c4:3f:4b:f1:08:e0:46:
         59:f8:08:39
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUatQeRJ8FF7MbXMUrI81JK+iAyJUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMxMDAwMDAwWhcNMjUwMjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYWJmNzU4MzUyNTA5OTkxNzI4NWEyZWE1MzUwN2QzZWUw
OTFiZDQ4N2I1Nzk3OGNjZWM3ODE3Y2M2NTMwODljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2v9A5bthEmKcDc5dbIfJC8lcZ7NU9oaEPiK+9Umj3WrKT
a3TmIp1x6iMwoMqQOj9BIxfaXooXSOrAqBziiPHsD9cpo/CaGxQ2SNSXGyvZHLTt
URXvOHpCgnOdYRtHW4mdalKfwgT59Ja0alJY5vVQXs7WSkWQhb2Tq6ygALKZ0UUx
ZkBNET6chyeIrdkl8ezOkwmi71z9r/jFJXH83P2v0CIqYcrUn7izkFN9SZP7oBuU
OAZ7PMc5I0rB0EsOfZmjirSF4gGiHv4ncYsWDOLjDiGv04Qnk/IhIE04CHoBzovv
MgXpLhW7U2pVhqaiNMrYxlnaJGPossDEtXY8bvBnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUxJrpG9138hPc9KgX0xddtkobPiowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U5YTY1ZTEwLTQ4YWQtNDkzNi04MDRlLWE5MmY1ZDc4YTFiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQrjANBgkqhkiG9w0BAQsFAAOCAQEAK+A65+5rf4BNs8EB3f4pcwduSpyT
p6jdK/CpbikdXS3U+bMI8wxeUMzM5VzkJTKa4aU57kZN8ncsXxNgzdR17XWOAmM3
pRTYxNF/+JXKW/PNLzqDYaWgtP3B9vDnC74mriI3Wm5EltU+N6WIomRE6ZYalB8V
jxZ7S9x15UozTBU3AlhvT9c7VZjn5VpsFvEjTVNV9YrIYsETr3m/axdJG3Q7Oy8x
Vs7BHsrqcLC99Nf9wmgDu60KiIi98xBY/0YpsqkmvA7sao4IJBiSIs4j2wo4IDOX
5A67lKY5UaVzRFPgfYh13EbKh2K3y54sx+pyZsqd4v7EP0vxCOBGWfgIOQ==
-----END CERTIFICATE-----