Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f278ddc0-bb85-4ddd-8ae2-798ffd0a2136.roa
File:                     f278ddc0-bb85-4ddd-8ae2-798ffd0a2136.roa (raw, json)
Hash identifier:          h+7HcT3hCFvbIXOJCEC77u2WWRTHGdkgte03MZPEFyE=
Subject key identifier:   40:8F:60:AD:6B:1E:D3:79:F7:01:28:2D:20:B2:63:69:09:CF:1B:73
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2EB0EB5746AFF9873110A6B8D76852ADFA847EE3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f278ddc0-bb85-4ddd-8ae2-798ffd0a2136.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.77.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:b0:eb:57:46:af:f9:87:31:10:a6:b8:d7:68:52:ad:fa:84:7e:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=da159383d95966fce93e732c09559d59c90a046e62926387044eb7d5db87bd70, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c4:a6:f5:1b:c7:b6:d7:58:d3:e6:44:10:e1:
                    c4:6c:ca:81:b8:09:5e:72:78:02:1f:2b:b3:27:70:
                    1e:0d:b8:b2:f8:e1:0d:02:33:6b:f2:64:fc:11:b0:
                    c0:1f:11:5a:52:98:3b:e6:e3:5b:3f:a4:57:8b:15:
                    23:de:d7:ff:2c:b6:e5:15:07:ea:78:0c:4a:5b:36:
                    36:03:6c:3c:71:0f:32:eb:21:5a:2d:77:8e:bc:5b:
                    d1:16:33:a8:4a:93:2c:5b:48:cc:6f:f3:20:f4:0d:
                    9a:48:0a:79:b8:7c:a2:48:23:13:b2:f4:2b:47:7e:
                    60:28:65:12:ea:c4:5a:25:30:9a:fa:e7:fb:0c:d9:
                    ef:c6:3d:55:8e:55:e8:c8:b8:8c:82:2f:23:14:3b:
                    69:84:c0:1a:d1:6c:14:76:dd:f5:31:cf:50:8c:2b:
                    7f:13:ba:c8:57:99:18:71:b4:f0:98:cb:af:fb:85:
                    9d:89:5b:09:1e:88:ec:23:92:c4:0f:e1:57:cd:98:
                    40:7d:84:31:7b:db:9b:b5:4f:20:ef:bd:71:3d:20:
                    fb:29:34:de:38:a3:49:74:2a:29:f1:c8:1f:ab:8f:
                    ba:ae:8b:9e:16:9f:45:22:9e:19:01:99:e6:f1:d8:
                    46:40:67:06:f5:62:4f:29:0f:00:cd:8c:35:7f:f1:
                    ad:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:8F:60:AD:6B:1E:D3:79:F7:01:28:2D:20:B2:63:69:09:CF:1B:73
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f278ddc0-bb85-4ddd-8ae2-798ffd0a2136.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.77.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         cf:41:26:24:8d:6a:a7:33:77:b3:56:bb:20:40:65:1e:90:4b:
         9b:e8:67:66:22:fe:06:5c:5d:88:ab:5d:ef:db:36:9c:35:dc:
         54:cd:70:2f:9d:46:06:43:ea:54:83:df:0a:6f:93:bd:6d:70:
         ba:9c:6c:62:6a:9a:14:22:07:cc:82:98:11:1f:02:3a:96:6c:
         86:35:d9:ec:5e:e7:69:0e:27:07:b8:e4:77:6f:da:17:9f:58:
         78:9f:61:97:94:15:52:0b:07:85:46:a1:54:37:53:28:80:00:
         69:36:e1:6c:59:91:f2:c7:cc:cc:03:d5:3b:69:02:62:14:cc:
         58:b1:2c:b1:fe:95:e0:68:95:6e:b1:24:ae:f0:0c:78:3e:2a:
         04:66:71:35:b2:8d:83:84:73:78:94:17:d2:4c:cc:e6:86:44:
         bd:f3:bc:0f:c9:8e:12:3b:0e:9e:69:47:c1:e8:44:eb:da:a7:
         5f:b4:c4:65:e7:db:5b:38:9d:4f:e3:21:e9:a9:3d:d5:16:40:
         83:2a:18:59:69:64:d7:96:71:68:8a:ba:82:e7:68:64:57:11:
         e7:5b:50:e8:73:5c:8a:c4:19:0a:a1:56:7a:76:01:56:60:8b:
         d7:dd:06:34:cb:77:26:3f:40:4b:b9:df:76:06:73:72:02:1e:
         87:02:79:51
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULrDrV0av+YcxEKa412hSrfqEfuMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTE1OTM4M2Q5NTk2NmZjZTkzZTczMmMwOTU1OWQ1OWM5
MGEwNDZlNjI5MjYzODcwNDRlYjdkNWRiODdiZDcwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMxKb1G8e211jT5kQQ4cRsyoG4CV5yeAIfK7MncB4NuLL4
4Q0CM2vyZPwRsMAfEVpSmDvm41s/pFeLFSPe1/8stuUVB+p4DEpbNjYDbDxxDzLr
IVotd468W9EWM6hKkyxbSMxv8yD0DZpICnm4fKJIIxOy9CtHfmAoZRLqxFolMJr6
5/sM2e/GPVWOVejIuIyCLyMUO2mEwBrRbBR23fUxz1CMK38TushXmRhxtPCYy6/7
hZ2JWwkeiOwjksQP4VfNmEB9hDF725u1TyDvvXE9IPspNN44o0l0KinxyB+rj7qu
i54Wn0UinhkBmebx2EZAZwb1Yk8pDwDNjDV/8a3tAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUQI9grWse03n3ASgtILJjaQnPG3MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyNzhkZGMwLWJiODUtNGRkZC04YWUyLTc5OGZmZDBhMjEzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQTTANBgkqhkiG9w0BAQsFAAOCAQEAz0EmJI1qpzN3s1a7IEBlHpBLm+hn
ZiL+BlxdiKtd79s2nDXcVM1wL51GBkPqVIPfCm+TvW1wupxsYmqaFCIHzIKYER8C
OpZshjXZ7F7naQ4nB7jkd2/aF59YeJ9hl5QVUgsHhUahVDdTKIAAaTbhbFmR8sfM
zAPVO2kCYhTMWLEssf6V4GiVbrEkrvAMeD4qBGZxNbKNg4RzeJQX0kzM5oZEvfO8
D8mOEjsOnmlHwehE69qnX7TEZefbWzidT+Mh6ak91RZAgyoYWWlk15ZxaIq6gudo
ZFcR51tQ6HNcisQZCqFWenYBVmCL190GNMt3Jj9AS7nfdgZzcgIehwJ5UQ==
-----END CERTIFICATE-----