Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb0e2934-f44c-47a1-89ff-f989460d93bf.roa
File:                     fb0e2934-f44c-47a1-89ff-f989460d93bf.roa (raw, json)
Hash identifier:          ZuQLVreDVWVenuMDTiv5HKmoX2dPrlrm5miN8FpXQPk=
Subject key identifier:   8A:33:FD:3F:E3:AF:20:00:B8:C8:44:6F:93:C4:5A:DE:8F:FD:B9:19
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       24EA09502B5781CF2FBE5057AD17F0023FB0E6E1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb0e2934-f44c-47a1-89ff-f989460d93bf.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        164.168.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:ea:09:50:2b:57:81:cf:2f:be:50:57:ad:17:f0:02:3f:b0:e6:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=f2f20a190ae37a2584c3759ef7c80237ce133865a4852b059cae2950ae1999fb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:34:5d:eb:40:11:0b:72:bb:a7:59:cd:ba:e3:
                    2f:39:9f:48:d2:41:07:2b:c6:56:98:dd:4c:07:ab:
                    fc:96:1b:0e:6a:bd:dd:c8:29:4d:f6:26:4f:84:33:
                    12:41:df:d0:40:fd:fa:9a:54:9d:90:1b:32:06:67:
                    05:95:0d:3e:d9:7e:55:5d:38:44:e8:9c:f0:c2:8e:
                    f1:1d:f2:17:af:d8:17:e3:d7:58:c0:bc:70:67:fe:
                    80:d9:87:3b:b6:c4:c3:73:17:40:06:47:f8:5d:d0:
                    ca:80:6c:e9:1d:8e:17:d2:6a:19:6c:18:8d:48:73:
                    b6:8b:34:9c:f2:17:0e:72:36:4a:41:67:28:51:90:
                    a5:08:88:d1:cb:68:f8:15:28:05:3c:cb:1a:1c:b6:
                    56:6d:9c:b6:37:f6:a2:b3:90:30:44:86:b4:80:0d:
                    92:6d:85:f8:82:75:45:29:c8:c6:7f:ee:be:6d:9a:
                    0a:57:fd:cd:7b:6d:57:e6:e7:44:1e:db:01:33:e0:
                    98:9a:8c:ec:d7:59:f1:11:2a:0b:2f:2f:d4:b0:0f:
                    04:7b:e2:37:f3:b9:5c:7c:dd:ac:e4:bf:a6:eb:89:
                    c1:c1:a7:e0:94:fc:ba:66:8b:72:57:10:0c:67:fb:
                    7e:00:64:7a:ec:45:bd:7e:16:e2:7b:de:01:be:99:
                    04:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:33:FD:3F:E3:AF:20:00:B8:C8:44:6F:93:C4:5A:DE:8F:FD:B9:19
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb0e2934-f44c-47a1-89ff-f989460d93bf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.168.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:8e:21:47:e8:2d:7d:01:9c:1f:99:58:46:31:c3:46:c2:d8:
         e6:0a:11:c2:a8:ef:2c:6c:2f:c9:9b:4e:84:4d:9b:60:d4:55:
         4a:e7:03:9a:87:51:2e:90:20:74:6e:9e:47:fb:99:70:b7:c3:
         36:30:23:cd:fb:72:f0:9b:9b:32:3d:be:3a:33:5b:1f:b0:ce:
         91:15:93:a6:f8:ef:5f:c2:e0:93:53:a5:f9:e6:a1:95:c5:08:
         98:fb:11:b8:ec:c4:3c:80:71:3c:81:be:a1:27:58:db:01:1c:
         33:2a:4a:f3:dc:0f:01:15:bf:f6:03:ff:46:c7:2b:d8:a3:86:
         8f:73:5f:76:6b:a2:98:84:a1:fa:ce:57:45:83:38:9f:b5:9d:
         dc:fb:6c:56:c0:11:0e:74:71:cc:04:16:04:17:ee:8a:32:34:
         a0:4b:ca:c9:7f:bd:b9:0f:0d:43:8d:36:7d:56:66:8e:2c:75:
         ba:20:0d:0b:4a:35:9c:ec:4f:b2:cf:9e:50:5c:80:7d:2b:54:
         b7:3a:1d:9d:df:72:5e:0e:b0:8b:b3:8d:25:5f:f8:4b:ce:6f:
         c4:18:25:a2:62:3e:52:6f:52:86:fa:2f:fd:8b:70:ca:34:5a:
         4c:94:3b:e2:61:10:3c:f6:ca:f8:84:78:fc:8e:d7:03:29:b7:
         36:d7:fb:4a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJOoJUCtXgc8vvlBXrRfwAj+w5uEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMmYyMGExOTBhZTM3YTI1ODRjMzc1OWVmN2M4MDIzN2Nl
MTMzODY1YTQ4NTJiMDU5Y2FlMjk1MGFlMTk5OWZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmNF3rQBELcrunWc264y85n0jSQQcrxlaY3UwHq/yWGw5q
vd3IKU32Jk+EMxJB39BA/fqaVJ2QGzIGZwWVDT7ZflVdOETonPDCjvEd8hev2Bfj
11jAvHBn/oDZhzu2xMNzF0AGR/hd0MqAbOkdjhfSahlsGI1Ic7aLNJzyFw5yNkpB
ZyhRkKUIiNHLaPgVKAU8yxoctlZtnLY39qKzkDBEhrSADZJthfiCdUUpyMZ/7r5t
mgpX/c17bVfm50Qe2wEz4JiajOzXWfERKgsvL9SwDwR74jfzuVx83azkv6bricHB
p+CU/Lpmi3JXEAxn+34AZHrsRb1+FuJ73gG+mQRTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUijP9P+OvIAC4yERvk8Ra3o/9uRkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZiMGUyOTM0LWY0NGMtNDdhMS04OWZmLWY5ODk0NjBkOTNiZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCkqDANBgkqhkiG9w0BAQsFAAOCAQEAgY4hR+gtfQGcH5lYRjHDRsLY5goR
wqjvLGwvyZtOhE2bYNRVSucDmodRLpAgdG6eR/uZcLfDNjAjzfty8JubMj2+OjNb
H7DOkRWTpvjvX8Lgk1Ol+eahlcUImPsRuOzEPIBxPIG+oSdY2wEcMypK89wPARW/
9gP/Rscr2KOGj3NfdmuimISh+s5XRYM4n7Wd3PtsVsARDnRxzAQWBBfuijI0oEvK
yX+9uQ8NQ402fVZmjix1uiANC0o1nOxPss+eUFyAfStUtzodnd9yXg6wi7ONJV/4
S85vxBglomI+Um9Shvov/YtwyjRaTJQ74mEQPPbK+IR4/I7XAym3Ntf7Sg==
-----END CERTIFICATE-----