Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/263d6c83-7170-42a9-bf3b-65a90cac3545.roa
File:                     263d6c83-7170-42a9-bf3b-65a90cac3545.roa (raw, json)
Hash identifier:          i5+ojiwoJUpjD+m12ocdzlezphwh5LPUyhGhLhdToLY=
Subject key identifier:   24:43:35:30:85:0A:01:7F:46:79:9A:23:94:5B:ED:0C:9C:C5:B1:F0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       74D8DEAF280A2B477C3C5C20970C38FFDC908D79
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/263d6c83-7170-42a9-bf3b-65a90cac3545.roa
Signing time:             Fri 23 Feb 2024 00:00:00 +0000
ROA not before:           Fri 23 Feb 2024 00:00:00 +0000
ROA not after:            Fri 29 Mar 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f18::/33 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:d8:de:af:28:0a:2b:47:7c:3c:5c:20:97:0c:38:ff:dc:90:8d:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 23 00:00:00 2024 GMT
            Not After : Mar 29 23:59:59 2024 GMT
        Subject: serialNumber=84bd142df15e3a9f639b7e2c2279f720ebf5dd94cc764f4d0e995e669736b883, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6d:7e:dc:de:79:fe:c2:52:b6:fe:4c:0b:ab:
                    89:74:6c:e4:08:8c:8a:81:24:d2:bd:84:86:4d:d0:
                    1c:35:8d:dd:92:8f:5e:87:47:d5:9f:73:6b:a4:3f:
                    37:d4:4c:99:48:63:2a:3b:46:19:be:c3:3b:a4:0f:
                    08:f2:03:ae:d1:ae:74:89:0d:80:19:af:c6:23:c2:
                    93:72:9b:77:d5:b2:ba:6b:1e:ce:15:e4:c2:f1:1a:
                    6a:51:43:fe:b9:fe:fe:f4:18:a0:c5:ef:f2:5d:0e:
                    86:b7:7d:4b:fd:86:7c:22:43:2d:0f:2d:c9:69:82:
                    75:f0:37:84:0f:d6:89:ca:6f:b1:1e:1f:ae:1b:2f:
                    8c:f4:47:5a:57:18:e5:2c:15:ad:b7:ce:d8:ba:8d:
                    50:57:f1:bb:13:a2:cc:00:24:96:d3:e6:a3:ce:ab:
                    64:70:09:9b:58:6c:55:11:7c:31:76:52:42:86:bf:
                    29:40:08:9c:1c:fd:3a:fe:45:ec:2c:de:b1:cc:60:
                    29:cf:6d:b5:4a:33:67:c8:b5:2d:83:37:2c:47:cf:
                    51:bf:d1:ea:b4:bc:87:a9:63:65:4d:1d:46:0e:24:
                    69:ec:3e:ab:9d:95:bf:77:88:76:66:57:98:32:20:
                    94:74:94:64:b7:20:f2:3d:b5:e1:fc:9c:32:89:61:
                    25:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:43:35:30:85:0A:01:7F:46:79:9A:23:94:5B:ED:0C:9C:C5:B1:F0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/263d6c83-7170-42a9-bf3b-65a90cac3545.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f18::/33

    Signature Algorithm: sha256WithRSAEncryption
         2e:95:ed:25:03:34:f1:10:26:ff:1b:68:d0:8f:16:85:2d:dc:
         df:5e:c8:71:c3:8d:e8:4e:e9:7f:c5:83:c6:b8:89:b1:78:5b:
         f1:e2:23:a1:94:97:88:62:a2:57:c6:d8:2b:1a:55:a3:cc:63:
         05:8e:b3:7f:da:f3:a6:d0:a9:5a:36:8d:2a:1c:a7:e5:0c:b7:
         6e:cf:3e:66:07:02:98:b7:0e:73:04:b7:d6:f4:27:f9:a2:7a:
         79:1e:b4:1e:91:28:76:5e:4b:b9:9e:45:1e:53:c9:9b:5d:3e:
         c5:35:31:f6:e9:07:28:f8:44:f4:ac:9d:d3:ff:fe:b6:8f:4b:
         66:49:d1:7d:c5:ac:d1:0d:db:fc:78:da:85:b1:34:19:4a:6d:
         09:e6:25:88:03:7e:20:bb:2b:01:cb:38:35:b1:74:0b:ef:9d:
         49:de:e7:a8:11:c7:4d:a4:ff:a9:c1:7f:3e:97:2e:3a:e0:ed:
         64:9f:ae:b2:bf:0d:13:8e:54:dc:cd:8b:0b:d7:05:ad:55:37:
         d6:81:43:a2:39:93:aa:8e:5c:35:9d:29:fb:8a:63:2d:d6:56:
         4a:09:fd:31:ea:f0:fa:7b:a2:f3:07:95:47:a7:49:65:5e:ed:
         3a:43:d6:05:c3:51:43:11:53:a0:12:ec:84:76:f9:26:aa:6d:
         e1:10:90:22
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUdNjerygKK0d8PFwglww4/9yQjXkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMjIzMDAwMDAwWhcNMjQwMzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NGJkMTQyZGYxNWUzYTlmNjM5YjdlMmMyMjc5ZjcyMGVi
ZjVkZDk0Y2M3NjRmNGQwZTk5NWU2Njk3MzZiODgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXbX7c3nn+wlK2/kwLq4l0bOQIjIqBJNK9hIZN0Bw1jd2S
j16HR9Wfc2ukPzfUTJlIYyo7Rhm+wzukDwjyA67RrnSJDYAZr8YjwpNym3fVsrpr
Hs4V5MLxGmpRQ/65/v70GKDF7/JdDoa3fUv9hnwiQy0PLclpgnXwN4QP1onKb7Ee
H64bL4z0R1pXGOUsFa23zti6jVBX8bsToswAJJbT5qPOq2RwCZtYbFURfDF2UkKG
vylACJwc/Tr+Rews3rHMYCnPbbVKM2fItS2DNyxHz1G/0eq0vIepY2VNHUYOJGns
Pqudlb93iHZmV5gyIJR0lGS3IPI9teH8nDKJYSU5AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUJEM1MIUKAX9GeZojlFvtDJzFsfAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI2M2Q2YzgzLTcxNzAtNDJhOS1iZjNiLTY1YTkwY2FjMzU0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgcmAB8YADANBgkqhkiG9w0BAQsFAAOCAQEALpXtJQM08RAm/xto0I8WhS3c
317IccON6E7pf8WDxriJsXhb8eIjoZSXiGKiV8bYKxpVo8xjBY6zf9rzptCpWjaN
Khyn5Qy3bs8+ZgcCmLcOcwS31vQn+aJ6eR60HpEodl5LuZ5FHlPJm10+xTUx9ukH
KPhE9Kyd0//+to9LZknRfcWs0Q3b/HjahbE0GUptCeYliAN+ILsrAcs4NbF0C++d
Sd7nqBHHTaT/qcF/PpcuOuDtZJ+usr8NE45U3M2LC9cFrVU31oFDojmTqo5cNZ0p
+4pjLdZWSgn9Merw+nui8weVR6dJZV7tOkPWBcNRQxFToBLshHb5Jqpt4RCQIg==
-----END CERTIFICATE-----