Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f6a03706-20f0-4e0d-9eea-735bd02868d3.roa
File:                     f6a03706-20f0-4e0d-9eea-735bd02868d3.roa (raw, json)
Hash identifier:          cRMN4Gqv9X734H+Esnel7O4qWEkfgmLbigecgcmMvoQ=
Subject key identifier:   18:A0:37:B5:B5:4F:B4:29:04:9C:B2:A8:DA:1C:98:8F:E9:FE:DF:9E
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       6CB7C553C4AB4B39E11124D14879B5069642965A
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f6a03706-20f0-4e0d-9eea-735bd02868d3.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        206.55.133.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:b7:c5:53:c4:ab:4b:39:e1:11:24:d1:48:79:b5:06:96:42:96:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d3:b1:bc:3a:77:a4:27:db:27:08:d8:39:51:
                    a6:56:4a:d9:a2:1d:ef:4a:5c:33:7e:89:3a:70:0c:
                    b0:14:7c:7d:75:ba:96:5b:e0:7b:9e:81:6b:83:8c:
                    b8:4a:16:11:d4:22:7d:88:72:64:c8:d1:27:d9:b9:
                    36:54:29:5d:07:68:b3:4e:a8:d8:6a:56:e5:84:d3:
                    73:9a:98:5c:07:05:df:8b:c2:da:a1:a0:1d:bf:a8:
                    1e:1a:ab:b5:c6:2a:db:0b:62:e3:1c:95:81:0e:3d:
                    b6:ac:98:d6:7e:55:b8:e6:f1:7c:1a:d1:81:d2:a6:
                    e2:c8:18:57:1d:ef:71:98:5e:e3:e5:19:de:1a:46:
                    33:9c:85:4b:e4:0e:66:46:fc:7b:dc:3b:84:47:67:
                    39:ce:08:d1:b9:b0:cc:5b:80:31:18:eb:1b:54:a7:
                    4c:03:0e:af:c1:de:8b:b2:b6:9c:67:f9:91:ce:73:
                    88:df:87:b9:54:52:b7:4e:d2:f0:28:13:a2:52:ce:
                    72:a3:b8:7e:0e:2c:6a:98:51:f5:bc:44:29:e8:2b:
                    39:f7:e4:1f:cb:96:91:d9:9f:d2:d8:7e:3f:79:80:
                    90:90:85:3c:ed:8b:72:74:c5:aa:c5:21:5b:f2:fa:
                    d7:98:1c:ee:56:72:ab:ef:9c:93:25:7e:00:44:86:
                    02:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:A0:37:B5:B5:4F:B4:29:04:9C:B2:A8:DA:1C:98:8F:E9:FE:DF:9E
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f6a03706-20f0-4e0d-9eea-735bd02868d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.55.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:05:45:8b:49:a1:86:5e:68:94:f9:4e:be:ce:31:e6:3b:ea:
         25:5b:6b:b3:e2:db:1d:49:06:e8:34:07:f5:83:4e:6b:49:96:
         de:e2:5f:9d:2b:ed:e8:ca:c0:29:8c:fe:f9:db:42:79:d8:f8:
         87:f0:00:4a:b9:ae:96:07:6e:60:e6:64:0b:d8:a0:b7:c9:18:
         dc:b1:1e:c8:fb:99:e0:78:3d:ab:7d:f6:e4:47:50:36:63:64:
         df:06:2e:42:99:f1:e1:ba:b3:4b:25:8c:31:ab:9b:4e:21:b5:
         d9:8a:b8:5e:b8:20:5f:d5:60:bd:f4:35:e3:5d:63:5e:cf:b1:
         ef:f9:74:fd:6a:e0:80:45:35:9a:f5:b0:d2:bd:96:39:1c:32:
         53:1b:4e:4e:82:95:dd:aa:f6:a2:6b:e9:4c:7f:6c:5a:f1:e3:
         42:38:ed:91:c6:2c:a0:df:4c:32:1e:35:7e:68:1b:68:91:1c:
         e3:ba:cf:6c:08:2f:8a:2b:51:e9:2c:6a:2d:5f:80:44:38:26:
         96:cc:d2:de:5b:f9:f7:a8:8e:76:a0:c0:8c:b1:7b:ee:eb:bf:
         2a:24:dd:44:49:d6:c1:67:0b:3f:f4:f1:cd:d2:17:fc:2c:3b:
         00:7a:1a:c3:0a:67:4c:1d:78:9c:45:57:52:44:8e:a9:4a:93:
         11:76:a0:6d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbLfFU8SrSznhESTRSHm1BpZCllowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0YWYyM2Y2NTc1MDZkYjhiZDcxYjM2MjAzNDlhNTcyYWU3
OGNkODIwZWRjYTA0OWFiYzJkNzNlNDAzNTVkZDRjMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC307G8OnekJ9snCNg5UaZWStmiHe9KXDN+iTpwDLAUfH11
upZb4HuegWuDjLhKFhHUIn2IcmTI0SfZuTZUKV0HaLNOqNhqVuWE03OamFwHBd+L
wtqhoB2/qB4aq7XGKtsLYuMclYEOPbasmNZ+Vbjm8Xwa0YHSpuLIGFcd73GYXuPl
Gd4aRjOchUvkDmZG/HvcO4RHZznOCNG5sMxbgDEY6xtUp0wDDq/B3ouytpxn+ZHO
c4jfh7lUUrdO0vAoE6JSznKjuH4OLGqYUfW8RCnoKzn35B/LlpHZn9LYfj95gJCQ
hTzti3J0xarFIVvy+teYHO5WcqvvnJMlfgBEhgI3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGKA3tbVPtCkEnLKo2hyYj+n+354wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2Y2YTAzNzA2LTIwZjAtNGUwZC05ZWVhLTczNWJkMDI4NjhkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADON4UwDQYJKoZIhvcNAQELBQADggEBAIMFRYtJoYZeaJT5Tr7OMeY76iVb
a7Pi2x1JBug0B/WDTmtJlt7iX50r7ejKwCmM/vnbQnnY+IfwAEq5rpYHbmDmZAvY
oLfJGNyxHsj7meB4Pat99uRHUDZjZN8GLkKZ8eG6s0sljDGrm04htdmKuF64IF/V
YL30NeNdY17Pse/5dP1q4IBFNZr1sNK9ljkcMlMbTk6Cld2q9qJr6Ux/bFrx40I4
7ZHGLKDfTDIeNX5oG2iRHOO6z2wIL4orUeksai1fgEQ4JpbM0t5b+feojnagwIyx
e+7rvyok3URJ1sFnCz/08c3SF/wsOwB6GsMKZ0wdeJxFV1JEjqlKkxF2oG0=
-----END CERTIFICATE-----