Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/e261ba54-4c07-49bd-b4d3-da8228b9bf33.roa
File:                     e261ba54-4c07-49bd-b4d3-da8228b9bf33.roa (raw, json)
Hash identifier:          KqjxNDZsiy/fJ3tdFwDuAh9XgMTK5gdAB7ZPXGehbXc=
Subject key identifier:   45:37:CD:16:F3:82:53:FD:4C:76:00:81:89:62:9D:F1:F9:F3:7F:60
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       074E3DD9A69195DFB1788DE15430A14E489DC97F
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/e261ba54-4c07-49bd-b4d3-da8228b9bf33.roa
Signing time:             Mon 09 Dec 2024 00:00:00 +0000
ROA not before:           Mon 09 Dec 2024 00:00:00 +0000
ROA not after:            Mon 13 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:a300::/40 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:4e:3d:d9:a6:91:95:df:b1:78:8d:e1:54:30:a1:4e:48:9d:c9:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Dec  9 00:00:00 2024 GMT
            Not After : Jan 13 23:59:59 2025 GMT
        Subject: CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1e:85:8c:f1:79:5a:6f:51:c6:de:fa:4a:0a:
                    a4:16:b6:dd:61:80:4a:01:1e:fb:9a:8a:55:f1:7f:
                    c6:c2:a3:60:93:a0:4a:88:44:93:26:82:6f:9f:12:
                    14:6b:74:9d:27:d4:73:ad:31:58:24:ec:da:ea:b8:
                    8b:43:27:08:d4:e0:bc:ec:ac:5a:94:c0:4a:1d:83:
                    34:03:23:3a:f2:89:f4:e1:d7:91:19:37:49:06:8e:
                    74:8c:f6:f4:d7:42:2e:63:17:12:77:6e:6c:9a:d4:
                    a4:48:00:93:b9:82:4e:7a:a3:f8:b0:cd:07:20:29:
                    83:43:ed:fb:3e:b9:83:8c:0f:96:18:65:21:9f:df:
                    56:3d:ce:c6:1e:66:e3:0b:31:92:0f:d0:76:9b:86:
                    6b:94:ed:22:89:76:51:51:b4:ce:b9:ba:ef:cd:83:
                    d7:46:a8:73:5f:09:c3:b8:f4:08:31:a2:98:18:d0:
                    87:79:81:3c:8b:a2:52:f0:e4:f5:de:7c:c0:5b:25:
                    b8:63:c6:5d:2b:d8:03:cb:b5:7f:c1:f0:50:16:98:
                    a7:4b:0a:77:15:d9:df:1c:f6:e5:4d:7b:da:ac:be:
                    4b:d4:ae:ca:9a:36:00:6a:92:fe:fa:dc:0c:c7:1e:
                    f5:87:9e:3b:0b:f0:5d:54:a4:14:f1:50:de:59:37:
                    3f:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:37:CD:16:F3:82:53:FD:4C:76:00:81:89:62:9D:F1:F9:F3:7F:60
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/e261ba54-4c07-49bd-b4d3-da8228b9bf33.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:a300::/40

    Signature Algorithm: sha256WithRSAEncryption
         22:0c:0f:77:b1:e0:8c:7a:e4:86:1d:66:d0:c9:e6:3e:11:b6:
         55:41:cb:32:d0:74:73:09:a9:1a:37:2a:18:f6:72:a4:ec:ac:
         ea:b0:63:2d:b1:88:f6:f7:8e:d9:d7:ff:5c:4c:ba:e2:36:99:
         26:62:c9:1a:02:cc:84:8f:9d:09:6c:90:90:46:78:a2:10:28:
         31:96:47:50:78:db:9d:f7:d3:4c:48:ff:19:c8:0e:f7:db:40:
         b3:e7:37:d9:f4:08:5f:95:0b:c7:26:c3:30:5d:f9:3b:6c:57:
         00:de:5e:1b:66:05:8e:de:b5:0c:8c:64:32:4a:12:24:4f:78:
         b2:e1:30:15:16:f8:08:88:8a:c8:63:11:55:1a:eb:b5:18:b5:
         df:d3:26:d5:7b:5b:19:12:f1:e6:96:2a:d2:75:7d:23:6b:bf:
         ea:10:d0:8b:3f:56:d5:58:d6:dc:f1:fa:7a:63:f9:ff:87:a4:
         9c:9b:76:d5:b6:2b:01:27:a8:04:a2:04:c6:0b:60:2c:e2:c9:
         94:cd:cd:06:d0:97:6a:d9:7a:cf:df:5f:45:24:16:08:bf:dc:
         3b:1f:43:bb:dd:84:dd:f5:50:fb:a5:f9:98:43:f2:f5:ea:cb:
         e5:78:7d:28:96:45:c8:4e:a6:71:d1:09:dd:cf:27:ac:c0:06:
         38:32:74:6d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUB0492aaRld+xeI3hVDChTkidyX8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjQxMjA5MDAwMDAwWhcNMjUwMTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZjhkMzIyYWQyNTU3MDZmMzY5YjEwNmRiZmNlZTQ4NGM5
ZmYwMTJhZTYxYjY2YzYwNmY2NWNhZmVmMTViMzc4MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4HoWM8Xlab1HG3vpKCqQWtt1hgEoBHvuailXxf8bCo2CT
oEqIRJMmgm+fEhRrdJ0n1HOtMVgk7NrquItDJwjU4LzsrFqUwEodgzQDIzryifTh
15EZN0kGjnSM9vTXQi5jFxJ3bmya1KRIAJO5gk56o/iwzQcgKYND7fs+uYOMD5YY
ZSGf31Y9zsYeZuMLMZIP0HabhmuU7SKJdlFRtM65uu/Ng9dGqHNfCcO49AgxopgY
0Id5gTyLolLw5PXefMBbJbhjxl0r2APLtX/B8FAWmKdLCncV2d8c9uVNe9qsvkvU
rsqaNgBqkv763AzHHvWHnjsL8F1UpBTxUN5ZNz+5AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQURTfNFvOCU/1MdgCBiWKd8fnzf2AwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2UyNjFiYTU0LTRjMDctNDliZC1iNGQzLWRhODIyOGI5YmYzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAJAAozANBgkqhkiG9w0BAQsFAAOCAQEAIgwPd7HgjHrkhh1m0MnmPhG2
VUHLMtB0cwmpGjcqGPZypOys6rBjLbGI9veO2df/XEy64jaZJmLJGgLMhI+dCWyQ
kEZ4ohAoMZZHUHjbnffTTEj/GcgO99tAs+c32fQIX5ULxybDMF35O2xXAN5eG2YF
jt61DIxkMkoSJE94suEwFRb4CIiKyGMRVRrrtRi139Mm1XtbGRLx5pYq0nV9I2u/
6hDQiz9W1VjW3PH6emP5/4eknJt21bYrASeoBKIExgtgLOLJlM3NBtCXatl6z99f
RSQWCL/cOx9Du92E3fVQ+6X5mEPy9erL5Xh9KJZFyE6mcdEJ3c8nrMAGODJ0bQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:17:51 2025 by rpki-client