Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/001593bd-5759-498f-b9c2-6ed628b5888a.roa
File:                     001593bd-5759-498f-b9c2-6ed628b5888a.roa (raw, json)
Hash identifier:          G3z1Al/mSNhBs3qQoqcZEVZ/AiQEwufatPSp9FN7NUg=
Subject key identifier:   79:F6:90:AC:EA:6D:3F:61:8F:8A:C3:0A:22:09:1F:FD:18:6F:3E:04
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       744400E718644C97CECA992BD1E4B341CC4438AB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/001593bd-5759-498f-b9c2-6ed628b5888a.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.53.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:44:00:e7:18:64:4c:97:ce:ca:99:2b:d1:e4:b3:41:cc:44:38:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=1d035d00e53cee04a094ce69b27005cd78edefe2d83a14b3966d60d2079d3c9b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:24:9b:df:d4:86:0d:02:fa:51:d3:a1:f7:5e:
                    d3:80:31:c4:96:1b:f6:eb:be:39:bf:f8:8e:f6:b5:
                    70:c9:b7:48:47:ba:0a:93:4f:0c:89:00:1e:f8:90:
                    25:b0:31:53:82:28:40:ee:64:57:06:f3:b9:c3:34:
                    7a:8b:cc:65:76:d0:b9:34:92:31:bb:69:24:39:27:
                    c5:f9:e2:54:7c:f0:8a:61:4e:30:09:d9:26:2e:ec:
                    83:cc:66:fa:20:d3:dc:5c:86:7c:e7:63:91:df:87:
                    ea:13:f4:58:2c:a3:dd:6e:6c:35:cc:fd:30:fc:fc:
                    87:a4:22:e6:d8:e5:ff:e2:6a:c9:b0:31:2e:c9:07:
                    3c:df:e2:63:55:f8:99:1a:97:e5:fe:87:8d:eb:22:
                    9c:df:f1:ed:fc:40:4b:73:82:ab:85:39:b5:71:75:
                    5f:4b:b0:fd:51:7a:a6:4c:34:53:cd:90:86:a3:6f:
                    95:57:27:1e:61:ae:b9:da:6a:b2:a0:82:1f:a6:d1:
                    e7:a7:b3:4a:ba:c1:e5:57:83:c7:3b:10:00:ae:da:
                    66:f6:de:31:9d:e7:38:df:59:ef:bb:9e:19:27:ec:
                    5c:d0:5c:0f:13:cc:e4:a9:3c:cf:37:95:86:80:2e:
                    6e:12:bb:99:f0:e2:c8:9e:2d:68:58:38:3b:af:8a:
                    ce:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:F6:90:AC:EA:6D:3F:61:8F:8A:C3:0A:22:09:1F:FD:18:6F:3E:04
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/001593bd-5759-498f-b9c2-6ed628b5888a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6b:26:e9:e7:25:1d:79:8f:9c:1d:33:df:b0:ad:97:c6:3e:c8:
         7b:3b:4e:6a:2c:71:d3:c2:6b:0a:c3:04:7b:41:ee:5a:09:10:
         0c:a2:3a:70:c2:06:f9:c4:a7:85:07:fe:fe:b2:da:28:64:f8:
         45:c0:d1:5c:85:8f:04:65:81:5e:cc:b2:b9:41:7c:5e:b8:fe:
         23:31:cb:ef:7f:fd:e0:9e:e6:56:a3:74:cc:e5:a2:ec:17:0e:
         44:bb:84:33:b6:d2:56:c6:1f:86:ab:41:55:5b:20:aa:33:d1:
         d3:bc:77:02:a0:68:b0:63:e5:8c:15:38:14:dd:d6:dc:fd:1a:
         62:ad:e0:04:f0:d5:6a:7b:ce:34:db:c7:35:36:5f:8f:2e:96:
         3c:a6:0b:ac:b6:4b:19:a5:1b:78:fe:27:88:40:3c:a2:df:99:
         05:cb:66:2e:6a:54:a9:be:56:24:24:9a:e4:2a:23:6f:6a:66:
         e7:cc:27:72:2d:9d:1c:4e:d5:a3:35:7d:02:11:a3:bc:08:b1:
         7b:6a:90:1c:2d:43:3d:9c:1e:24:94:00:bd:a5:f2:cb:03:15:
         a9:3a:05:52:7b:0c:92:3c:63:d7:ae:11:be:14:14:f9:03:9a:
         17:af:c8:2e:d4:f1:61:91:14:00:82:91:ba:31:47:d6:b9:51:
         27:d9:0c:07
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdEQA5xhkTJfOypkr0eSzQcxEOKswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDAzNWQwMGU1M2NlZTA0YTA5NGNlNjliMjcwMDVjZDc4
ZWRlZmUyZDgzYTE0YjM5NjZkNjBkMjA3OWQzYzliMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeJJvf1IYNAvpR06H3XtOAMcSWG/brvjm/+I72tXDJt0hH
ugqTTwyJAB74kCWwMVOCKEDuZFcG87nDNHqLzGV20Lk0kjG7aSQ5J8X54lR88Iph
TjAJ2SYu7IPMZvog09xchnznY5Hfh+oT9Fgso91ubDXM/TD8/IekIubY5f/iasmw
MS7JBzzf4mNV+Jkal+X+h43rIpzf8e38QEtzgquFObVxdV9LsP1ReqZMNFPNkIaj
b5VXJx5hrrnaarKggh+m0eens0q6weVXg8c7EACu2mb23jGd5zjfWe+7nhkn7FzQ
XA8TzOSpPM83lYaALm4Su5nw4sieLWhYODuvis6nAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUefaQrOptP2GPisMKIgkf/RhvPgQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAwMTU5M2JkLTU3NTktNDk4Zi1iOWMyLTZlZDYyOGI1ODg4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4NTANBgkqhkiG9w0BAQsFAAOCAQEAaybp5yUdeY+cHTPfsK2Xxj7IeztO
aixx08JrCsMEe0HuWgkQDKI6cMIG+cSnhQf+/rLaKGT4RcDRXIWPBGWBXsyyuUF8
Xrj+IzHL73/94J7mVqN0zOWi7BcORLuEM7bSVsYfhqtBVVsgqjPR07x3AqBosGPl
jBU4FN3W3P0aYq3gBPDVanvONNvHNTZfjy6WPKYLrLZLGaUbeP4niEA8ot+ZBctm
LmpUqb5WJCSa5Cojb2pm58wnci2dHE7VozV9AhGjvAixe2qQHC1DPZweJJQAvaXy
ywMVqToFUnsMkjxj164RvhQU+QOaF6/ILtTxYZEUAIKRujFH1rlRJ9kMBw==
-----END CERTIFICATE-----