Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06139183-2051-4ad1-bb28-ef783b0dca58.roa
File:                     06139183-2051-4ad1-bb28-ef783b0dca58.roa (raw, json)
Hash identifier:          oCybz62Xr0lHUuzBPg3YZjTQljaslJ7Jh9nXtIEenJA=
Subject key identifier:   6B:7D:1F:69:37:6E:ED:77:12:2D:E7:96:34:80:BD:00:43:55:09:BD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1C03301C0DD715A13195AE2EA07A7BBD7758D828
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06139183-2051-4ad1-bb28-ef783b0dca58.roa
Signing time:             Sat 04 Jan 2025 00:00:00 +0000
ROA not before:           Sat 04 Jan 2025 00:00:00 +0000
ROA not after:            Sat 08 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.59.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:03:30:1c:0d:d7:15:a1:31:95:ae:2e:a0:7a:7b:bd:77:58:d8:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  4 00:00:00 2025 GMT
            Not After : Feb  8 23:59:59 2025 GMT
        Subject: serialNumber=8c8947392c27429f59e63097c3cdfe55dc589195e82bf9b95abc886eabd51f09, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e3:73:1e:fc:97:ae:e0:91:c2:4d:7f:b7:5e:
                    69:d3:f7:36:0e:61:39:a8:6c:1c:b8:93:cd:bb:4d:
                    26:e4:d3:cf:b5:58:33:65:65:9d:e5:78:27:e8:d5:
                    0d:59:64:a0:4a:6e:d6:1f:ee:90:02:2b:55:02:8c:
                    78:a0:db:f5:96:51:52:e5:c5:81:90:a1:03:39:cc:
                    6e:a1:28:19:6e:e9:81:bc:f8:14:68:6a:30:ea:28:
                    3f:82:f0:97:ec:f1:f0:6e:b5:19:35:1e:05:e9:4c:
                    7d:3d:c5:70:08:39:5b:f2:0a:6c:e0:49:d6:4b:0c:
                    03:f0:80:d0:5a:24:5e:17:20:8f:84:fb:3f:81:08:
                    2f:00:08:83:54:d1:c6:61:8f:8d:04:59:a7:ea:c0:
                    d8:4b:fc:30:72:91:9b:70:72:7a:4f:51:81:7a:ae:
                    83:ca:90:37:40:1f:c6:26:6d:1a:de:66:3f:d5:a1:
                    b8:9c:6d:f4:a4:2e:9b:94:c5:6a:3d:d2:1b:00:05:
                    00:80:96:ca:3b:78:15:39:aa:84:ae:2e:fe:ab:8f:
                    91:f1:ed:87:62:19:bd:01:b6:1e:29:56:49:9e:e9:
                    2f:93:fb:b7:ad:7c:06:18:90:e8:70:7f:25:a0:82:
                    f3:c0:20:ca:7f:21:d4:56:b2:01:bf:17:56:d9:21:
                    23:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:7D:1F:69:37:6E:ED:77:12:2D:E7:96:34:80:BD:00:43:55:09:BD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06139183-2051-4ad1-bb28-ef783b0dca58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.59.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0d:c9:6e:9a:5a:69:d6:cc:ba:38:b1:ed:68:d8:1a:11:df:3b:
         d6:b4:ff:93:32:f1:c5:eb:51:35:46:95:43:4c:63:37:a3:bb:
         d0:92:5f:be:d7:67:6a:fb:f0:e8:68:1d:5b:1f:d9:2c:bf:34:
         14:1c:0e:42:fe:b2:54:9c:ac:21:9f:1c:a0:e5:55:d2:87:65:
         eb:bf:da:60:33:d6:22:79:cc:5d:88:10:29:51:8c:68:a4:e5:
         31:27:de:da:4d:69:cb:43:67:18:b2:52:c5:0c:b7:cb:fe:4f:
         fa:ea:90:46:f2:c7:9c:21:a6:f7:25:77:ff:5a:8a:03:b3:2d:
         b3:67:45:8a:66:c9:d9:7e:59:83:b3:3a:5b:27:d0:20:4c:e5:
         ea:05:9e:50:83:e5:f2:ee:a4:a1:51:7c:f0:f1:f5:a0:47:5c:
         83:e2:8f:3a:7d:0e:e5:43:e3:69:86:42:a3:43:be:5f:c3:51:
         bc:ea:11:71:f4:1f:6c:cb:64:9c:c0:b6:f4:2a:70:07:aa:16:
         5c:8c:02:72:aa:98:cf:40:0d:b7:39:ec:7f:2b:1d:62:c4:89:
         4e:dc:ed:b9:94:81:5b:f7:a4:af:92:77:fc:04:bb:27:2f:ac:
         81:3f:76:5f:f1:fe:6b:0d:f2:14:74:c4:3c:f4:7b:e4:a0:01:
         b0:fb:2a:15
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHAMwHA3XFaExla4uoHp7vXdY2CgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA0MDAwMDAwWhcNMjUwMjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4Yzg5NDczOTJjMjc0MjlmNTllNjMwOTdjM2NkZmU1NWRj
NTg5MTk1ZTgyYmY5Yjk1YWJjODg2ZWFiZDUxZjA5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt43Me/Jeu4JHCTX+3XmnT9zYOYTmobBy4k827TSbk08+1
WDNlZZ3leCfo1Q1ZZKBKbtYf7pACK1UCjHig2/WWUVLlxYGQoQM5zG6hKBlu6YG8
+BRoajDqKD+C8Jfs8fButRk1HgXpTH09xXAIOVvyCmzgSdZLDAPwgNBaJF4XII+E
+z+BCC8ACINU0cZhj40EWafqwNhL/DBykZtwcnpPUYF6roPKkDdAH8YmbRreZj/V
obicbfSkLpuUxWo90hsABQCAlso7eBU5qoSuLv6rj5Hx7YdiGb0Bth4pVkme6S+T
+7etfAYYkOhwfyWggvPAIMp/IdRWsgG/F1bZISOXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUa30faTdu7XcSLeeWNIC9AENVCb0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA2MTM5MTgzLTIwNTEtNGFkMS1iYjI4LWVmNzgzYjBkY2E1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQOzANBgkqhkiG9w0BAQsFAAOCAQEADclumlpp1sy6OLHtaNgaEd871rT/
kzLxxetRNUaVQ0xjN6O70JJfvtdnavvw6GgdWx/ZLL80FBwOQv6yVJysIZ8coOVV
0odl67/aYDPWInnMXYgQKVGMaKTlMSfe2k1py0NnGLJSxQy3y/5P+uqQRvLHnCGm
9yV3/1qKA7Mts2dFimbJ2X5Zg7M6WyfQIEzl6gWeUIPl8u6koVF88PH1oEdcg+KP
On0O5UPjaYZCo0O+X8NRvOoRcfQfbMtknMC29CpwB6oWXIwCcqqYz0ANtznsfysd
YsSJTtztuZSBW/ekr5J3/AS7Jy+sgT92X/H+aw3yFHTEPPR75KABsPsqFQ==
-----END CERTIFICATE-----