Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/096c985f-84e2-4a99-9d03-14639fa9224d.roa
File:                     096c985f-84e2-4a99-9d03-14639fa9224d.roa (raw, json)
Hash identifier:          Jp9ptBKe9RGeBiWiQYm8UJZsyASvaga0A7YkO6nzB6o=
Subject key identifier:   84:B1:00:AB:D3:78:70:87:EB:A8:4A:40:1D:AD:DA:5C:63:E0:77:0B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2F832AB4FB699EC37D9CC321FD9288B20400A765
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/096c985f-84e2-4a99-9d03-14639fa9224d.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        45.33.160.0/19 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:83:2a:b4:fb:69:9e:c3:7d:9c:c3:21:fd:92:88:b2:04:00:a7:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: serialNumber=44cc575476f5f58ec5329771fd8cb3805a4be5f38abba64e4d341ef0396e4edb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e1:7a:f7:f1:c9:22:87:35:9e:e0:f9:5d:52:
                    18:73:34:07:9c:e0:17:ae:ae:2a:6a:5d:24:54:03:
                    25:d6:2d:78:89:d3:d1:ef:6f:49:b5:9e:e4:6e:b2:
                    10:58:0d:7f:0a:40:df:b4:1d:e4:bc:21:71:13:92:
                    09:39:cd:89:14:11:78:18:9a:5c:d1:9d:9f:3b:bc:
                    1c:c9:09:14:15:c5:00:81:9e:7e:52:bc:a7:b8:be:
                    33:99:ab:a5:78:2c:a0:1a:d9:61:3e:a2:17:e7:23:
                    60:bb:f9:c5:0a:74:28:62:f3:0f:ac:81:7c:9a:f2:
                    f6:91:54:5a:85:94:87:73:28:52:f8:37:b7:02:01:
                    c8:65:6d:60:e2:8b:f6:bf:db:98:b0:5b:75:14:50:
                    c5:c5:37:7d:28:53:7d:22:0c:6c:94:e9:16:12:d8:
                    e6:da:1a:53:d3:be:83:9c:bf:9c:d6:e7:cc:4e:1c:
                    e5:ef:17:ff:2f:ce:2e:c4:23:30:13:03:2f:7f:a3:
                    3b:51:82:57:d4:32:b2:5b:6a:82:07:02:09:43:26:
                    7d:dd:90:d4:1e:dc:5d:95:30:13:ef:ab:8f:2d:0f:
                    09:e7:88:59:8b:f0:3a:20:d8:ce:f1:f0:52:af:99:
                    1d:55:ba:ae:80:82:ae:ed:46:11:c4:eb:bb:2a:9c:
                    3e:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B1:00:AB:D3:78:70:87:EB:A8:4A:40:1D:AD:DA:5C:63:E0:77:0B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/096c985f-84e2-4a99-9d03-14639fa9224d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.33.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         22:e7:22:71:a7:7a:d0:9e:2f:9b:34:9d:29:91:44:8a:68:b4:
         12:eb:26:49:c1:3f:bf:4b:c8:63:86:e6:b4:da:9b:3e:ce:9a:
         78:3d:8c:6a:82:27:29:57:9c:f1:28:d1:6e:cb:1d:4d:7e:4d:
         d5:ed:20:fa:45:b0:7a:db:62:dc:72:50:d1:ec:75:95:25:ea:
         a8:90:89:d9:f9:bb:54:91:fe:3d:4f:95:47:74:13:e6:2e:ac:
         22:46:f3:6d:ea:fb:c4:9c:d6:37:3d:25:58:e4:64:fb:05:36:
         44:bd:36:0d:ea:17:dd:e8:05:26:7e:85:39:af:3c:45:4b:9f:
         38:f6:bb:e6:34:93:2b:b2:2f:a2:b1:e6:1e:b8:cf:3a:1f:57:
         25:c2:6e:ae:7b:96:2d:90:29:17:07:9d:f4:0e:68:1a:5c:a9:
         a5:01:b9:1c:4e:0f:f1:f0:92:5e:c8:02:06:4f:57:5f:3b:cf:
         99:38:77:00:dd:b4:c6:cb:d0:ec:c4:6d:0f:f0:7c:a5:e7:7e:
         03:b2:48:a4:ea:bf:67:36:a0:73:c4:72:75:52:3a:69:68:ad:
         cc:1d:39:0b:bb:7b:0b:13:da:30:40:fe:4c:23:21:b7:fb:a1:
         e0:2c:34:dd:c0:5c:fc:e9:e2:ca:94:34:9c:61:80:ff:d0:4f:
         6a:e1:e0:1f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL4MqtPtpnsN9nMMh/ZKIsgQAp2UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NGNjNTc1NDc2ZjVmNThlYzUzMjk3NzFmZDhjYjM4MDVh
NGJlNWYzOGFiYmE2NGU0ZDM0MWVmMDM5NmU0ZWRiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDH4Xr38ckihzWe4PldUhhzNAec4BeuripqXSRUAyXWLXiJ
09Hvb0m1nuRushBYDX8KQN+0HeS8IXETkgk5zYkUEXgYmlzRnZ87vBzJCRQVxQCB
nn5SvKe4vjOZq6V4LKAa2WE+ohfnI2C7+cUKdChi8w+sgXya8vaRVFqFlIdzKFL4
N7cCAchlbWDii/a/25iwW3UUUMXFN30oU30iDGyU6RYS2ObaGlPTvoOcv5zW58xO
HOXvF/8vzi7EIzATAy9/oztRglfUMrJbaoIHAglDJn3dkNQe3F2VMBPvq48tDwnn
iFmL8Dog2M7x8FKvmR1Vuq6Agq7tRhHE67sqnD6nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhLEAq9N4cIfrqEpAHa3aXGPgdwswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA5NmM5ODVmLTg0ZTItNGE5OS05ZDAzLTE0NjM5ZmE5MjI0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUtIaAwDQYJKoZIhvcNAQELBQADggEBACLnInGnetCeL5s0nSmRRIpotBLr
JknBP79LyGOG5rTamz7Omng9jGqCJylXnPEo0W7LHU1+TdXtIPpFsHrbYtxyUNHs
dZUl6qiQidn5u1SR/j1PlUd0E+YurCJG823q+8Sc1jc9JVjkZPsFNkS9Ng3qF93o
BSZ+hTmvPEVLnzj2u+Y0kyuyL6Kx5h64zzofVyXCbq57li2QKRcHnfQOaBpcqaUB
uRxOD/Hwkl7IAgZPV187z5k4dwDdtMbL0OzEbQ/wfKXnfgOySKTqv2c2oHPEcnVS
OmlorcwdOQu7ewsT2jBA/kwjIbf7oeAsNN3AXPzp4sqUNJxhgP/QT2rh4B8=
-----END CERTIFICATE-----