Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cfaf610-9856-4685-bd68-affb766bc2be.roa
File:                     0cfaf610-9856-4685-bd68-affb766bc2be.roa (raw, json)
Hash identifier:          5l6JmzEFnWDlSVKDSWfam9nMk8f6wb6HS3alo9Kj+lY=
Subject key identifier:   BD:7E:29:70:FB:7E:6A:46:AE:88:AE:5C:72:14:41:C5:81:E1:02:53
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       740055E61BACB115017B7251AD18E620D42B06DC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cfaf610-9856-4685-bd68-affb766bc2be.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.107.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:00:55:e6:1b:ac:b1:15:01:7b:72:51:ad:18:e6:20:d4:2b:06:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=0e616abbcefafc2f64ca811befcdec15052cc9bc65817a48774d29d586794736, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:fd:30:9e:71:8a:45:de:7c:3d:c7:26:ae:7f:
                    5a:a9:05:dd:34:0e:0e:de:22:d1:f5:7a:3a:08:df:
                    84:cf:74:9a:d1:8a:58:72:24:a8:a2:52:6a:92:1d:
                    c6:25:f5:18:cc:a7:ff:7a:70:f1:bd:23:4b:c4:ed:
                    df:37:d7:5a:c4:f7:ff:3a:00:44:49:75:86:e2:c4:
                    f9:25:71:7a:ea:5c:10:c8:42:8a:4c:7c:06:2e:68:
                    df:38:08:db:4f:bf:19:67:07:a2:44:75:a8:a9:6d:
                    33:46:e5:a6:97:22:52:58:60:1d:32:4e:fd:87:3a:
                    a6:ea:a8:e6:d3:4c:bc:65:70:de:41:fc:45:9e:7f:
                    2c:9c:9d:57:07:ed:35:9a:0a:c3:cd:7e:5b:51:a4:
                    8e:e5:f5:67:84:e9:17:a7:d5:19:f4:b2:af:76:36:
                    7b:6a:5b:d9:44:20:14:99:47:fe:fe:ba:11:ed:3d:
                    54:c2:cc:4c:db:98:8c:10:90:bf:7a:73:43:c2:4d:
                    00:56:4d:28:3e:0a:66:bd:5e:5d:b0:a4:c1:cc:3b:
                    31:34:0c:e9:2d:9d:0f:ab:4e:6a:fa:c2:c6:ab:1f:
                    03:47:67:4c:98:87:a6:e9:a5:99:1d:b6:76:b2:ac:
                    57:1f:57:4e:35:c1:f3:4e:06:16:21:ad:eb:93:6a:
                    0c:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:7E:29:70:FB:7E:6A:46:AE:88:AE:5C:72:14:41:C5:81:E1:02:53
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cfaf610-9856-4685-bd68-affb766bc2be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.107.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a6:a9:62:8b:99:47:6b:f3:be:73:70:48:63:c0:69:f0:85:1e:
         08:1c:4c:56:ec:fb:29:70:d5:a1:03:91:cd:a8:ec:f0:58:a4:
         c7:00:16:c4:ee:25:ad:ba:d6:9e:36:66:25:dd:38:5a:22:44:
         60:85:47:bf:e0:3b:eb:d2:52:0d:4e:78:a7:cd:48:e8:95:a4:
         4c:40:20:02:fa:f1:eb:57:25:7a:b5:69:45:63:00:ee:8b:34:
         ed:53:15:6c:00:73:f6:0b:53:b8:ae:77:c3:2c:46:cd:12:33:
         db:a1:7c:98:c8:e8:13:87:92:cd:eb:f2:05:f9:13:fc:5f:d9:
         b1:c2:15:f7:b6:6e:23:f4:3d:ce:da:b1:c8:c6:8b:ac:bd:61:
         9f:9a:0e:80:37:cc:46:20:5e:a4:b2:34:34:33:71:21:9d:16:
         85:27:99:95:f0:03:3e:1b:ef:e1:6e:84:3c:14:3e:f1:67:cb:
         0a:66:45:00:4a:a7:0a:81:af:90:d1:a3:e8:5c:7b:3a:d0:31:
         0f:82:87:4e:d9:b4:d3:2e:77:62:ea:a5:04:0f:38:21:52:bc:
         ca:6f:b1:8c:48:e9:05:11:ce:b8:2a:f4:d4:a6:0f:be:30:94:
         55:c8:48:aa:c5:c8:5b:e2:99:12:a5:db:de:97:69:3f:b1:8b:
         ba:e8:2f:98
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdABV5hussRUBe3JRrRjmINQrBtwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTYxNmFiYmNlZmFmYzJmNjRjYTgxMWJlZmNkZWMxNTA1
MmNjOWJjNjU4MTdhNDg3NzRkMjlkNTg2Nzk0NzM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJ/TCecYpF3nw9xyauf1qpBd00Dg7eItH1ejoI34TPdJrR
ilhyJKiiUmqSHcYl9RjMp/96cPG9I0vE7d8311rE9/86AERJdYbixPklcXrqXBDI
QopMfAYuaN84CNtPvxlnB6JEdaipbTNG5aaXIlJYYB0yTv2HOqbqqObTTLxlcN5B
/EWefyycnVcH7TWaCsPNfltRpI7l9WeE6Ren1Rn0sq92NntqW9lEIBSZR/7+uhHt
PVTCzEzbmIwQkL96c0PCTQBWTSg+Cma9Xl2wpMHMOzE0DOktnQ+rTmr6wsarHwNH
Z0yYh6bppZkdtnayrFcfV041wfNOBhYhreuTagytAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvX4pcPt+akauiK5cchRBxYHhAlMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBjZmFmNjEwLTk4NTYtNDY4NS1iZDY4LWFmZmI3NjZiYzJiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4azANBgkqhkiG9w0BAQsFAAOCAQEApqlii5lHa/O+c3BIY8Bp8IUeCBxM
Vuz7KXDVoQORzajs8FikxwAWxO4lrbrWnjZmJd04WiJEYIVHv+A769JSDU54p81I
6JWkTEAgAvrx61clerVpRWMA7os07VMVbABz9gtTuK53wyxGzRIz26F8mMjoE4eS
zevyBfkT/F/ZscIV97ZuI/Q9ztqxyMaLrL1hn5oOgDfMRiBepLI0NDNxIZ0WhSeZ
lfADPhvv4W6EPBQ+8WfLCmZFAEqnCoGvkNGj6Fx7OtAxD4KHTtm00y53YuqlBA84
IVK8ym+xjEjpBRHOuCr01KYPvjCUVchIqsXIW+KZEqXb3pdpP7GLuugvmA==
-----END CERTIFICATE-----