Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13ee75ed-41a2-4634-9a91-87d1d5e10f18.roa
File:                     13ee75ed-41a2-4634-9a91-87d1d5e10f18.roa (raw, json)
Hash identifier:          6zNOhhBlMWSJNYLW/F3+V+jz3FEna2Loz0am1stGJfA=
Subject key identifier:   A8:AC:41:81:50:EF:10:A9:FC:14:4C:5F:9E:C4:3B:78:03:BC:A5:06
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       51240416728D736E1D3E826542F9416AAECA6428
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13ee75ed-41a2-4634-9a91-87d1d5e10f18.roa
Signing time:             Mon 23 Dec 2024 00:00:00 +0000
ROA not before:           Mon 23 Dec 2024 00:00:00 +0000
ROA not after:            Mon 27 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        167.65.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:24:04:16:72:8d:73:6e:1d:3e:82:65:42:f9:41:6a:ae:ca:64:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 23 00:00:00 2024 GMT
            Not After : Jan 27 23:59:59 2025 GMT
        Subject: serialNumber=19d09779a7d9f0100d21f063e87d0785e4e881ba663b1b8623bf44eb53421b7a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d6:4d:d1:26:ac:f7:1b:99:01:b9:60:56:75:
                    c2:06:a5:ae:cf:77:4b:7f:98:1f:e9:c2:1e:ed:c3:
                    18:33:d7:6e:5b:48:14:7a:ed:2c:14:fd:34:b9:2f:
                    1e:20:b7:97:31:d6:7e:ac:ca:9f:66:de:e3:d5:18:
                    8e:3f:70:da:8d:a8:9f:79:55:98:0e:90:c5:51:27:
                    ba:6a:44:a0:60:8e:dc:b8:2a:79:be:70:a9:f1:40:
                    4c:81:59:9c:58:ca:f3:fb:85:34:56:3d:32:8f:3a:
                    fb:df:e5:61:e3:4a:53:2e:03:ef:69:cf:31:12:59:
                    0f:f9:52:cb:94:b5:3d:59:ef:14:20:dd:a8:7d:af:
                    88:10:b6:82:fb:b3:b5:f5:1f:e6:c4:34:9f:fc:de:
                    8d:7d:30:95:d2:8d:9a:18:22:bc:bf:c0:13:29:85:
                    a5:77:23:34:77:f1:a4:6d:f9:40:83:aa:89:a9:84:
                    c6:06:30:7f:19:6a:ce:82:7e:f9:6f:46:68:af:18:
                    2b:5a:45:b9:fc:fc:1d:95:79:96:82:91:e8:6c:b9:
                    4b:2c:a1:cd:a9:94:66:2a:3c:da:ee:e7:73:c2:d4:
                    7e:80:e8:28:8b:36:02:e8:45:2e:29:03:4d:e8:00:
                    af:66:e8:1a:1f:9e:8c:ab:a6:92:cf:25:83:91:85:
                    fe:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:AC:41:81:50:EF:10:A9:FC:14:4C:5F:9E:C4:3B:78:03:BC:A5:06
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/13ee75ed-41a2-4634-9a91-87d1d5e10f18.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.65.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b6:e3:49:df:aa:0b:68:ca:dd:31:0f:da:b7:53:d7:f2:7f:99:
         d2:e7:f1:99:ed:11:d3:c3:32:82:ab:62:a4:b1:38:37:fe:b9:
         fa:53:17:3d:d8:fc:6b:7d:c3:a1:d9:ba:11:68:7b:53:a5:b9:
         f5:69:82:dc:e1:16:04:c7:34:2d:b8:b9:c4:e7:2e:95:ab:24:
         01:95:a4:29:8a:27:24:97:f4:c8:ed:da:45:ab:08:97:c9:1b:
         b8:68:2d:a0:f0:62:f3:ff:90:ab:60:61:77:e3:7a:58:4e:c1:
         64:a3:28:0d:fe:06:1d:a9:be:63:0d:90:fd:67:2c:ed:a3:cc:
         59:a2:88:ad:cb:54:90:20:0f:30:0d:0e:75:70:b6:09:eb:31:
         39:68:2d:7c:76:b3:3a:95:87:63:9f:1e:14:c6:a9:a7:72:f5:
         c9:cd:a0:8b:b5:8e:12:da:1a:da:af:fa:a4:7e:9d:09:87:4b:
         2b:22:4f:8c:1e:f6:e8:b2:b6:dc:7d:5a:36:92:b7:1f:c0:50:
         19:d0:ed:cf:24:e9:26:a8:0b:fb:60:3b:71:89:97:23:09:dd:
         84:f0:d8:51:53:e2:d9:c3:2a:7e:b9:f3:5b:8d:4e:f6:16:bd:
         7f:9f:4c:cb:88:a2:dc:b1:6c:10:0c:8d:1d:2d:6d:1a:65:e8:
         94:1d:d2:54
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUSQEFnKNc24dPoJlQvlBaq7KZCgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxOWQwOTc3OWE3ZDlmMDEwMGQyMWYwNjNlODdkMDc4NWU0
ZTg4MWJhNjYzYjFiODYyM2JmNDRlYjUzNDIxYjdhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCX1k3RJqz3G5kBuWBWdcIGpa7Pd0t/mB/pwh7twxgz125b
SBR67SwU/TS5Lx4gt5cx1n6syp9m3uPVGI4/cNqNqJ95VZgOkMVRJ7pqRKBgjty4
Knm+cKnxQEyBWZxYyvP7hTRWPTKPOvvf5WHjSlMuA+9pzzESWQ/5UsuUtT1Z7xQg
3ah9r4gQtoL7s7X1H+bENJ/83o19MJXSjZoYIry/wBMphaV3IzR38aRt+UCDqomp
hMYGMH8Zas6CfvlvRmivGCtaRbn8/B2VeZaCkehsuUssoc2plGYqPNru53PC1H6A
6CiLNgLoRS4pA03oAK9m6BofnoyrppLPJYORhf5rAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUqKxBgVDvEKn8FExfnsQ7eAO8pQYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEzZWU3NWVkLTQxYTItNDYzNC05YTkxLTg3ZDFkNWUxMGYxOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCnQTANBgkqhkiG9w0BAQsFAAOCAQEAtuNJ36oLaMrdMQ/at1PX8n+Z0ufx
me0R08MygqtipLE4N/65+lMXPdj8a33Dodm6EWh7U6W59WmC3OEWBMc0Lbi5xOcu
laskAZWkKYonJJf0yO3aRasIl8kbuGgtoPBi8/+Qq2Bhd+N6WE7BZKMoDf4GHam+
Yw2Q/Wcs7aPMWaKIrctUkCAPMA0OdXC2CesxOWgtfHazOpWHY58eFMapp3L1yc2g
i7WOEtoa2q/6pH6dCYdLKyJPjB726LK23H1aNpK3H8BQGdDtzyTpJqgL+2A7cYmX
IwndhPDYUVPi2cMqfrnzW41O9ha9f59My4ii3LFsEAyNHS1tGmXolB3SVA==
-----END CERTIFICATE-----