Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1869b257-c1ca-4f4f-803c-f00cd973ab2e.roa
File:                     1869b257-c1ca-4f4f-803c-f00cd973ab2e.roa (raw, json)
Hash identifier:          SGVSGttHu9jrcazy0uLJunv855BZ6pc46lSuvmWxT90=
Subject key identifier:   CC:8A:F2:4D:92:63:A0:A3:08:FE:0E:D5:1A:7D:2A:6F:E0:CB:54:29
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       183466E2769A08C5D58491D04F939BF40C83FAB1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1869b257-c1ca-4f4f-803c-f00cd973ab2e.roa
Signing time:             Wed 01 Jan 2025 00:00:00 +0000
ROA not before:           Wed 01 Jan 2025 00:00:00 +0000
ROA not after:            Wed 05 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.46.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:34:66:e2:76:9a:08:c5:d5:84:91:d0:4f:93:9b:f4:0c:83:fa:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  1 00:00:00 2025 GMT
            Not After : Feb  5 23:59:59 2025 GMT
        Subject: serialNumber=6c2ec3164485f3551dead28b6ce3e82033d3d9c2f15da72285a7e4e4a255ded0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2e:3a:b8:2f:c8:0c:bc:9c:3c:22:f0:b2:4c:
                    ca:c9:1e:2f:29:4e:78:c2:db:ec:9d:7e:cf:03:da:
                    1e:dd:f1:df:49:08:d8:6f:7e:95:1c:76:ef:cb:fb:
                    30:3f:3f:ab:46:85:be:56:40:9e:0b:6b:fc:08:92:
                    8f:00:00:96:cb:d6:ac:96:6a:12:54:08:80:88:19:
                    dd:a3:73:9e:aa:c5:6b:0e:1e:cd:8c:1c:4a:8a:d7:
                    ce:41:e3:40:53:68:5a:96:48:31:ce:68:36:60:0d:
                    b4:08:04:c2:01:a5:d8:05:27:85:1d:54:8e:99:9a:
                    e7:ca:74:ba:e0:f6:24:b9:00:3e:cd:a6:37:92:02:
                    77:c1:2a:49:d5:68:27:0e:80:60:c7:36:c8:c8:5a:
                    17:4c:68:59:13:7a:6d:12:76:64:97:56:89:47:1d:
                    71:1e:a3:86:ad:d7:21:29:cd:c1:6c:c2:ce:19:cd:
                    46:5c:68:fd:a8:43:b0:11:6f:b5:8c:34:7a:a7:62:
                    09:0c:f0:36:ea:41:62:68:42:af:e6:7b:a5:14:ee:
                    f6:80:ed:b3:f0:9f:4d:ef:fc:9e:7f:2f:19:12:45:
                    e0:72:40:11:e4:a1:fb:61:84:e0:d0:b4:8d:2c:16:
                    24:99:ea:8c:0a:1b:7f:c2:d8:c1:bc:28:8b:51:78:
                    91:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:8A:F2:4D:92:63:A0:A3:08:FE:0E:D5:1A:7D:2A:6F:E0:CB:54:29
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1869b257-c1ca-4f4f-803c-f00cd973ab2e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.46.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         77:23:29:7b:2a:8e:62:c3:34:20:dd:6a:2f:a5:7e:fa:83:c6:
         e2:41:eb:34:cd:c5:fe:20:bd:61:9c:a5:0e:8d:76:0b:1b:ef:
         ad:db:dc:7b:a4:11:87:29:fc:c5:fd:6d:ad:5c:cc:20:c7:d2:
         ab:4d:bb:14:f0:54:d8:87:94:fd:0e:67:03:e5:61:de:bc:36:
         b4:d3:ba:38:89:cd:c6:3f:1c:8d:30:de:ae:3b:d4:79:e7:c5:
         9b:d6:d6:5e:69:fb:f9:f6:af:f9:6b:f2:c2:58:25:e7:63:13:
         63:57:f0:a2:2d:cd:ac:a7:eb:ef:39:c5:53:ea:15:d6:7e:cd:
         ae:ba:74:c0:2c:33:e0:db:6c:58:64:b3:9a:39:bc:b7:dd:d2:
         a0:6e:02:ca:80:dc:b9:89:92:bc:ea:39:42:3b:ad:62:15:27:
         bc:88:2a:20:31:e8:1f:d2:d1:59:4b:81:97:8d:c7:93:05:ff:
         ef:de:96:40:f2:5a:97:ad:a1:51:da:cb:48:48:83:50:ae:a8:
         d8:71:8e:be:54:96:ae:25:a2:fc:37:90:2b:ed:ed:21:f5:f3:
         64:62:c4:98:f1:fe:82:22:85:97:87:56:6c:a5:7a:50:21:d4:
         e9:80:13:05:8a:77:0d:44:4c:48:40:77:78:7f:e8:48:4b:d7:
         36:40:21:df
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGDRm4naaCMXVhJHQT5Ob9AyD+rEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAxMDAwMDAwWhcNMjUwMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YzJlYzMxNjQ0ODVmMzU1MWRlYWQyOGI2Y2UzZTgyMDMz
ZDNkOWMyZjE1ZGE3MjI4NWE3ZTRlNGEyNTVkZWQwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2Ljq4L8gMvJw8IvCyTMrJHi8pTnjC2+ydfs8D2h7d8d9J
CNhvfpUcdu/L+zA/P6tGhb5WQJ4La/wIko8AAJbL1qyWahJUCICIGd2jc56qxWsO
Hs2MHEqK185B40BTaFqWSDHOaDZgDbQIBMIBpdgFJ4UdVI6ZmufKdLrg9iS5AD7N
pjeSAnfBKknVaCcOgGDHNsjIWhdMaFkTem0SdmSXVolHHXEeo4at1yEpzcFsws4Z
zUZcaP2oQ7ARb7WMNHqnYgkM8DbqQWJoQq/me6UU7vaA7bPwn03v/J5/LxkSReBy
QBHkofthhODQtI0sFiSZ6owKG3/C2MG8KItReJGHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzIryTZJjoKMI/g7VGn0qb+DLVCkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4NjliMjU3LWMxY2EtNGY0Zi04MDNjLWYwMGNkOTczYWIyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4LjANBgkqhkiG9w0BAQsFAAOCAQEAdyMpeyqOYsM0IN1qL6V++oPG4kHr
NM3F/iC9YZylDo12Cxvvrdvce6QRhyn8xf1trVzMIMfSq027FPBU2IeU/Q5nA+Vh
3rw2tNO6OInNxj8cjTDerjvUeefFm9bWXmn7+fav+Wvywlgl52MTY1fwoi3NrKfr
7znFU+oV1n7Nrrp0wCwz4NtsWGSzmjm8t93SoG4CyoDcuYmSvOo5QjutYhUnvIgq
IDHoH9LRWUuBl43HkwX/796WQPJal62hUdrLSEiDUK6o2HGOvlSWriWi/DeQK+3t
IfXzZGLEmPH+giKFl4dWbKV6UCHU6YATBYp3DURMSEB3eH/oSEvXNkAh3w==
-----END CERTIFICATE-----