Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/199b8fb2-1d47-4a06-8b12-4d7b1d3f3de6.roa
File:                     199b8fb2-1d47-4a06-8b12-4d7b1d3f3de6.roa (raw, json)
Hash identifier:          sg0rlcawCb0rNKFVCNmy4ASsoObJtPK0/mBVBdh6Xtc=
Subject key identifier:   CC:B9:91:C8:26:9D:3E:23:E1:A3:DB:B4:BA:59:EE:58:D5:5B:96:79
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5316431552BE0F0F0E9D21D5F48A76D3A84CACF0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/199b8fb2-1d47-4a06-8b12-4d7b1d3f3de6.roa
Signing time:             Thu 26 Dec 2024 00:00:00 +0000
ROA not before:           Thu 26 Dec 2024 00:00:00 +0000
ROA not after:            Thu 30 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        99.143.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:16:43:15:52:be:0f:0f:0e:9d:21:d5:f4:8a:76:d3:a8:4c:ac:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 26 00:00:00 2024 GMT
            Not After : Jan 30 23:59:59 2025 GMT
        Subject: serialNumber=9d3a3d35f6e3706cf12ae9c122dc8f9babd67370f79977cbee7b9fa38f81fb07, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:82:ff:ae:e0:20:e2:a7:bb:e3:b4:5f:56:60:
                    34:4d:68:6b:ff:c3:68:ac:bb:7e:de:09:bc:69:45:
                    8c:58:42:01:b9:f6:ee:af:15:46:9a:e6:5b:8f:e4:
                    8c:7c:5b:df:44:bc:0f:47:0e:17:8e:c9:c8:86:48:
                    4a:35:24:5d:50:84:d2:1a:ca:aa:7f:84:67:47:f1:
                    07:5d:37:5f:4b:ac:4c:27:86:35:a8:66:01:35:88:
                    9e:97:14:e8:52:f0:92:9f:fe:18:ae:8f:7f:3c:1c:
                    cc:f6:94:4c:eb:ba:f9:0e:22:e2:8d:54:60:c5:39:
                    97:1c:88:30:71:40:5e:dd:e5:c4:9c:54:36:ba:24:
                    b7:a2:0d:32:ae:c1:5f:9c:9b:44:52:78:b2:21:f7:
                    ea:01:9f:63:42:75:4e:ba:c6:cc:33:b0:6e:18:8f:
                    d1:22:69:78:e7:1e:14:72:9c:ac:f4:8a:39:98:cf:
                    f2:72:51:b7:ac:26:60:aa:5b:d1:e0:3d:5d:93:10:
                    b9:fb:bd:89:65:91:62:4d:26:a9:e8:a3:53:7f:46:
                    8b:c2:5e:6c:3f:b3:33:22:18:7c:51:93:3f:f5:d5:
                    66:5d:5d:08:cd:36:3f:c3:0b:59:e4:86:67:cb:a2:
                    38:80:4c:1a:60:b5:4f:84:2c:b9:cb:d0:cc:2c:ef:
                    9e:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:B9:91:C8:26:9D:3E:23:E1:A3:DB:B4:BA:59:EE:58:D5:5B:96:79
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/199b8fb2-1d47-4a06-8b12-4d7b1d3f3de6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.143.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9b:1e:b5:33:30:1c:21:18:f4:20:9e:b3:ea:3d:fa:5a:9b:a5:
         6d:2d:74:43:fa:8d:49:d4:3a:f3:a3:0a:ca:d3:e6:6f:2a:13:
         e1:ec:45:59:c8:03:fb:ee:b3:62:cd:17:16:d9:c8:17:be:27:
         7e:1c:4b:55:75:e8:19:ba:a4:3e:db:ff:12:68:ca:bc:44:56:
         6c:a7:fb:fa:0c:31:c8:33:fb:35:df:fd:b4:23:aa:c3:17:76:
         c1:d5:ce:e4:2d:67:89:d6:9e:23:15:82:09:25:da:2e:95:a6:
         5e:2e:6d:17:a9:d2:da:45:c5:5d:45:dd:05:20:ef:a7:c0:83:
         d3:74:fa:e2:ff:e5:23:7e:e5:07:60:9f:30:5d:15:2c:f5:c7:
         d4:09:dc:fc:88:d7:07:c8:58:5a:51:f3:db:a7:a6:33:82:f3:
         a2:d8:d0:16:34:28:8e:5a:3e:4a:0b:6c:dd:d0:b8:53:50:64:
         79:0a:73:a9:9f:c9:c6:06:57:86:20:cd:bb:ed:67:f0:90:44:
         55:2f:e6:01:98:38:b4:cc:3b:01:dc:f9:a4:b1:6e:a1:47:1e:
         b5:c8:1e:9a:7e:3e:31:cb:2c:d9:b2:69:f2:29:0a:ee:4b:d3:
         63:2b:83:af:79:0a:e6:28:1f:83:3a:f6:4e:72:35:70:c9:89:
         63:f3:ba:e4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUxZDFVK+Dw8OnSHV9Ip206hMrPAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI2MDAwMDAwWhcNMjUwMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDNhM2QzNWY2ZTM3MDZjZjEyYWU5YzEyMmRjOGY5YmFi
ZDY3MzcwZjc5OTc3Y2JlZTdiOWZhMzhmODFmYjA3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbgv+u4CDip7vjtF9WYDRNaGv/w2isu37eCbxpRYxYQgG5
9u6vFUaa5luP5Ix8W99EvA9HDheOyciGSEo1JF1QhNIayqp/hGdH8QddN19LrEwn
hjWoZgE1iJ6XFOhS8JKf/hiuj388HMz2lEzruvkOIuKNVGDFOZcciDBxQF7d5cSc
VDa6JLeiDTKuwV+cm0RSeLIh9+oBn2NCdU66xswzsG4Yj9EiaXjnHhRynKz0ijmY
z/JyUbesJmCqW9HgPV2TELn7vYllkWJNJqnoo1N/RovCXmw/szMiGHxRkz/11WZd
XQjNNj/DC1nkhmfLojiATBpgtU+ELLnL0Mws755lAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzLmRyCadPiPho9u0ulnuWNVblnkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5OWI4ZmIyLTFkNDctNGEwNi04YjEyLTRkN2IxZDNmM2RlNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBjjzANBgkqhkiG9w0BAQsFAAOCAQEAmx61MzAcIRj0IJ6z6j36WpulbS10
Q/qNSdQ686MKytPmbyoT4exFWcgD++6zYs0XFtnIF74nfhxLVXXoGbqkPtv/EmjK
vERWbKf7+gwxyDP7Nd/9tCOqwxd2wdXO5C1nidaeIxWCCSXaLpWmXi5tF6nS2kXF
XUXdBSDvp8CD03T64v/lI37lB2CfMF0VLPXH1Anc/IjXB8hYWlHz26emM4LzotjQ
FjQojlo+Sgts3dC4U1BkeQpzqZ/JxgZXhiDNu+1n8JBEVS/mAZg4tMw7Adz5pLFu
oUcetcgemn4+Mcss2bJp8ikK7kvTYyuDr3kK5igfgzr2TnI1cMmJY/O65A==
-----END CERTIFICATE-----