Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1ba9a11b-ed8a-4d4e-b7a1-7abc4dc86593.roa
File:                     1ba9a11b-ed8a-4d4e-b7a1-7abc4dc86593.roa (raw, json)
Hash identifier:          1zhQzYsWWmN+Yj2aoLrS1dCksKDUL75gNmc/C9X8/mI=
Subject key identifier:   6E:00:39:70:3F:34:CD:11:BF:12:22:43:50:E7:A4:1D:38:98:52:98
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2010136E6FB2A02C421C1388D176B8D74CD68954
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1ba9a11b-ed8a-4d4e-b7a1-7abc4dc86593.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.53.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:10:13:6e:6f:b2:a0:2c:42:1c:13:88:d1:76:b8:d7:4c:d6:89:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=6a12436616249967c5cbd0d357185fa3ab2bfe6137ea79bd69df8e2493e3e202, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:39:a2:df:fa:8e:ae:88:71:2d:e0:92:ca:b0:
                    e9:5a:d0:f5:90:77:38:36:9c:54:0f:8b:d5:9e:9e:
                    0b:a2:6b:5c:86:1c:0b:09:f7:de:e7:db:4f:c4:15:
                    7f:22:1e:78:e8:18:e0:2d:79:c3:ad:64:bd:f8:77:
                    46:47:7d:86:31:7d:84:2c:b1:d9:89:28:67:8f:8d:
                    e4:4e:fe:7f:32:10:9a:4a:e7:b8:77:8e:8e:eb:33:
                    9a:08:9c:ac:94:f6:64:e9:06:a0:1c:9b:f6:34:00:
                    e9:00:4d:ab:71:d9:a5:68:5e:b5:72:e8:20:47:13:
                    02:6c:4d:45:6a:a8:89:1d:bd:14:14:41:a0:c0:f8:
                    56:f0:af:b6:0c:f6:1e:ff:d0:f5:71:41:01:b3:18:
                    e4:13:47:34:56:f6:98:9b:a8:82:b0:e0:0b:10:81:
                    fb:9e:3b:73:40:3d:81:b9:49:96:4e:bb:6d:dd:9b:
                    9b:ba:f5:3d:fe:f4:b7:25:c3:44:e7:3d:17:23:76:
                    93:10:24:ac:e0:52:3c:13:fa:20:70:ae:34:79:88:
                    f8:7e:50:68:2e:bf:01:18:fe:c4:3b:51:20:ea:d1:
                    92:16:f1:20:df:42:0b:19:05:17:32:49:d4:8b:f5:
                    81:d0:93:93:7a:2d:40:e5:e6:6d:2a:5b:8a:ef:42:
                    79:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:00:39:70:3F:34:CD:11:BF:12:22:43:50:E7:A4:1D:38:98:52:98
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1ba9a11b-ed8a-4d4e-b7a1-7abc4dc86593.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b9:da:7e:35:32:b7:7a:84:93:8f:90:1b:5f:71:4b:00:6a:34:
         18:cb:c9:92:bc:d5:ca:18:d1:b2:34:c3:a9:55:b2:53:42:ce:
         2a:34:25:6b:ce:53:6f:2f:17:7e:4f:6f:11:b4:e3:af:f3:b3:
         6f:eb:8f:0a:81:e9:de:f6:a9:0d:7e:a2:96:38:ea:77:a5:d1:
         68:0d:7e:40:9b:c7:ff:ed:2b:6c:b6:61:d5:c4:c4:eb:24:b0:
         4e:65:61:86:65:33:f8:c9:82:b3:58:63:8e:fe:be:b0:c1:ef:
         48:19:27:18:2d:d7:a2:ad:69:79:21:44:5e:b1:c7:25:b8:51:
         fd:3d:09:77:5b:9d:31:df:60:9b:51:69:d0:92:3a:05:3f:f7:
         90:b0:7b:55:ef:1e:d8:b3:c8:59:b6:24:6a:26:61:18:6d:fe:
         7d:a1:09:1e:96:6e:2b:c4:6b:bc:86:98:2f:0b:f8:b0:bf:01:
         73:42:f4:43:ab:72:e2:ed:9a:17:e6:d9:84:cc:a5:a8:d9:88:
         55:25:4a:19:e1:21:b4:fb:f6:e4:09:83:95:b3:33:2c:b9:d8:
         d0:ce:32:3c:10:a0:1a:25:d5:cc:9f:99:f4:d7:63:50:c3:85:
         f1:cf:39:d4:5e:55:4d:8a:b4:ef:b8:5c:c6:54:19:8e:f8:b4:
         8e:10:14:4a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIBATbm+yoCxCHBOI0Xa410zWiVQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YTEyNDM2NjE2MjQ5OTY3YzVjYmQwZDM1NzE4NWZhM2Fi
MmJmZTYxMzdlYTc5YmQ2OWRmOGUyNDkzZTNlMjAyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYOaLf+o6uiHEt4JLKsOla0PWQdzg2nFQPi9Wenguia1yG
HAsJ997n20/EFX8iHnjoGOAtecOtZL34d0ZHfYYxfYQssdmJKGePjeRO/n8yEJpK
57h3jo7rM5oInKyU9mTpBqAcm/Y0AOkATatx2aVoXrVy6CBHEwJsTUVqqIkdvRQU
QaDA+Fbwr7YM9h7/0PVxQQGzGOQTRzRW9pibqIKw4AsQgfueO3NAPYG5SZZOu23d
m5u69T3+9Lclw0TnPRcjdpMQJKzgUjwT+iBwrjR5iPh+UGguvwEY/sQ7USDq0ZIW
8SDfQgsZBRcySdSL9YHQk5N6LUDl5m0qW4rvQnmNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbgA5cD80zRG/EiJDUOekHTiYUpgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFiYTlhMTFiLWVkOGEtNGQ0ZS1iN2ExLTdhYmM0ZGM4NjU5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4NTANBgkqhkiG9w0BAQsFAAOCAQEAudp+NTK3eoSTj5AbX3FLAGo0GMvJ
krzVyhjRsjTDqVWyU0LOKjQla85Tby8Xfk9vEbTjr/Ozb+uPCoHp3vapDX6iljjq
d6XRaA1+QJvH/+0rbLZh1cTE6ySwTmVhhmUz+MmCs1hjjv6+sMHvSBknGC3Xoq1p
eSFEXrHHJbhR/T0Jd1udMd9gm1Fp0JI6BT/3kLB7Ve8e2LPIWbYkaiZhGG3+faEJ
HpZuK8RrvIaYLwv4sL8Bc0L0Q6ty4u2aF+bZhMylqNmIVSVKGeEhtPv25AmDlbMz
LLnY0M4yPBCgGiXVzJ+Z9NdjUMOF8c851F5VTYq077hcxlQZjvi0jhAUSg==
-----END CERTIFICATE-----