Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c6a736f-73c8-4db9-aaeb-4ffe174f99a0.roa
File:                     1c6a736f-73c8-4db9-aaeb-4ffe174f99a0.roa (raw, json)
Hash identifier:          H280PYUitQbnWcjzAHvwqTEdXCm+rWVU6O7RcPQIDlg=
Subject key identifier:   FF:F7:B5:96:B9:77:FD:C7:F0:DF:2C:2F:FB:8E:2A:79:1F:9C:F5:3F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5597953015F820A2B7C762A6EF17FD3381020A8C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c6a736f-73c8-4db9-aaeb-4ffe174f99a0.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.36.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:97:95:30:15:f8:20:a2:b7:c7:62:a6:ef:17:fd:33:81:02:0a:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=65e5cbe2f1027d91047990c4c6dfedabd55448cc65c98b23d35c5075c14861c6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:06:da:f7:79:f3:f9:b5:ac:fd:55:a8:c4:ce:
                    6f:af:ea:4a:9b:de:02:31:5f:9b:43:72:d5:7a:ce:
                    be:c9:3d:9e:d3:f9:30:46:a4:57:31:da:5a:1c:6e:
                    cf:94:3c:78:f4:3b:80:09:46:a9:03:07:a7:30:fe:
                    14:b4:97:f1:cc:56:57:97:c7:7c:54:3b:5e:6c:f5:
                    87:99:5d:71:b2:2c:84:f6:f1:58:52:b5:88:c3:59:
                    60:17:91:ec:98:e5:ff:41:1f:53:d8:94:aa:05:1c:
                    81:ed:7a:b6:0d:17:2a:9e:75:7e:45:77:6a:e5:22:
                    47:77:72:71:f7:6d:c5:a4:63:18:7b:70:93:dc:ed:
                    8a:54:9e:3f:5c:26:b3:99:8c:10:a9:fc:09:ac:7f:
                    78:f7:85:7e:f9:d9:99:74:95:ad:01:1b:01:e2:2e:
                    b6:93:a0:34:66:ad:22:72:1d:ce:68:9a:92:f1:1a:
                    9c:03:df:de:82:50:81:9b:ff:b9:9d:7c:a6:b8:3a:
                    4f:0e:01:4b:2b:a6:93:f7:7e:ce:07:0f:27:3c:32:
                    10:98:5b:3c:ea:fb:aa:45:33:bb:e3:bf:77:cd:e9:
                    9b:15:0c:b2:ec:5e:4b:27:da:6b:80:9c:6a:e8:0d:
                    0f:54:14:37:d1:f7:c9:71:b1:07:5f:c0:f9:a5:94:
                    71:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:F7:B5:96:B9:77:FD:C7:F0:DF:2C:2F:FB:8E:2A:79:1F:9C:F5:3F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c6a736f-73c8-4db9-aaeb-4ffe174f99a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.36.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8f:79:91:29:f0:c2:c3:f7:e0:5d:77:6a:d5:34:1b:28:2b:a1:
         6e:d2:88:51:21:a3:35:40:2f:26:f4:d7:aa:c9:90:13:a1:a8:
         08:aa:22:10:9b:52:26:80:52:9d:77:5d:26:e7:2c:c6:fb:30:
         84:b8:50:5b:3c:cf:59:25:20:16:2d:ee:5b:88:b0:6b:ad:5b:
         6c:62:74:cf:12:72:aa:1f:7f:b7:67:44:13:e0:7b:78:05:21:
         f7:46:2d:f5:6d:c3:a2:dd:a5:fa:77:66:54:a4:7a:e6:9d:64:
         c3:52:01:26:b0:99:ea:a6:7c:40:eb:cb:33:d1:0b:95:96:36:
         cd:39:d4:8b:93:f0:5c:7d:18:5e:73:0f:17:49:a1:bb:c6:03:
         e9:ad:70:59:2f:cb:8f:ba:a4:3f:82:1e:36:f7:66:51:b2:e0:
         b0:0b:b6:f8:56:32:b0:d8:62:32:98:17:8a:02:6c:b2:89:7c:
         13:cc:fa:8a:0d:0e:bf:c6:c4:48:5c:03:09:df:b2:b9:24:c0:
         8f:5b:97:ee:24:a4:98:d1:e8:40:c3:e8:bb:ef:50:00:3c:80:
         b5:2b:53:a1:40:bb:1b:8e:45:a2:7f:b5:39:bf:d1:e3:d6:e9:
         b9:a2:ae:ba:45:27:9b:55:a0:24:61:5c:c6:74:ec:8c:44:7d:
         5b:fb:f8:79
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVZeVMBX4IKK3x2Km7xf9M4ECCowwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NWU1Y2JlMmYxMDI3ZDkxMDQ3OTkwYzRjNmRmZWRhYmQ1
NTQ0OGNjNjVjOThiMjNkMzVjNTA3NWMxNDg2MWM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTBtr3efP5taz9VajEzm+v6kqb3gIxX5tDctV6zr7JPZ7T
+TBGpFcx2locbs+UPHj0O4AJRqkDB6cw/hS0l/HMVleXx3xUO15s9YeZXXGyLIT2
8VhStYjDWWAXkeyY5f9BH1PYlKoFHIHterYNFyqedX5Fd2rlIkd3cnH3bcWkYxh7
cJPc7YpUnj9cJrOZjBCp/Amsf3j3hX752Zl0la0BGwHiLraToDRmrSJyHc5ompLx
GpwD396CUIGb/7mdfKa4Ok8OAUsrppP3fs4HDyc8MhCYWzzq+6pFM7vjv3fN6ZsV
DLLsXksn2muAnGroDQ9UFDfR98lxsQdfwPmllHG/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU//e1lrl3/cfw3ywv+44qeR+c9T8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFjNmE3MzZmLTczYzgtNGRiOS1hYWViLTRmZmUxNzRmOTlhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4JDANBgkqhkiG9w0BAQsFAAOCAQEAj3mRKfDCw/fgXXdq1TQbKCuhbtKI
USGjNUAvJvTXqsmQE6GoCKoiEJtSJoBSnXddJucsxvswhLhQWzzPWSUgFi3uW4iw
a61bbGJ0zxJyqh9/t2dEE+B7eAUh90Yt9W3Dot2l+ndmVKR65p1kw1IBJrCZ6qZ8
QOvLM9ELlZY2zTnUi5PwXH0YXnMPF0mhu8YD6a1wWS/Lj7qkP4IeNvdmUbLgsAu2
+FYysNhiMpgXigJssol8E8z6ig0Ov8bESFwDCd+yuSTAj1uX7iSkmNHoQMPou+9Q
ADyAtStToUC7G45Fon+1Ob/R49bpuaKuukUnm1WgJGFcxnTsjER9W/v4eQ==
-----END CERTIFICATE-----