Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f03dfc4-a310-4dfa-97eb-969233160651.roa
File:                     1f03dfc4-a310-4dfa-97eb-969233160651.roa (raw, json)
Hash identifier:          W47erJT/1HmCh++NTU0WP2riCrhxR8H4AxKlLfJ6bzU=
Subject key identifier:   2D:AC:E3:80:59:86:5F:5F:B9:56:7C:B0:16:E4:1A:22:69:D7:D2:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5BB18A797D9E70B31E6C4B09B939090F21DE36A8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f03dfc4-a310-4dfa-97eb-969233160651.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        168.157.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:b1:8a:79:7d:9e:70:b3:1e:6c:4b:09:b9:39:09:0f:21:de:36:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=6e2fed94b6440afe83fe34c092ea0a23afb54fdc6632c5c8f0558d11c668e961, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:df:ea:c6:9d:7e:d7:f3:5d:15:35:3d:cf:4a:
                    ba:9c:f2:f8:66:77:42:3e:50:cc:00:1f:01:e1:b2:
                    90:52:7d:1f:7b:3b:a9:d4:de:ca:57:4d:4f:ee:43:
                    48:cc:b0:bb:2d:33:de:04:fd:2e:fe:51:57:7f:71:
                    63:7f:d2:ff:de:76:b0:03:ef:8a:32:b8:20:2b:fc:
                    5d:e1:67:28:6f:34:4a:35:6c:58:0b:ed:09:eb:6e:
                    52:0b:c4:a3:b7:a8:bb:22:27:de:9c:1d:d1:77:06:
                    4d:6f:9a:17:75:63:cb:82:62:84:f6:0b:7b:ae:4e:
                    a8:a4:61:b9:3a:d0:1a:92:df:c5:80:3a:62:54:a9:
                    0b:c4:be:43:97:6c:b0:79:9e:44:59:67:ed:ff:3a:
                    f3:bd:3a:c1:a4:89:42:20:80:67:c3:62:4e:bd:17:
                    4e:f4:09:95:6b:c3:eb:da:47:36:13:c9:98:ac:97:
                    fd:f8:e0:09:6e:15:29:1d:f6:6a:70:56:b4:3c:6a:
                    1b:30:ec:4a:2d:8a:eb:bd:52:12:81:e1:02:23:12:
                    f2:ca:7d:ed:8f:29:d3:0b:d2:74:3e:6c:d1:3f:9c:
                    40:fe:50:b4:ed:b7:cd:de:bc:56:a4:16:3c:9f:32:
                    82:1a:47:a0:b8:e6:d3:86:6d:42:77:4c:6b:b0:e7:
                    f8:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:AC:E3:80:59:86:5F:5F:B9:56:7C:B0:16:E4:1A:22:69:D7:D2:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f03dfc4-a310-4dfa-97eb-969233160651.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.157.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         05:c1:5b:46:46:bd:81:68:64:5c:32:20:27:79:fa:04:35:1d:
         7a:ca:1b:9c:8a:21:71:09:f9:ae:3a:f8:23:2f:4e:b9:fd:c4:
         93:ae:4d:58:9f:ff:50:78:c3:38:13:ae:cc:dd:7a:04:fc:d4:
         e2:b2:2a:83:55:0b:b3:c6:08:a6:72:96:9c:e2:26:94:d3:0c:
         ab:98:4c:e3:d3:db:12:61:f5:dc:a8:a5:0b:01:18:d3:e1:87:
         74:44:cf:b2:09:f3:88:36:41:56:3d:51:50:30:d5:01:94:c5:
         3c:f4:08:7c:41:12:4b:4e:f1:a7:f4:11:0d:c0:b3:51:f0:4e:
         0f:1f:49:24:cf:4d:5c:59:73:e4:82:1b:b3:9c:ca:28:a4:b8:
         42:d7:85:f1:9c:38:1d:96:5c:86:d6:6f:05:3d:fb:e7:b8:f7:
         44:33:07:19:3e:1c:27:b6:9b:f6:09:f7:62:ab:56:c9:57:96:
         78:9e:4d:3c:1d:f1:63:58:c2:a4:52:55:a0:72:00:6f:4b:7b:
         10:9c:66:00:69:c0:e5:22:28:cc:c9:6e:a0:28:37:95:e0:24:
         3b:59:26:1f:8d:76:1c:d7:24:86:c6:3d:ac:84:d6:3d:02:cf:
         db:76:55:fd:35:85:2e:c6:5c:9f:95:6e:32:19:49:a2:ec:33:
         77:63:b8:80
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUW7GKeX2ecLMebEsJuTkJDyHeNqgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZTJmZWQ5NGI2NDQwYWZlODNmZTM0YzA5MmVhMGEyM2Fm
YjU0ZmRjNjYzMmM1YzhmMDU1OGQxMWM2NjhlOTYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCU3+rGnX7X810VNT3PSrqc8vhmd0I+UMwAHwHhspBSfR97
O6nU3spXTU/uQ0jMsLstM94E/S7+UVd/cWN/0v/edrAD74oyuCAr/F3hZyhvNEo1
bFgL7QnrblILxKO3qLsiJ96cHdF3Bk1vmhd1Y8uCYoT2C3uuTqikYbk60BqS38WA
OmJUqQvEvkOXbLB5nkRZZ+3/OvO9OsGkiUIggGfDYk69F070CZVrw+vaRzYTyZis
l/344AluFSkd9mpwVrQ8ahsw7Eotiuu9UhKB4QIjEvLKfe2PKdML0nQ+bNE/nED+
ULTtt83evFakFjyfMoIaR6C45tOGbUJ3TGuw5/g3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQULazjgFmGX1+5VnywFuQaImnX0qUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFmMDNkZmM0LWEzMTAtNGRmYS05N2ViLTk2OTIzMzE2MDY1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwConTANBgkqhkiG9w0BAQsFAAOCAQEABcFbRka9gWhkXDIgJ3n6BDUdesob
nIohcQn5rjr4Iy9Ouf3Ek65NWJ//UHjDOBOuzN16BPzU4rIqg1ULs8YIpnKWnOIm
lNMMq5hM49PbEmH13KilCwEY0+GHdETPsgnziDZBVj1RUDDVAZTFPPQIfEESS07x
p/QRDcCzUfBODx9JJM9NXFlz5IIbs5zKKKS4QteF8Zw4HZZchtZvBT3757j3RDMH
GT4cJ7ab9gn3YqtWyVeWeJ5NPB3xY1jCpFJVoHIAb0t7EJxmAGnA5SIozMluoCg3
leAkO1kmH412HNckhsY9rITWPQLP23ZV/TWFLsZcn5VuMhlJouwzd2O4gA==
-----END CERTIFICATE-----