Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f26ecf3-79e2-4ca0-b6bf-a3fa30627792.roa
File:                     1f26ecf3-79e2-4ca0-b6bf-a3fa30627792.roa (raw, json)
Hash identifier:          jY8s8cJtsAC+oEm/nrh18W7rxS+vwcmjfTbiiocRbFM=
Subject key identifier:   0C:91:CE:23:90:66:39:BF:38:71:52:AC:00:08:0C:BC:82:A7:B8:00
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7DB02865D988C0652301CFB77D57A5063D84960A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f26ecf3-79e2-4ca0-b6bf-a3fa30627792.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        104.200.224.0/19 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:b0:28:65:d9:88:c0:65:23:01:cf:b7:7d:57:a5:06:3d:84:96:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=75d256720bf2fb2bdd3c1a5d263777a43039267361fd671f38b8fa137c9cadb0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b7:3a:73:ed:8b:84:4f:ad:44:42:cd:eb:2c:
                    d6:cf:ca:e4:4e:24:3a:9a:fe:c8:72:4b:4d:cb:7c:
                    f6:ce:9c:15:71:e2:63:6e:c9:b0:25:29:b6:db:ab:
                    e3:1d:ec:d7:d4:72:e0:31:d8:a5:65:d3:1c:2c:20:
                    bc:d4:d8:cd:0d:2d:4f:c2:5a:b3:6f:22:1c:dd:27:
                    87:21:4e:de:9d:e2:69:85:db:1f:48:98:ca:65:d5:
                    6c:84:ab:34:a9:65:b7:e1:82:d9:32:94:fc:70:26:
                    7f:90:1b:09:0f:65:cf:4e:cf:6d:50:95:7f:cb:50:
                    10:a4:43:fd:35:62:44:5b:f5:8f:71:e1:0f:6d:e4:
                    04:01:78:fd:e4:c0:b3:fc:2a:58:a8:34:41:0b:ba:
                    ed:53:a2:bb:2e:d4:58:71:9b:ba:6d:31:2f:d6:25:
                    2a:f3:7e:54:14:6b:de:1f:b9:4f:3a:ec:75:56:1c:
                    f1:32:95:a3:58:92:f0:96:29:b5:f6:2a:b7:97:14:
                    a1:65:3b:98:44:72:a3:df:f8:dc:bf:12:97:34:b6:
                    7f:3c:20:a8:f1:5a:76:2d:cc:e1:6d:ce:31:a1:5e:
                    c5:f4:8e:0c:19:de:e2:eb:b1:de:68:40:f4:da:b5:
                    f6:0b:74:1e:04:21:f9:f7:35:2e:48:b9:b6:79:a8:
                    9b:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:91:CE:23:90:66:39:BF:38:71:52:AC:00:08:0C:BC:82:A7:B8:00
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f26ecf3-79e2-4ca0-b6bf-a3fa30627792.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.200.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c6:9c:53:fb:02:3e:78:bd:cd:29:fe:8d:29:9a:3a:bc:27:85:
         db:5c:0b:14:32:2e:67:77:ea:0a:86:09:e8:15:21:00:3c:de:
         2a:b3:fb:8a:59:98:83:e3:52:5c:5d:80:2b:91:38:b1:a7:03:
         98:2e:4f:c7:1d:4e:19:2f:09:1f:85:b7:48:30:00:03:a9:47:
         f6:c4:ce:cc:d4:25:6d:b6:7c:40:d8:b5:38:02:27:8a:d5:5b:
         18:9d:44:c5:f5:58:ec:c3:fe:51:f3:68:e1:10:11:17:26:85:
         1c:2e:06:53:c2:8c:ef:a9:c9:52:01:6b:9a:70:fc:54:43:bf:
         eb:57:83:3c:27:1d:45:64:06:d9:2f:1c:29:aa:00:52:6d:85:
         cf:dd:3f:39:80:ae:1b:09:36:b7:c8:75:d7:36:03:5e:d9:5c:
         98:c3:b2:ba:fa:42:78:9c:90:2b:22:28:6c:72:1c:bf:de:54:
         b6:27:10:63:e3:fd:bc:e4:f0:6b:7a:66:5d:63:07:33:00:71:
         50:64:6e:25:31:1b:53:18:6f:c7:d5:28:3e:9b:c7:28:f2:53:
         09:a1:fa:9f:6f:4b:32:36:c6:c2:88:13:a5:e5:fe:2b:d2:6d:
         31:95:45:71:e4:60:f7:20:66:1c:05:f6:72:61:77:b0:6a:24:
         0f:0c:a5:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfbAoZdmIwGUjAc+3fVelBj2ElgowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NWQyNTY3MjBiZjJmYjJiZGQzYzFhNWQyNjM3NzdhNDMw
MzkyNjczNjFmZDY3MWYzOGI4ZmExMzdjOWNhZGIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCptzpz7YuET61EQs3rLNbPyuROJDqa/shyS03LfPbOnBVx
4mNuybAlKbbbq+Md7NfUcuAx2KVl0xwsILzU2M0NLU/CWrNvIhzdJ4chTt6d4mmF
2x9ImMpl1WyEqzSpZbfhgtkylPxwJn+QGwkPZc9Oz21QlX/LUBCkQ/01YkRb9Y9x
4Q9t5AQBeP3kwLP8KlioNEELuu1Torsu1Fhxm7ptMS/WJSrzflQUa94fuU867HVW
HPEylaNYkvCWKbX2KreXFKFlO5hEcqPf+Ny/Epc0tn88IKjxWnYtzOFtzjGhXsX0
jgwZ3uLrsd5oQPTatfYLdB4EIfn3NS5IubZ5qJthAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDJHOI5BmOb84cVKsAAgMvIKnuAAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFmMjZlY2YzLTc5ZTItNGNhMC1iNmJmLWEzZmEzMDYyNzc5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVoyOAwDQYJKoZIhvcNAQELBQADggEBAMacU/sCPni9zSn+jSmaOrwnhdtc
CxQyLmd36gqGCegVIQA83iqz+4pZmIPjUlxdgCuROLGnA5guT8cdThkvCR+Ft0gw
AAOpR/bEzszUJW22fEDYtTgCJ4rVWxidRMX1WOzD/lHzaOEQERcmhRwuBlPCjO+p
yVIBa5pw/FRDv+tXgzwnHUVkBtkvHCmqAFJthc/dPzmArhsJNrfIddc2A17ZXJjD
srr6QnickCsiKGxyHL/eVLYnEGPj/bzk8Gt6Zl1jBzMAcVBkbiUxG1MYb8fVKD6b
xyjyUwmh+p9vSzI2xsKIE6Xl/ivSbTGVRXHkYPcgZhwF9nJhd7BqJA8MpRM=
-----END CERTIFICATE-----