Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22bac276-7706-4557-a279-949394c32577.roa
File:                     22bac276-7706-4557-a279-949394c32577.roa (raw, json)
Hash identifier:          TTR21VkT/3YhdgRSt7qtbtnthM6OrVFEAxUbGC4ZZV8=
Subject key identifier:   E4:F2:7C:82:48:23:72:DB:DB:6C:E6:AF:13:AF:A6:4E:17:F3:E7:8D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       407363915A6379EB07FB5624EBEFDC80ED95E72C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22bac276-7706-4557-a279-949394c32577.roa
Signing time:             Mon 23 Dec 2024 00:00:00 +0000
ROA not before:           Mon 23 Dec 2024 00:00:00 +0000
ROA not after:            Mon 27 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        46.168.0.0/15 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:73:63:91:5a:63:79:eb:07:fb:56:24:eb:ef:dc:80:ed:95:e7:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 23 00:00:00 2024 GMT
            Not After : Jan 27 23:59:59 2025 GMT
        Subject: serialNumber=f6c36718df01f3b5c29abd1ec1e8918a9595459c63634ed203fc625d0e6ee5ac, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:17:21:2c:b2:97:a7:38:2f:11:1b:9b:e7:1e:
                    eb:e4:93:8b:bd:00:e8:67:fc:c1:38:37:c4:3d:b5:
                    4d:0c:7d:23:fa:68:b5:0c:f9:cc:95:4e:ce:42:99:
                    a4:d0:d8:6a:f3:39:02:c9:55:f2:1d:bc:92:40:fc:
                    fe:28:6e:69:d3:1e:b6:0a:72:f6:ed:a6:f8:89:0b:
                    7f:f2:3f:f5:e4:e1:37:ab:87:24:6e:bd:12:3c:6c:
                    68:96:17:6d:be:83:81:d4:31:65:b7:ac:3d:1c:02:
                    f1:6f:7d:e9:65:21:43:27:9c:06:1d:28:13:c8:55:
                    8e:78:a4:5f:2b:6f:7d:82:8e:e5:ac:04:ec:06:5b:
                    6b:9e:b7:41:f4:dc:b7:7a:f4:6c:c4:0d:8f:cb:d4:
                    c3:59:a8:8c:2e:74:05:c9:30:41:c4:98:1a:42:b5:
                    12:c2:00:5d:84:49:ff:9e:f6:34:07:ac:f6:d7:89:
                    c4:a9:fc:e1:f7:43:f7:33:1b:9a:93:d9:76:8b:42:
                    8c:98:4e:88:63:06:5c:1f:01:ce:3a:b2:f3:79:a7:
                    9e:3b:02:e5:2d:2c:a0:3d:db:ee:32:8d:d2:68:ec:
                    18:54:6a:ad:27:17:65:92:e6:2c:c0:e8:46:97:30:
                    c7:fa:3d:37:b2:83:35:7e:43:f2:8b:a6:1f:3e:74:
                    7a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:F2:7C:82:48:23:72:DB:DB:6C:E6:AF:13:AF:A6:4E:17:F3:E7:8D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/22bac276-7706-4557-a279-949394c32577.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.168.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         c5:9f:b9:58:00:ce:e3:dd:dd:4b:8c:15:e9:c9:88:11:26:d7:
         31:74:f3:cc:a7:98:a0:1d:2a:32:2d:e5:e9:b0:56:d1:de:fa:
         19:b8:76:30:0a:8f:6c:d5:8f:a9:6f:1d:5c:1e:b5:c6:16:95:
         82:a2:3b:31:c9:f9:ad:3f:61:24:4f:88:21:bc:f4:11:59:cd:
         32:b2:fa:a0:04:7f:57:fe:27:5e:eb:5c:f7:96:2c:99:04:0f:
         22:96:b3:15:67:1d:0b:b9:88:d9:54:4f:b0:5a:fd:6d:99:77:
         71:d2:d0:0e:5b:66:91:19:36:66:e0:00:34:25:cd:97:49:c0:
         1d:cd:73:29:5f:1f:97:5a:9e:01:cc:0d:00:f8:12:a2:89:ca:
         03:f8:89:da:92:56:e1:0a:98:69:f8:28:c3:c0:3a:63:29:c6:
         cf:f5:86:84:58:d2:9f:8c:20:57:3a:41:8e:7e:74:f5:ad:80:
         2c:48:23:09:5d:c1:10:8a:e0:65:2f:32:e5:3b:9d:b7:82:4b:
         ec:b0:b2:ed:8d:b8:34:e6:51:f7:1f:33:df:06:26:34:65:e6:
         70:49:60:23:88:e5:d1:51:0d:5f:02:58:df:8a:01:49:e2:56:
         12:cf:aa:7c:d1:2c:b3:e8:73:a8:6a:67:32:00:81:9c:1e:e4:
         0d:79:b3:f1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQHNjkVpjeesH+1Yk6+/cgO2V5ywwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNmMzNjcxOGRmMDFmM2I1YzI5YWJkMWVjMWU4OTE4YTk1
OTU0NTljNjM2MzRlZDIwM2ZjNjI1ZDBlNmVlNWFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBFyEsspenOC8RG5vnHuvkk4u9AOhn/ME4N8Q9tU0MfSP6
aLUM+cyVTs5CmaTQ2GrzOQLJVfIdvJJA/P4obmnTHrYKcvbtpviJC3/yP/Xk4Ter
hyRuvRI8bGiWF22+g4HUMWW3rD0cAvFvfellIUMnnAYdKBPIVY54pF8rb32CjuWs
BOwGW2uet0H03Ld69GzEDY/L1MNZqIwudAXJMEHEmBpCtRLCAF2ESf+e9jQHrPbX
icSp/OH3Q/czG5qT2XaLQoyYTohjBlwfAc46svN5p547AuUtLKA92+4yjdJo7BhU
aq0nF2WS5izA6EaXMMf6PTeygzV+Q/KLph8+dHoVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5PJ8gkgjctvbbOavE6+mThfz540wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIyYmFjMjc2LTc3MDYtNDU1Ny1hMjc5LTk0OTM5NGMzMjU3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEuqDANBgkqhkiG9w0BAQsFAAOCAQEAxZ+5WADO493dS4wV6cmIESbXMXTz
zKeYoB0qMi3l6bBW0d76Gbh2MAqPbNWPqW8dXB61xhaVgqI7Mcn5rT9hJE+IIbz0
EVnNMrL6oAR/V/4nXutc95YsmQQPIpazFWcdC7mI2VRPsFr9bZl3cdLQDltmkRk2
ZuAANCXNl0nAHc1zKV8fl1qeAcwNAPgSoonKA/iJ2pJW4QqYafgow8A6YynGz/WG
hFjSn4wgVzpBjn509a2ALEgjCV3BEIrgZS8y5Tudt4JL7LCy7Y24NOZR9x8z3wYm
NGXmcElgI4jl0VENXwJY34oBSeJWEs+qfNEss+hzqGpnMgCBnB7kDXmz8Q==
-----END CERTIFICATE-----