Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2392fa5e-58a9-404c-9aa6-6c6f04ee56ff.roa
File:                     2392fa5e-58a9-404c-9aa6-6c6f04ee56ff.roa (raw, json)
Hash identifier:          lu6Bg5yIXNSHmkKLO4avi7J53RC1nvVskkSqqRGHLz0=
Subject key identifier:   89:99:B6:80:D5:95:86:32:53:FB:2B:E8:64:A0:F8:7D:88:8E:3F:79
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5EB3943A97ABF6A8F8155CCBFE7B49743779AB49
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2392fa5e-58a9-404c-9aa6-6c6f04ee56ff.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.233.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:b3:94:3a:97:ab:f6:a8:f8:15:5c:cb:fe:7b:49:74:37:79:ab:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=4f5247ddcd9ca8e4d462252483c97a8a528089bc9f68f6d3c9ce3d97e51f45dc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:19:d8:22:45:9a:67:fd:fa:f3:bc:f2:54:95:
                    3a:e4:1f:36:01:f2:5e:64:dd:24:c3:bd:b1:0e:83:
                    1e:10:9d:c8:26:9b:58:9d:96:f3:4e:bc:05:c3:c8:
                    eb:0b:93:ad:f7:c4:c9:25:59:c3:42:99:71:f4:70:
                    1d:69:1d:39:52:6f:69:8f:08:78:30:fc:c3:18:79:
                    15:9f:ac:ff:ab:8c:62:58:7a:af:4c:ac:ab:c5:e6:
                    08:3f:5b:05:be:e1:53:30:4b:0d:ed:50:cd:19:19:
                    87:88:87:d4:f1:b5:3d:32:eb:33:9c:7c:97:f2:83:
                    fb:09:dc:00:5a:f6:87:29:a4:65:b1:f3:de:03:1b:
                    44:5a:5a:aa:9a:a1:d4:cc:63:ef:e8:64:65:2c:7a:
                    a7:bd:58:70:8d:35:b3:cf:bd:16:02:bf:00:42:35:
                    4a:63:0d:c2:de:b8:1f:b6:69:1e:e8:ae:79:08:b2:
                    b4:ed:31:37:eb:60:7c:7b:b4:63:12:59:2d:3c:a5:
                    cf:13:42:72:14:68:19:b8:4b:b1:a3:cc:9f:42:d4:
                    25:71:d7:9d:dd:cf:5c:0c:be:2d:ee:c7:43:c9:5c:
                    cb:f2:0c:42:86:7b:f1:02:73:f4:42:e1:93:ba:b5:
                    89:8a:7a:df:cd:78:34:70:5a:93:77:89:24:5a:47:
                    b4:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:99:B6:80:D5:95:86:32:53:FB:2B:E8:64:A0:F8:7D:88:8E:3F:79
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2392fa5e-58a9-404c-9aa6-6c6f04ee56ff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.233.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7c:ce:c6:6f:26:87:db:a3:c7:ba:87:d7:1f:55:2b:e6:52:c1:
         c7:7f:3f:0c:d4:46:a8:f1:13:a4:28:04:96:cd:4b:ca:2d:63:
         2a:f2:4f:79:1b:69:4e:36:1f:cd:07:c6:e9:af:24:a7:49:98:
         f6:80:95:8a:c1:5e:12:7e:d0:3e:ae:17:af:5d:91:34:9a:60:
         91:20:57:cb:ca:79:5a:06:29:b5:4e:e2:0e:42:99:83:b1:b8:
         27:eb:25:d1:32:da:6a:79:f3:7d:d0:10:d4:d2:37:27:34:63:
         7c:10:f2:73:9e:d5:55:1e:ac:30:04:5a:72:63:47:03:1e:05:
         37:ab:b8:0b:2f:d1:11:42:4a:46:c9:10:51:bc:0b:5e:56:f2:
         31:4e:a3:60:f3:1b:0a:71:90:25:a9:66:e7:d3:56:dc:d9:cc:
         17:56:e6:d3:7d:9a:cd:73:17:5e:b8:91:04:73:2c:b1:a8:8f:
         ed:50:a6:d9:ea:88:4a:33:12:3a:d1:47:74:2e:5f:cb:91:93:
         fb:d8:80:f2:a2:fc:73:2e:c8:c0:bf:79:34:a0:1d:7e:54:0a:
         9f:65:c4:68:9a:05:83:0a:45:f0:f5:5c:51:46:d9:93:9c:62:
         d8:4a:d5:2c:7c:37:4f:df:95:8c:0c:72:02:d1:d4:43:cf:bb:
         a6:ae:48:55
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXrOUOper9qj4FVzL/ntJdDd5q0kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZjUyNDdkZGNkOWNhOGU0ZDQ2MjI1MjQ4M2M5N2E4YTUy
ODA4OWJjOWY2OGY2ZDNjOWNlM2Q5N2U1MWY0NWRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaGdgiRZpn/frzvPJUlTrkHzYB8l5k3STDvbEOgx4Qncgm
m1idlvNOvAXDyOsLk633xMklWcNCmXH0cB1pHTlSb2mPCHgw/MMYeRWfrP+rjGJY
eq9MrKvF5gg/WwW+4VMwSw3tUM0ZGYeIh9TxtT0y6zOcfJfyg/sJ3ABa9ocppGWx
894DG0RaWqqaodTMY+/oZGUseqe9WHCNNbPPvRYCvwBCNUpjDcLeuB+2aR7ornkI
srTtMTfrYHx7tGMSWS08pc8TQnIUaBm4S7GjzJ9C1CVx153dz1wMvi3ux0PJXMvy
DEKGe/ECc/RC4ZO6tYmKet/NeDRwWpN3iSRaR7SJAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUiZm2gNWVhjJT+yvoZKD4fYiOP3kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzOTJmYTVlLTU4YTktNDA0Yy05YWE2LTZjNmYwNGVlNTZmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAP6TANBgkqhkiG9w0BAQsFAAOCAQEAfM7GbyaH26PHuofXH1Ur5lLBx38/
DNRGqPETpCgEls1Lyi1jKvJPeRtpTjYfzQfG6a8kp0mY9oCVisFeEn7QPq4Xr12R
NJpgkSBXy8p5WgYptU7iDkKZg7G4J+sl0TLaannzfdAQ1NI3JzRjfBDyc57VVR6s
MARacmNHAx4FN6u4Cy/REUJKRskQUbwLXlbyMU6jYPMbCnGQJalm59NW3NnMF1bm
032azXMXXriRBHMssaiP7VCm2eqISjMSOtFHdC5fy5GT+9iA8qL8cy7IwL95NKAd
flQKn2XEaJoFgwpF8PVcUUbZk5xi2ErVLHw3T9+VjAxyAtHUQ8+7pq5IVQ==
-----END CERTIFICATE-----