Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/303ca285-4db3-4dc3-9e4c-6f27e8ea53b8.roa
File:                     303ca285-4db3-4dc3-9e4c-6f27e8ea53b8.roa (raw, json)
Hash identifier:          F2jSA+onzYdBCepYnRzC66Afl7RBlRP4f72joo8Huu0=
Subject key identifier:   F8:27:EE:75:66:B5:73:5F:7E:65:46:41:D5:CE:C8:BE:9F:04:31:D1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0B346614E045AAA6E46775C944E06698087C05FE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/303ca285-4db3-4dc3-9e4c-6f27e8ea53b8.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.184.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:34:66:14:e0:45:aa:a6:e4:67:75:c9:44:e0:66:98:08:7c:05:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=b86d0914ec9a6ddbb3bde8ec1818c4efe08b338f457b2f23e5d881a1e6e0b0ca, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7f:51:46:9e:70:df:a0:17:21:d3:5c:23:19:
                    96:0e:ab:1c:37:83:6a:b9:5c:be:e8:64:77:67:eb:
                    1e:a2:13:6e:0c:d2:65:92:c6:9c:57:6a:7f:c4:b2:
                    58:3d:2a:a1:cc:f5:ec:09:b5:95:40:cc:1b:82:39:
                    76:04:c9:46:c8:d3:02:f1:37:1d:d6:bc:5d:da:fe:
                    59:92:d6:60:62:74:1f:ed:34:f2:81:0c:0f:da:66:
                    81:1f:f5:28:f5:aa:a7:98:e0:e9:ad:2a:6c:83:0f:
                    72:ac:7f:52:58:1f:6b:0f:a4:d2:85:58:3b:ab:3a:
                    67:93:af:66:81:26:dc:e4:96:b0:e1:a1:ea:d9:49:
                    69:03:b8:be:e8:fd:d6:3f:b4:13:73:00:1a:76:6f:
                    d4:0d:cc:ce:75:a7:ba:d0:ee:3a:45:5d:e1:ca:cb:
                    ca:6c:ea:30:38:c8:f7:bb:f9:68:24:72:ab:f7:7b:
                    a4:2a:14:06:8b:0f:61:36:ec:f5:bc:fb:f1:2e:21:
                    db:2c:31:0c:00:f6:85:9f:db:59:2b:8c:21:63:0b:
                    b0:00:23:ab:be:e7:c4:7c:24:19:3c:5a:8b:98:f8:
                    3c:96:d8:6a:fb:0c:cd:7e:6c:57:88:25:77:5b:cf:
                    58:7b:23:ed:86:18:77:09:c5:c2:fb:5f:ea:1d:df:
                    cb:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:27:EE:75:66:B5:73:5F:7E:65:46:41:D5:CE:C8:BE:9F:04:31:D1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/303ca285-4db3-4dc3-9e4c-6f27e8ea53b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.184.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         be:3c:1b:65:1a:78:43:d6:67:b5:1d:5f:3b:bf:cc:29:c6:f7:
         90:99:11:04:06:91:b7:d0:67:03:97:da:26:78:f4:56:73:d0:
         d5:8c:80:f6:86:1e:7b:d9:32:43:14:f4:22:89:3f:29:b7:ca:
         4e:94:50:5b:52:93:42:14:11:60:a8:6c:27:77:20:5b:a0:14:
         51:53:d8:00:e2:4e:14:1a:f4:fd:1d:19:ba:9d:70:72:da:17:
         68:72:88:41:f3:ed:04:06:9e:6c:e6:d4:62:ed:81:70:c5:7e:
         8d:9a:34:c6:ca:bc:e1:a1:b3:1e:9c:be:f2:20:ef:b8:1a:ff:
         97:31:94:f7:15:e8:67:14:07:31:1a:6e:f6:5e:15:50:a6:fd:
         57:8a:57:56:35:67:25:05:96:bf:84:af:b3:e0:e8:c2:a5:47:
         de:44:6f:e0:97:e2:4e:1a:50:97:a2:54:25:54:35:f9:06:d1:
         24:c3:23:43:1e:2f:6e:d5:ea:b5:b9:71:cf:ea:a7:fe:3b:f3:
         c8:28:5f:78:a1:0f:f7:f2:a2:40:ff:f2:81:39:ad:5c:79:86:
         db:fb:36:d9:99:ca:02:6a:65:3c:37:99:81:cc:d0:45:a1:5e:
         6d:6f:36:85:1a:c0:8f:e8:49:73:37:d1:4e:b6:ed:f4:88:78:
         5d:85:45:6d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCzRmFOBFqqbkZ3XJROBmmAh8Bf4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiODZkMDkxNGVjOWE2ZGRiYjNiZGU4ZWMxODE4YzRlZmUw
OGIzMzhmNDU3YjJmMjNlNWQ4ODFhMWU2ZTBiMGNhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1f1FGnnDfoBch01wjGZYOqxw3g2q5XL7oZHdn6x6iE24M
0mWSxpxXan/Eslg9KqHM9ewJtZVAzBuCOXYEyUbI0wLxNx3WvF3a/lmS1mBidB/t
NPKBDA/aZoEf9Sj1qqeY4OmtKmyDD3Ksf1JYH2sPpNKFWDurOmeTr2aBJtzklrDh
oerZSWkDuL7o/dY/tBNzABp2b9QNzM51p7rQ7jpFXeHKy8ps6jA4yPe7+Wgkcqv3
e6QqFAaLD2E27PW8+/EuIdssMQwA9oWf21krjCFjC7AAI6u+58R8JBk8WouY+DyW
2Gr7DM1+bFeIJXdbz1h7I+2GGHcJxcL7X+od38sdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+CfudWa1c19+ZUZB1c7Ivp8EMdEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMwM2NhMjg1LTRkYjMtNGRjMy05ZTRjLTZmMjdlOGVhNTNiOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4uDANBgkqhkiG9w0BAQsFAAOCAQEAvjwbZRp4Q9ZntR1fO7/MKcb3kJkR
BAaRt9BnA5faJnj0VnPQ1YyA9oYee9kyQxT0Iok/KbfKTpRQW1KTQhQRYKhsJ3cg
W6AUUVPYAOJOFBr0/R0Zup1wctoXaHKIQfPtBAaebObUYu2BcMV+jZo0xsq84aGz
Hpy+8iDvuBr/lzGU9xXoZxQHMRpu9l4VUKb9V4pXVjVnJQWWv4Svs+DowqVH3kRv
4JfiThpQl6JUJVQ1+QbRJMMjQx4vbtXqtblxz+qn/jvzyChfeKEP9/KiQP/ygTmt
XHmG2/s22ZnKAmplPDeZgczQRaFebW82hRrAj+hJczfRTrbt9Ih4XYVFbQ==
-----END CERTIFICATE-----