Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/310bac0d-0e15-49f6-a1d6-c99cd9471ff6.roa
File:                     310bac0d-0e15-49f6-a1d6-c99cd9471ff6.roa (raw, json)
Hash identifier:          xnsJZIxjYnrHo4Pyciai3WGX+LDYCkEf6aujlXsUAik=
Subject key identifier:   E3:7B:B9:62:C8:03:06:49:8B:11:CB:FB:D1:1E:7A:5A:40:09:6A:76
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5DF3749363773913D0BA3483392DB59B7E31E58D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/310bac0d-0e15-49f6-a1d6-c99cd9471ff6.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        40.180.0.0/15 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:f3:74:93:63:77:39:13:d0:ba:34:83:39:2d:b5:9b:7e:31:e5:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=339440c9332ea3f25a43a2c16bbc7d7d632e15e8a2d44788b2ba4fcd81398122, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:84:cf:26:48:df:ee:bf:fa:bb:6e:40:f5:90:
                    6e:50:7d:e5:ae:15:78:03:14:8c:bf:d7:ce:5c:ff:
                    62:b7:65:99:c6:3a:c0:4b:28:6d:c6:09:c3:1f:24:
                    e4:7b:96:b4:8d:7a:6f:aa:aa:6b:cc:fc:2d:05:3d:
                    4d:0d:cd:47:79:31:a1:45:b6:cd:0b:37:b6:49:ec:
                    b4:b9:11:ac:38:5c:4c:e7:af:8b:c5:3d:9c:be:39:
                    07:ae:18:3c:45:95:ad:c8:b8:98:8f:36:84:19:12:
                    6d:00:f6:f2:f9:10:51:e4:8c:38:0d:07:88:01:89:
                    ba:91:5d:f0:dd:29:a5:97:8d:78:f8:08:47:33:a0:
                    0f:e7:77:37:82:12:91:03:67:66:e7:62:9f:92:f1:
                    30:3a:51:1b:19:ef:ca:7c:62:2d:ef:2a:91:46:7e:
                    3c:dd:0b:78:92:fa:12:df:2e:ed:52:7f:8e:2d:67:
                    df:bf:8a:e2:82:20:ed:4f:e5:2b:dc:ce:0b:85:9d:
                    cc:aa:a1:0c:62:8d:8c:61:44:2d:07:8e:76:50:77:
                    8e:a7:f4:05:2c:34:85:da:e6:83:ba:d0:1f:b5:85:
                    ee:70:98:82:fd:f7:b4:a4:7d:33:9e:01:2d:4f:85:
                    9e:08:12:e5:e8:0b:8a:77:f9:1d:43:0f:49:a3:f9:
                    82:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:7B:B9:62:C8:03:06:49:8B:11:CB:FB:D1:1E:7A:5A:40:09:6A:76
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/310bac0d-0e15-49f6-a1d6-c99cd9471ff6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.180.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         b7:43:6a:96:a5:e6:f3:06:66:bf:53:94:60:ab:db:f5:6c:20:
         65:88:8c:ca:03:6f:92:28:5b:a6:58:e6:c0:3b:f6:c1:ac:c4:
         72:42:79:ab:07:12:d7:da:41:b4:29:1c:70:f8:8e:22:24:e2:
         4b:1c:4a:71:0b:27:35:b0:90:18:da:c7:ff:1c:b6:1f:dc:3a:
         b8:3d:dd:ec:c5:9e:5a:76:04:97:79:ab:3f:9d:7a:77:50:b1:
         3d:8f:99:6a:94:90:1e:0c:87:af:fa:e0:c5:f3:00:8a:c5:ee:
         3f:21:d5:e5:7e:8e:92:a1:dd:7d:ee:ec:fe:c2:84:09:77:4d:
         3d:65:7d:3e:ce:a2:7e:20:12:5a:46:14:85:1e:8f:63:32:47:
         24:6c:9b:af:9c:38:5e:ee:e3:a0:b3:20:ec:a2:34:1c:68:8c:
         be:06:1e:b9:f9:63:fe:d0:c1:4d:32:93:9c:f7:00:cf:e4:c1:
         14:3a:dc:7e:19:dd:0f:5b:01:7f:ea:2e:5e:ef:44:06:1d:b2:
         f7:5a:fe:f4:8d:07:94:eb:ad:05:16:34:bd:2d:17:cd:4c:3b:
         28:31:9d:96:8f:bb:03:90:ee:72:4b:53:13:d5:db:6e:9b:cb:
         c6:41:f4:83:ac:ba:0e:4c:69:a0:ed:9f:8a:fe:c1:bd:f5:d0:
         8a:35:58:20
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXfN0k2N3ORPQujSDOS21m34x5Y0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzk0NDBjOTMzMmVhM2YyNWE0M2EyYzE2YmJjN2Q3ZDYz
MmUxNWU4YTJkNDQ3ODhiMmJhNGZjZDgxMzk4MTIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfhM8mSN/uv/q7bkD1kG5QfeWuFXgDFIy/185c/2K3ZZnG
OsBLKG3GCcMfJOR7lrSNem+qqmvM/C0FPU0NzUd5MaFFts0LN7ZJ7LS5Eaw4XEzn
r4vFPZy+OQeuGDxFla3IuJiPNoQZEm0A9vL5EFHkjDgNB4gBibqRXfDdKaWXjXj4
CEczoA/ndzeCEpEDZ2bnYp+S8TA6URsZ78p8Yi3vKpFGfjzdC3iS+hLfLu1Sf44t
Z9+/iuKCIO1P5SvczguFncyqoQxijYxhRC0HjnZQd46n9AUsNIXa5oO60B+1he5w
mIL997SkfTOeAS1PhZ4IEuXoC4p3+R1DD0mj+YKpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU43u5YsgDBkmLEcv70R56WkAJanYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxMGJhYzBkLTBlMTUtNDlmNi1hMWQ2LWM5OWNkOTQ3MWZmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEotDANBgkqhkiG9w0BAQsFAAOCAQEAt0NqlqXm8wZmv1OUYKvb9WwgZYiM
ygNvkihbpljmwDv2wazEckJ5qwcS19pBtCkccPiOIiTiSxxKcQsnNbCQGNrH/xy2
H9w6uD3d7MWeWnYEl3mrP516d1CxPY+ZapSQHgyHr/rgxfMAisXuPyHV5X6OkqHd
fe7s/sKECXdNPWV9Ps6ifiASWkYUhR6PYzJHJGybr5w4Xu7joLMg7KI0HGiMvgYe
uflj/tDBTTKTnPcAz+TBFDrcfhndD1sBf+ouXu9EBh2y91r+9I0HlOutBRY0vS0X
zUw7KDGdlo+7A5DucktTE9XbbpvLxkH0g6y6DkxpoO2fiv7BvfXQijVYIA==
-----END CERTIFICATE-----