Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42dc05e7-dc02-46eb-add3-37dfd8cbddd6.roa
File:                     42dc05e7-dc02-46eb-add3-37dfd8cbddd6.roa (raw, json)
Hash identifier:          CBaTOzNPKAYYW2CrG1AfMij7arN7vGb+Eha/cS7sU+o=
Subject key identifier:   F6:80:97:1F:40:89:07:DC:C4:8E:4B:27:CB:B8:12:A8:5E:FB:E4:DC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5EB61E58357BD2172400032DC04FFBB9A2FC999D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42dc05e7-dc02-46eb-add3-37dfd8cbddd6.roa
Signing time:             Wed 01 Jan 2025 00:00:00 +0000
ROA not before:           Wed 01 Jan 2025 00:00:00 +0000
ROA not after:            Wed 05 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.227.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:b6:1e:58:35:7b:d2:17:24:00:03:2d:c0:4f:fb:b9:a2:fc:99:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  1 00:00:00 2025 GMT
            Not After : Feb  5 23:59:59 2025 GMT
        Subject: serialNumber=60f0518ae2f8e08853ac72f94919462228c1c6d40e2882a3ee1ac435db20b7a0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:6e:28:05:ad:d8:bd:37:1c:9c:5b:31:de:4e:
                    05:79:7f:0e:35:70:22:10:70:4d:95:96:b3:2b:3d:
                    8b:9b:df:5a:fb:41:bb:d5:15:42:f9:da:9a:57:75:
                    f6:b0:ba:c0:32:17:e0:1a:29:80:37:3b:70:b7:89:
                    3c:ad:2d:ff:d8:cc:88:f8:80:bc:69:d2:0e:4e:42:
                    3e:85:42:db:18:32:1d:48:eb:77:73:f9:2b:e4:4b:
                    90:0c:b7:fb:54:a0:f9:be:68:30:e8:38:9d:d4:d1:
                    f9:2b:2e:fa:9b:e4:ef:cc:5b:ee:2b:5a:dc:95:8c:
                    bf:c6:d7:c5:69:02:6d:56:18:be:05:97:96:e3:db:
                    2f:4c:ba:e7:24:3c:6f:55:b3:4c:85:f7:22:66:29:
                    4f:04:cd:d7:d2:18:00:76:8f:d9:7e:77:15:70:ae:
                    5b:95:42:07:87:97:d1:13:3f:a1:d4:c1:e7:9f:26:
                    b0:ff:4e:57:44:14:37:23:c2:d8:fc:72:c5:76:d8:
                    e5:c6:6b:48:6a:51:34:0f:db:1f:7d:ac:8d:bb:fa:
                    b1:54:e7:90:28:a8:16:07:fe:e6:e7:fa:4a:f7:7b:
                    f8:57:9b:d2:78:fe:3e:7e:32:1e:58:36:a0:06:db:
                    e1:c9:ef:31:58:71:50:67:38:b2:ed:b3:32:aa:d3:
                    a6:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:80:97:1F:40:89:07:DC:C4:8E:4B:27:CB:B8:12:A8:5E:FB:E4:DC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42dc05e7-dc02-46eb-add3-37dfd8cbddd6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.227.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9b:ab:fa:d0:4a:85:d0:7f:4b:9a:86:82:b0:1b:07:40:8b:14:
         aa:a1:1b:8c:29:0f:1b:2a:0d:60:bd:aa:7f:d7:7d:f6:db:2c:
         d8:fe:c2:b1:e9:bf:52:e2:b5:3e:1a:48:54:01:14:3b:56:75:
         49:cb:23:07:f2:05:bb:e5:08:58:60:0e:d2:85:6a:86:63:49:
         c6:a0:21:3e:6b:01:c0:83:33:f8:5d:4e:99:e1:5b:13:18:36:
         7d:c7:9a:46:0c:26:ef:44:be:3e:6b:61:8e:d6:51:22:04:b5:
         b1:86:af:77:18:2e:8a:ce:9d:93:82:e9:53:7d:61:1a:02:2f:
         09:06:3b:13:ce:b1:b4:36:85:e7:01:99:1a:3c:1f:30:9b:cd:
         22:dd:24:97:35:0f:8d:4c:28:a3:a6:1b:71:e3:ad:cf:a9:fc:
         ff:05:23:a7:e3:3d:ff:2f:9a:fb:c8:69:a5:a2:78:3f:85:2f:
         8f:4e:8f:15:f0:aa:53:07:5a:f5:08:01:af:72:52:c7:37:e7:
         00:35:f3:6d:33:01:7c:77:72:9a:b8:f3:8d:07:6f:f8:b1:3a:
         6f:8d:2d:7b:88:1e:49:95:2c:c7:2a:22:44:2c:a7:37:72:04:
         cb:b0:c2:e8:b8:86:04:f5:15:de:a6:f0:31:01:c8:a5:de:0f:
         15:97:62:33
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXrYeWDV70hckAAMtwE/7uaL8mZ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAxMDAwMDAwWhcNMjUwMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MGYwNTE4YWUyZjhlMDg4NTNhYzcyZjk0OTE5NDYyMjI4
YzFjNmQ0MGUyODgyYTNlZTFhYzQzNWRiMjBiN2EwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMbigFrdi9NxycWzHeTgV5fw41cCIQcE2VlrMrPYub31r7
QbvVFUL52ppXdfawusAyF+AaKYA3O3C3iTytLf/YzIj4gLxp0g5OQj6FQtsYMh1I
63dz+SvkS5AMt/tUoPm+aDDoOJ3U0fkrLvqb5O/MW+4rWtyVjL/G18VpAm1WGL4F
l5bj2y9MuuckPG9Vs0yF9yJmKU8EzdfSGAB2j9l+dxVwrluVQgeHl9ETP6HUweef
JrD/TldEFDcjwtj8csV22OXGa0hqUTQP2x99rI27+rFU55AoqBYH/ubn+kr3e/hX
m9J4/j5+Mh5YNqAG2+HJ7zFYcVBnOLLtszKq06a7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9oCXH0CJB9zEjksny7gSqF775NwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQyZGMwNWU3LWRjMDItNDZlYi1hZGQzLTM3ZGZkOGNiZGRkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA44zANBgkqhkiG9w0BAQsFAAOCAQEAm6v60EqF0H9LmoaCsBsHQIsUqqEb
jCkPGyoNYL2qf9d99tss2P7Csem/UuK1PhpIVAEUO1Z1ScsjB/IFu+UIWGAO0oVq
hmNJxqAhPmsBwIMz+F1OmeFbExg2fceaRgwm70S+PmthjtZRIgS1sYavdxguis6d
k4LpU31hGgIvCQY7E86xtDaF5wGZGjwfMJvNIt0klzUPjUwoo6YbceOtz6n8/wUj
p+M9/y+a+8hppaJ4P4Uvj06PFfCqUwda9QgBr3JSxzfnADXzbTMBfHdymrjzjQdv
+LE6b40te4geSZUsxyoiRCynN3IEy7DC6LiGBPUV3qbwMQHIpd4PFZdiMw==
-----END CERTIFICATE-----