Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e7db76b-8b9c-4e5b-b782-2c342b6e05e5.roa
File:                     4e7db76b-8b9c-4e5b-b782-2c342b6e05e5.roa (raw, json)
Hash identifier:          7qvoRf6SRwE99ewtdVzCwtswIiKsrwvyoPYBdOxaFmo=
Subject key identifier:   C9:25:4C:C0:93:A6:BE:A7:25:14:13:00:FF:67:E9:F4:CA:87:FF:C7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5A60CEF815B841301BD2B766F444CC69B23B39F0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e7db76b-8b9c-4e5b-b782-2c342b6e05e5.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:6000::/40 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:60:ce:f8:15:b8:41:30:1b:d2:b7:66:f4:44:cc:69:b2:3b:39:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=f9c0f1e5964c973e3a275c8ae910e5e23a10b8393dfe99860c26ffb51e9481dc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c8:f8:33:56:f6:bc:cc:d6:e7:8b:28:6f:83:
                    57:9e:f9:8c:5a:b8:9b:54:8d:0f:cf:3a:f6:90:11:
                    5d:9e:84:25:1a:1e:01:e8:1e:66:0b:50:0e:c9:78:
                    c1:e3:ee:cf:d7:59:9f:41:41:ad:83:c7:f1:4d:56:
                    4b:79:64:22:65:ac:c0:2d:d9:d1:15:59:0a:ea:27:
                    4c:05:07:56:b9:b9:37:90:97:b6:a0:81:e0:46:48:
                    f7:dc:5e:4c:6a:cc:bc:a4:03:16:bf:23:00:0d:33:
                    7d:c8:84:dd:78:90:6f:73:a4:de:ac:3c:05:96:9d:
                    21:01:80:96:64:88:e3:45:77:48:25:08:5f:39:56:
                    77:9c:4f:73:ae:91:0f:2c:61:b7:3d:df:ce:71:38:
                    b3:12:ea:9e:49:7d:e7:81:f3:9f:df:bd:df:fc:de:
                    d2:58:dd:d3:0a:8b:47:2d:bb:64:83:6e:d0:96:ac:
                    2c:58:08:8e:35:7b:b0:79:dc:2b:4c:03:9e:1f:a9:
                    a1:72:9b:03:2a:99:58:2f:48:31:3a:fd:cd:84:62:
                    ab:2c:40:23:4a:a2:77:42:5c:4a:24:d7:50:d1:74:
                    d9:95:b2:df:1e:87:64:55:8c:3b:04:26:85:8e:55:
                    2f:4d:ea:c8:43:57:10:b4:01:76:5f:f9:a4:6b:46:
                    36:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:25:4C:C0:93:A6:BE:A7:25:14:13:00:FF:67:E9:F4:CA:87:FF:C7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e7db76b-8b9c-4e5b-b782-2c342b6e05e5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         5c:67:d0:e0:b3:03:23:81:28:54:74:51:50:10:cb:63:8f:60:
         65:23:df:10:49:f5:14:0f:cb:20:bf:19:65:12:95:b6:36:6b:
         2d:a4:2a:95:9c:33:8c:50:6d:9e:70:4c:bf:10:a5:9f:51:2a:
         b7:3b:7c:f8:dc:c4:2a:ca:8a:08:49:4d:74:7e:de:61:f2:f6:
         4c:78:11:bd:a5:bf:06:87:53:e5:f1:bb:f7:b1:1a:7b:76:fd:
         f4:5d:f9:ac:9f:e0:c3:82:0e:6e:99:2d:b4:30:b1:3a:e1:19:
         35:2c:14:46:d1:c4:8e:ea:03:78:3c:78:6e:7d:92:ad:92:e3:
         aa:81:b0:6c:78:04:16:33:e1:8d:d6:fd:7e:96:9d:2c:d8:b6:
         d5:2c:c8:f0:d9:26:7a:57:63:4d:29:a2:97:a4:df:c4:73:1e:
         82:ca:86:f1:f7:50:e5:66:09:f5:3b:9d:b7:12:71:e0:a8:08:
         c3:55:82:a1:2b:68:de:d8:04:b3:e8:8c:b6:84:dc:1a:e6:e4:
         62:a7:9f:1f:74:70:c0:3e:a7:60:09:0c:24:df:5a:cd:06:c4:
         0f:5f:c4:d2:ea:5a:d8:6a:0d:02:ad:cc:7a:6c:fa:ec:4e:bb:
         8d:d0:5c:b8:02:5d:1c:cd:71:09:0a:ba:66:88:ae:e4:4a:27:
         91:3b:62:dd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUWmDO+BW4QTAb0rdm9ETMabI7OfAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOWMwZjFlNTk2NGM5NzNlM2EyNzVjOGFlOTEwZTVlMjNh
MTBiODM5M2RmZTk5ODYwYzI2ZmZiNTFlOTQ4MWRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDByPgzVva8zNbniyhvg1ee+YxauJtUjQ/POvaQEV2ehCUa
HgHoHmYLUA7JeMHj7s/XWZ9BQa2Dx/FNVkt5ZCJlrMAt2dEVWQrqJ0wFB1a5uTeQ
l7aggeBGSPfcXkxqzLykAxa/IwANM33IhN14kG9zpN6sPAWWnSEBgJZkiONFd0gl
CF85VnecT3OukQ8sYbc9385xOLMS6p5JfeeB85/fvd/83tJY3dMKi0ctu2SDbtCW
rCxYCI41e7B53CtMA54fqaFymwMqmVgvSDE6/c2EYqssQCNKondCXEok11DRdNmV
st8eh2RVjDsEJoWOVS9N6shDVxC0AXZf+aRrRjaVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUySVMwJOmvqclFBMA/2fp9MqH/8cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlN2RiNzZiLThiOWMtNGU1Yi1iNzgyLTJjMzQyYjZlMDVlNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9hYDANBgkqhkiG9w0BAQsFAAOCAQEAXGfQ4LMDI4EoVHRRUBDLY49g
ZSPfEEn1FA/LIL8ZZRKVtjZrLaQqlZwzjFBtnnBMvxCln1Eqtzt8+NzEKsqKCElN
dH7eYfL2THgRvaW/BodT5fG797Eae3b99F35rJ/gw4IObpkttDCxOuEZNSwURtHE
juoDeDx4bn2SrZLjqoGwbHgEFjPhjdb9fpadLNi21SzI8NkmeldjTSmil6TfxHMe
gsqG8fdQ5WYJ9TudtxJx4KgIw1WCoSto3tgEs+iMtoTcGubkYqefH3RwwD6nYAkM
JN9azQbED1/E0upa2GoNAq3Memz67E67jdBcuAJdHM1xCQq6Zoiu5EonkTti3Q==
-----END CERTIFICATE-----