Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51c7afd7-8071-4553-b552-00d83dbc5e05.roa
File:                     51c7afd7-8071-4553-b552-00d83dbc5e05.roa (raw, json)
Hash identifier:          EJmWdC6k6Fm4rVCMGhI7BiCnES1m7guQLMLSPSU2sxs=
Subject key identifier:   A4:81:79:EB:75:0A:59:BE:3B:07:1A:06:34:72:40:D9:D1:21:51:35
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       16AB72D7C898D4BF52AAF18129F411B016E3BEDC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51c7afd7-8071-4553-b552-00d83dbc5e05.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.12.10.0/23 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:ab:72:d7:c8:98:d4:bf:52:aa:f1:81:29:f4:11:b0:16:e3:be:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=b554d46886909b5ef5aa9ba529728e843f8d9c3d4f9c65714b24cfee3fe2a5c4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:35:b5:98:f3:92:50:55:f1:82:40:4c:b8:48:
                    7d:d8:3b:f8:ab:74:bf:f7:eb:9f:8a:e7:cc:b8:13:
                    3a:d6:db:be:86:6d:9f:ba:f9:71:79:75:2e:de:73:
                    90:a2:12:9e:9a:fc:e3:fa:47:fd:50:e5:cc:2f:39:
                    2f:3b:0b:69:11:c9:49:bc:ff:8c:d7:d4:49:67:95:
                    42:fd:97:1c:bd:31:1a:6e:71:db:2a:b2:b9:34:a1:
                    32:80:58:64:d5:e0:f2:c1:a8:37:82:10:4d:40:62:
                    1b:0d:1e:b8:0c:de:2a:df:43:26:29:11:43:a7:7e:
                    39:62:fc:67:a2:dc:dd:af:92:0f:ad:b3:c1:63:54:
                    6c:db:59:af:be:82:58:53:98:92:fe:e1:f3:24:b5:
                    ea:c5:a8:84:ec:b7:c1:80:ba:ef:48:1c:6c:3e:1b:
                    55:b5:4a:5c:d5:4d:68:e3:8f:2c:c6:e0:60:d6:cc:
                    87:5e:c0:47:a0:77:0d:78:50:b0:2e:b5:d3:17:6a:
                    89:d0:6d:a2:84:3d:fd:4b:b3:5a:17:98:26:d2:ae:
                    7c:cd:12:20:69:6a:c5:8a:f7:b5:40:c6:98:ed:c3:
                    c6:cb:f8:5e:cf:57:ef:e3:c2:8c:1a:4e:a0:fe:32:
                    b0:73:f7:dd:22:e5:42:4d:81:6f:64:ae:a4:1a:8a:
                    fb:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:81:79:EB:75:0A:59:BE:3B:07:1A:06:34:72:40:D9:D1:21:51:35
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51c7afd7-8071-4553-b552-00d83dbc5e05.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.12.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:72:f7:1c:74:51:02:a3:5d:03:72:c3:be:c8:9e:0b:25:72:
         0e:8e:90:f5:19:2b:e3:25:bd:32:f4:f5:e3:38:8c:2c:af:76:
         f6:85:5b:f8:13:72:c1:ef:d0:e7:db:f7:cc:0e:5d:fa:ba:d4:
         44:95:0c:d0:30:04:69:8d:fb:76:8d:d7:42:ac:44:af:88:cf:
         39:ff:b6:ac:a5:64:cb:2b:db:8d:b7:0d:d1:64:9b:f2:cb:e4:
         64:a7:33:0c:2a:91:e7:31:6f:92:65:8a:43:aa:dc:d2:6b:22:
         76:48:22:42:b5:75:a7:ce:79:56:2e:89:5d:f9:b1:9f:9c:1a:
         f4:b8:d5:74:71:25:1b:38:85:22:9e:22:56:a0:1f:33:c4:b9:
         c0:ff:6b:49:40:b2:bf:ac:37:72:ff:d1:2a:f4:1b:47:5c:e1:
         f2:ec:1c:ab:cf:8a:a2:3a:48:63:c1:7d:77:10:95:da:bd:7d:
         2c:08:42:ec:5b:d4:b8:36:2e:8b:1d:d8:19:d4:e7:e5:32:03:
         4b:ca:78:35:37:0e:d8:3d:02:82:99:1f:97:e3:f0:70:6b:1c:
         0f:cf:4f:ce:b6:5f:60:14:6d:b9:db:09:78:33:e7:77:20:cc:
         d0:30:ec:cc:0f:e9:53:c3:51:0d:93:25:13:4c:3b:a5:4f:ca:
         72:c0:d8:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFqty18iY1L9SqvGBKfQRsBbjvtwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNTU0ZDQ2ODg2OTA5YjVlZjVhYTliYTUyOTcyOGU4NDNm
OGQ5YzNkNGY5YzY1NzE0YjI0Y2ZlZTNmZTJhNWM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaNbWY85JQVfGCQEy4SH3YO/irdL/365+K58y4EzrW276G
bZ+6+XF5dS7ec5CiEp6a/OP6R/1Q5cwvOS87C2kRyUm8/4zX1ElnlUL9lxy9MRpu
cdsqsrk0oTKAWGTV4PLBqDeCEE1AYhsNHrgM3irfQyYpEUOnfjli/Gei3N2vkg+t
s8FjVGzbWa++glhTmJL+4fMkterFqITst8GAuu9IHGw+G1W1SlzVTWjjjyzG4GDW
zIdewEegdw14ULAutdMXaonQbaKEPf1Ls1oXmCbSrnzNEiBpasWK97VAxpjtw8bL
+F7PV+/jwowaTqD+MrBz990i5UJNgW9krqQaivs3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpIF563UKWb47BxoGNHJA2dEhUTUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxYzdhZmQ3LTgwNzEtNDU1My1iNTUyLTAwZDgzZGJjNWUwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEQDAowDQYJKoZIhvcNAQELBQADggEBAAhy9xx0UQKjXQNyw77Ingslcg6O
kPUZK+MlvTL09eM4jCyvdvaFW/gTcsHv0Ofb98wOXfq61ESVDNAwBGmN+3aN10Ks
RK+Izzn/tqylZMsr2423DdFkm/LL5GSnMwwqkecxb5JlikOq3NJrInZIIkK1dafO
eVYuiV35sZ+cGvS41XRxJRs4hSKeIlagHzPEucD/a0lAsr+sN3L/0Sr0G0dc4fLs
HKvPiqI6SGPBfXcQldq9fSwIQuxb1Lg2Losd2BnU5+UyA0vKeDU3Dtg9AoKZH5fj
8HBrHA/PT862X2AUbbnbCXgz53cgzNAw7MwP6VPDUQ2TJRNMO6VPynLA2NE=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:56:12 2025 by rpki-client