Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b1fd06b-0005-4e2c-9ee9-8aa9e135e008.roa
File:                     5b1fd06b-0005-4e2c-9ee9-8aa9e135e008.roa (raw, json)
Hash identifier:          PUiyeZ2ao2+YZY6CR0e/8YiGVSKzMMUWGEwsCpHULcQ=
Subject key identifier:   19:C7:72:20:6A:D8:4A:FB:A8:54:C9:B4:35:44:C4:DD:44:AB:3F:7C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5F3A25B6E527801A8D488B5F4AA91AA3F50A2CBD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b1fd06b-0005-4e2c-9ee9-8aa9e135e008.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.130.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:3a:25:b6:e5:27:80:1a:8d:48:8b:5f:4a:a9:1a:a3:f5:0a:2c:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=a338ac72d87f4fc326a7ccc4fdd318ba200d2d15207cc28b7303605778e4767e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8d:fc:01:23:d5:3d:4b:ed:b7:49:76:4c:3f:
                    87:b7:0b:5d:f9:04:41:01:54:e8:84:de:4f:47:1a:
                    e6:1b:d4:6d:fa:1e:da:2c:39:5e:24:84:36:cb:ec:
                    17:22:fe:9f:cf:5b:ff:d5:9c:e2:54:87:e8:31:d4:
                    44:fb:2a:d2:d7:dd:b2:78:22:d3:7c:f9:fb:09:be:
                    c5:f4:36:a5:8a:6c:7e:03:e1:f1:f6:13:2a:c8:c2:
                    66:98:7c:82:1d:5d:c7:7b:7d:4d:c5:f7:da:44:94:
                    ca:4c:70:1d:85:8f:84:95:ba:6f:1a:b8:35:16:13:
                    31:b4:db:7d:4a:c0:ea:e9:38:fa:ba:08:b6:47:05:
                    0d:5e:8b:13:aa:19:ac:aa:c8:92:00:d7:a3:68:0f:
                    02:33:2d:5f:38:d4:2f:67:02:6f:00:ca:7d:ec:de:
                    5a:ed:1f:38:1b:f4:66:c9:8b:bf:ff:ec:26:63:9d:
                    ec:ec:c4:92:ff:f4:df:b1:99:d0:71:a4:00:09:7b:
                    bd:9f:34:89:e2:a6:98:97:f1:40:d7:95:bc:40:a1:
                    48:9f:c0:61:51:a3:43:cd:b8:0a:c2:df:8d:96:35:
                    0a:10:0d:c6:70:83:72:54:b9:7d:31:12:30:87:ed:
                    ee:5b:bf:5b:57:61:de:86:d3:74:79:d4:76:a3:ec:
                    d4:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C7:72:20:6A:D8:4A:FB:A8:54:C9:B4:35:44:C4:DD:44:AB:3F:7C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b1fd06b-0005-4e2c-9ee9-8aa9e135e008.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.130.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         41:4c:2e:87:a6:78:31:00:a8:9b:fa:a0:ff:9a:9f:67:d1:59:
         7c:58:99:3a:7b:ba:71:30:e2:52:44:b3:45:d5:62:dc:42:75:
         ae:a4:17:20:82:6f:33:e6:ad:f6:8e:04:3c:a5:8c:55:3d:a6:
         1c:b7:1c:df:65:18:bf:71:4d:9e:4c:fd:69:86:95:bd:3f:6d:
         1c:17:36:4a:6f:09:5e:e9:14:a6:a4:70:f5:48:65:d4:e2:6f:
         fe:4e:10:4f:32:9c:fb:a1:45:b5:74:b1:35:c4:53:09:ac:f5:
         b0:fb:17:89:c2:3a:e6:03:9e:1f:47:0d:4e:54:73:4b:a4:c8:
         7c:11:f2:85:c4:f1:12:94:b6:8d:f9:54:38:48:49:6c:f8:5b:
         f7:25:57:39:1b:14:87:85:11:49:1b:18:de:6f:93:d5:be:54:
         6a:e3:aa:8f:c5:50:55:6f:a5:05:14:15:62:12:07:e6:36:82:
         8a:21:f5:f1:64:49:b3:08:4a:97:d3:da:68:c5:92:9f:31:c9:
         c3:8a:6e:f8:21:28:ff:6b:e3:79:6d:ed:a5:d8:da:31:8e:96:
         31:d4:c9:47:80:bb:78:af:55:b2:7c:cc:a2:7b:eb:fc:69:c4:
         a0:4e:80:0c:13:ce:42:01:8c:26:3c:9d:8f:d9:a4:76:c9:26:
         07:26:71:a8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXzoltuUngBqNSItfSqkao/UKLL0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMzM4YWM3MmQ4N2Y0ZmMzMjZhN2NjYzRmZGQzMThiYTIw
MGQyZDE1MjA3Y2MyOGI3MzAzNjA1Nzc4ZTQ3NjdlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0jfwBI9U9S+23SXZMP4e3C135BEEBVOiE3k9HGuYb1G36
HtosOV4khDbL7Bci/p/PW//VnOJUh+gx1ET7KtLX3bJ4ItN8+fsJvsX0NqWKbH4D
4fH2EyrIwmaYfIIdXcd7fU3F99pElMpMcB2Fj4SVum8auDUWEzG0231KwOrpOPq6
CLZHBQ1eixOqGayqyJIA16NoDwIzLV841C9nAm8Ayn3s3lrtHzgb9GbJi7//7CZj
nezsxJL/9N+xmdBxpAAJe72fNInippiX8UDXlbxAoUifwGFRo0PNuArC342WNQoQ
DcZwg3JUuX0xEjCH7e5bv1tXYd6G03R51Haj7NQTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUGcdyIGrYSvuoVMm0NUTE3USrP3wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzViMWZkMDZiLTAwMDUtNGUyYy05ZWU5LThhYTllMTM1ZTAwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQgjANBgkqhkiG9w0BAQsFAAOCAQEAQUwuh6Z4MQCom/qg/5qfZ9FZfFiZ
Onu6cTDiUkSzRdVi3EJ1rqQXIIJvM+at9o4EPKWMVT2mHLcc32UYv3FNnkz9aYaV
vT9tHBc2Sm8JXukUpqRw9Uhl1OJv/k4QTzKc+6FFtXSxNcRTCaz1sPsXicI65gOe
H0cNTlRzS6TIfBHyhcTxEpS2jflUOEhJbPhb9yVXORsUh4URSRsY3m+T1b5UauOq
j8VQVW+lBRQVYhIH5jaCiiH18WRJswhKl9PaaMWSnzHJw4pu+CEo/2vjeW3tpdja
MY6WMdTJR4C7eK9VsnzMonvr/GnEoE6ADBPOQgGMJjydj9mkdskmByZxqA==
-----END CERTIFICATE-----