Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d8ad2b7-6b79-4934-ba3c-b4c1aba87d4f.roa
File:                     5d8ad2b7-6b79-4934-ba3c-b4c1aba87d4f.roa (raw, json)
Hash identifier:          LVi9sAt4XMd54q8Ft4PZMiPe0eE/ofs0yhDFJjKRCTE=
Subject key identifier:   B2:20:D6:6C:0B:ED:D5:E4:06:6D:C8:1C:E4:8B:53:B3:38:FD:2A:B3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09C5B4946E5DF4A18107433F2E4CB31E334A12E9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d8ad2b7-6b79-4934-ba3c-b4c1aba87d4f.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f01:4860::/47 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:c5:b4:94:6e:5d:f4:a1:81:07:43:3f:2e:4c:b3:1e:33:4a:12:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:78:82:8a:9b:7d:1f:5a:db:b6:80:85:1b:78:
                    a7:29:64:0f:cf:dc:8f:ad:66:90:45:e1:1e:d4:be:
                    d5:9e:75:a0:df:0b:00:71:9d:c8:cc:58:25:19:93:
                    85:4f:ef:d5:68:fd:75:b0:5b:bb:94:bb:f4:9d:24:
                    e5:a3:d8:bf:7b:cc:24:d0:e8:49:09:8b:41:31:5d:
                    a3:8d:be:75:68:40:f6:37:08:d4:2a:6f:cd:8a:74:
                    01:b7:95:2e:53:27:da:e5:ba:55:de:e4:74:70:da:
                    33:f3:f4:5a:af:9d:d8:95:42:30:06:d7:ac:c3:33:
                    62:78:5c:82:ee:60:f2:36:0a:00:99:58:4a:70:9a:
                    0e:67:39:8b:71:23:91:82:90:8b:15:f4:c7:43:3e:
                    ad:24:39:c9:05:06:14:c7:8c:9d:66:65:99:10:61:
                    f3:79:b0:a4:0c:a8:8c:5c:12:bb:f2:97:72:aa:81:
                    d0:e8:72:65:37:df:5c:69:98:16:54:98:9c:41:d0:
                    2a:93:b8:33:dd:16:56:5d:a1:30:f3:ec:0e:92:5a:
                    88:9d:ed:da:5a:7d:9a:59:d8:7b:74:4f:a6:f6:c0:
                    d1:d9:fb:65:3a:25:6d:88:db:3b:01:8b:61:8d:02:
                    1d:cc:3c:3e:43:58:77:61:f6:57:9b:78:9b:0d:5d:
                    a3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:20:D6:6C:0B:ED:D5:E4:06:6D:C8:1C:E4:8B:53:B3:38:FD:2A:B3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d8ad2b7-6b79-4934-ba3c-b4c1aba87d4f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f01:4860::/47

    Signature Algorithm: sha256WithRSAEncryption
         3a:24:c6:60:74:f3:81:97:65:38:fc:a8:a2:4b:2b:19:fb:76:
         86:41:3f:fc:12:dc:99:80:eb:6d:7b:3f:36:c3:a2:9a:96:64:
         6d:fe:56:ac:f2:34:68:c2:07:ae:39:82:20:51:54:7f:04:cd:
         0d:4c:5b:92:1c:95:d2:ed:6c:47:da:c3:2e:4a:f6:38:5c:6e:
         00:6b:bb:92:02:d2:10:d0:9b:c4:8f:50:09:41:aa:ec:c4:88:
         47:4d:f5:25:dd:fe:d2:18:75:ce:8e:d6:16:62:2d:99:06:4b:
         94:9f:5d:c9:57:65:b5:1f:3f:42:95:81:c3:e9:d0:d5:78:ab:
         68:f8:81:a7:4b:fc:10:ca:f1:c4:0c:04:73:7d:7d:c8:d2:0e:
         88:06:c4:38:bd:f2:6d:dc:a6:e7:2f:93:35:81:01:1a:2f:88:
         c5:21:da:16:13:ca:f1:3d:69:ec:52:24:ec:b1:9a:9b:e0:09:
         0d:a2:6b:00:4a:eb:5d:ef:e0:76:90:41:5f:39:23:24:1e:a7:
         a0:9e:a2:cc:92:44:d3:ef:a5:43:f6:11:55:de:3c:fa:e0:1c:
         59:74:2e:eb:aa:03:54:53:31:3e:35:77:a5:56:5a:70:8f:b3:
         f7:75:2b:fe:ba:57:91:fb:57:b8:ad:3a:c2:dd:56:fb:3e:b0:
         c9:5e:34:ea
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUCcW0lG5d9KGBB0M/LkyzHjNKEukwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NDE5NjBlYTM2MmU1YWRkMjgyYjA5MTI2ZTIwNWQ5YzBl
MDUxNzhiNzI5MjU3ZmQxMWJjNzVlMmVkZmQzNjk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDteIKKm30fWtu2gIUbeKcpZA/P3I+tZpBF4R7UvtWedaDf
CwBxncjMWCUZk4VP79Vo/XWwW7uUu/SdJOWj2L97zCTQ6EkJi0ExXaONvnVoQPY3
CNQqb82KdAG3lS5TJ9rlulXe5HRw2jPz9FqvndiVQjAG16zDM2J4XILuYPI2CgCZ
WEpwmg5nOYtxI5GCkIsV9MdDPq0kOckFBhTHjJ1mZZkQYfN5sKQMqIxcErvyl3Kq
gdDocmU331xpmBZUmJxB0CqTuDPdFlZdoTDz7A6SWoid7dpafZpZ2Ht0T6b2wNHZ
+2U6JW2I2zsBi2GNAh3MPD5DWHdh9lebeJsNXaNPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUsiDWbAvt1eQGbcgc5ItTszj9KrMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVkOGFkMmI3LTZiNzktNDkzNC1iYTNjLWI0YzFhYmE4N2Q0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAB8BSGAwDQYJKoZIhvcNAQELBQADggEBADokxmB084GXZTj8qKJLKxn7
doZBP/wS3JmA6217PzbDopqWZG3+VqzyNGjCB645giBRVH8EzQ1MW5IcldLtbEfa
wy5K9jhcbgBru5IC0hDQm8SPUAlBquzEiEdN9SXd/tIYdc6O1hZiLZkGS5SfXclX
ZbUfP0KVgcPp0NV4q2j4gadL/BDK8cQMBHN9fcjSDogGxDi98m3cpucvkzWBARov
iMUh2hYTyvE9aexSJOyxmpvgCQ2iawBK613v4HaQQV85IyQep6CeosySRNPvpUP2
EVXePPrgHFl0LuuqA1RTMT41d6VWWnCPs/d1K/66V5H7V7itOsLdVvs+sMleNOo=
-----END CERTIFICATE-----