Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6019cd45-715b-45fc-bbeb-102c29cbb4b7.roa
File:                     6019cd45-715b-45fc-bbeb-102c29cbb4b7.roa (raw, json)
Hash identifier:          0e2Pfb/yJ+vucOJcrLh/73ByzZ8pSOQhvHctTH9iM6s=
Subject key identifier:   25:B8:89:74:6D:38:1C:26:4E:20:69:C4:52:DD:F8:7A:7D:FE:31:44
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       69190ABB453759305B3410294B9098A593824B74
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6019cd45-715b-45fc-bbeb-102c29cbb4b7.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        184.72.128.0/17 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:19:0a:bb:45:37:59:30:5b:34:10:29:4b:90:98:a5:93:82:4b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=f3ec44512cca8608b705d8ec2d2bb6c11342efe26960ef1d39740168d4baef78, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:aa:e0:c1:35:61:09:60:9d:7b:58:f3:97:60:
                    98:a5:14:6e:ee:ad:b5:29:56:e1:8b:d2:72:2c:9e:
                    83:f7:fa:a2:cc:76:01:54:89:9f:9a:32:71:dc:9f:
                    0d:f3:f8:5b:fe:8d:cb:c9:84:be:e3:03:49:4f:4f:
                    2c:b8:de:38:cd:da:55:ce:7a:79:89:0a:02:ef:14:
                    28:e6:7e:ec:2a:5b:a7:4c:42:e8:15:2c:d9:ed:a6:
                    20:f2:74:86:4b:ad:7c:d2:24:b5:3a:13:cb:7f:99:
                    b6:73:af:b2:c7:6c:5f:81:c6:3e:c6:30:d4:db:ac:
                    11:af:eb:b5:5e:92:2e:10:64:d3:ea:bd:e5:e8:59:
                    df:1a:5a:f7:ae:b4:86:0a:b2:61:46:70:b1:c5:62:
                    73:c4:7c:77:8a:67:8b:42:0d:b0:e7:91:ee:41:90:
                    cf:a0:8b:16:24:d4:84:f0:f0:c2:a0:86:37:47:28:
                    dd:b5:f0:ca:f3:a5:e1:ce:6f:27:59:52:ed:8d:f3:
                    47:3b:45:f4:f3:d4:bd:29:50:b9:1d:7d:23:2b:d4:
                    84:58:a9:a0:d6:eb:42:49:dd:d1:42:7a:7a:6c:2f:
                    20:42:0b:fd:94:bf:dd:6d:f6:4d:5b:e9:b0:69:a1:
                    cc:64:49:4b:e6:ef:92:e5:69:d9:f5:50:78:22:68:
                    11:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:B8:89:74:6D:38:1C:26:4E:20:69:C4:52:DD:F8:7A:7D:FE:31:44
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6019cd45-715b-45fc-bbeb-102c29cbb4b7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.72.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         11:95:01:ad:b1:4f:e6:07:08:81:e1:76:f9:1e:c6:ab:85:33:
         20:d8:af:0c:b5:e5:35:c3:e8:33:31:0f:2d:df:2f:09:66:92:
         91:02:90:4f:04:35:56:75:6c:7b:e7:50:c3:06:b9:f1:a8:de:
         f9:54:8c:e5:90:88:44:6c:73:db:20:1e:e8:86:a0:af:12:9a:
         1c:ae:97:5d:64:70:32:e3:f9:8e:54:99:5e:3c:85:e3:c4:0c:
         41:1c:cb:17:70:c5:50:d5:6c:60:b0:6f:a2:20:71:44:4a:e2:
         fa:16:ab:66:3d:40:47:76:22:fc:e1:9d:66:95:82:fa:75:9d:
         0a:a9:a7:f5:2d:bd:c7:b2:7b:e3:79:6c:63:ae:50:ac:5f:46:
         98:61:34:40:20:88:0f:2f:b1:64:7e:38:9b:ca:9b:e3:1b:2e:
         f1:e4:e0:e8:75:16:01:39:bf:fc:dc:ce:57:af:ff:c9:1e:ce:
         44:1d:a7:c3:25:ea:00:fa:75:e8:80:06:0f:77:fc:a1:c5:ab:
         74:d4:3c:8a:d3:f1:32:e7:29:d9:43:88:30:be:d2:61:eb:8c:
         7c:33:cf:d0:68:da:af:ad:3e:96:43:51:18:64:62:3e:f2:70:
         ce:01:64:74:bb:85:fb:ce:53:92:c6:4d:b6:ed:08:39:e4:06:
         2a:d1:1c:0e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaRkKu0U3WTBbNBApS5CYpZOCS3QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmM2VjNDQ1MTJjY2E4NjA4YjcwNWQ4ZWMyZDJiYjZjMTEz
NDJlZmUyNjk2MGVmMWQzOTc0MDE2OGQ0YmFlZjc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1quDBNWEJYJ17WPOXYJilFG7urbUpVuGL0nIsnoP3+qLM
dgFUiZ+aMnHcnw3z+Fv+jcvJhL7jA0lPTyy43jjN2lXOenmJCgLvFCjmfuwqW6dM
QugVLNntpiDydIZLrXzSJLU6E8t/mbZzr7LHbF+Bxj7GMNTbrBGv67Veki4QZNPq
veXoWd8aWveutIYKsmFGcLHFYnPEfHeKZ4tCDbDnke5BkM+gixYk1ITw8MKghjdH
KN218MrzpeHObydZUu2N80c7RfTz1L0pULkdfSMr1IRYqaDW60JJ3dFCenpsLyBC
C/2Uv91t9k1b6bBpocxkSUvm75Lladn1UHgiaBGrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJbiJdG04HCZOIGnEUt34en3+MUQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwMTljZDQ1LTcxNWItNDVmYy1iYmViLTEwMmMyOWNiYjRiNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAe4SIAwDQYJKoZIhvcNAQELBQADggEBABGVAa2xT+YHCIHhdvkexquFMyDY
rwy15TXD6DMxDy3fLwlmkpECkE8ENVZ1bHvnUMMGufGo3vlUjOWQiERsc9sgHuiG
oK8Smhyul11kcDLj+Y5UmV48hePEDEEcyxdwxVDVbGCwb6IgcURK4voWq2Y9QEd2
IvzhnWaVgvp1nQqpp/Utvceye+N5bGOuUKxfRphhNEAgiA8vsWR+OJvKm+MbLvHk
4Oh1FgE5v/zczlev/8kezkQdp8Ml6gD6deiABg93/KHFq3TUPIrT8TLnKdlDiDC+
0mHrjHwzz9Bo2q+tPpZDURhkYj7ycM4BZHS7hfvOU5LGTbbtCDnkBirRHA4=
-----END CERTIFICATE-----