Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62932aa3-7b03-4dee-8ac4-e32c2fe04ef6.roa
File:                     62932aa3-7b03-4dee-8ac4-e32c2fe04ef6.roa (raw, json)
Hash identifier:          Mm4XXy7ffK4Qv662x6KNglYMNeOfPFbW6/bz5FhVoqw=
Subject key identifier:   BA:E6:A2:EE:E6:DF:93:26:8E:43:20:65:76:34:80:0D:E5:13:FC:D2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       47542B6772CF3547D4118A77E168181F0B50D60A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62932aa3-7b03-4dee-8ac4-e32c2fe04ef6.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        16.12.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:54:2b:67:72:cf:35:47:d4:11:8a:77:e1:68:18:1f:0b:50:d6:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=9ad5337d3e77db79dd0a5bb91e9c7249487950c10b31eabfa2a8228deaaa68a3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:92:92:69:ec:c0:ae:1f:a5:7a:48:1a:91:1b:
                    43:46:e3:0b:50:7d:f4:bc:2e:61:b0:34:2f:14:4b:
                    f9:a3:98:5d:b7:05:0e:c5:9c:77:a6:6f:6a:f1:e9:
                    bd:bf:c6:00:a2:d0:fe:f6:c5:91:e8:3a:09:b3:e7:
                    81:8c:b9:84:d1:ea:28:0a:5a:97:f4:6b:4f:27:43:
                    b4:31:43:fa:0f:62:27:96:23:0e:30:ea:3d:f9:28:
                    4a:7e:7d:c3:c4:29:e1:6f:c6:ea:d7:b5:ef:87:5f:
                    51:1e:b3:db:83:ab:b1:a9:cc:be:13:ed:31:93:cb:
                    fb:3f:86:83:0a:83:8f:01:cb:86:eb:d9:4b:89:e6:
                    af:d1:58:0e:b2:ff:ec:d3:9d:ab:ac:15:af:c4:4a:
                    a6:3b:2d:1d:ac:58:3f:3f:0b:b7:58:cb:2f:42:bd:
                    a5:9d:0d:f5:c0:af:99:ab:56:da:18:cc:25:98:29:
                    39:c9:ea:36:dc:5f:d7:71:ce:3f:49:ff:76:cb:c0:
                    ea:e4:2d:a3:8d:79:38:b3:cd:ca:80:82:35:69:27:
                    57:b5:54:61:a6:bb:d7:49:24:85:5b:fe:08:39:6a:
                    c9:bc:39:86:cd:58:cf:71:93:2d:6b:1e:c2:1d:e7:
                    d9:b2:56:d7:ed:d7:3b:5d:a4:10:13:36:d9:fc:7d:
                    4a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E6:A2:EE:E6:DF:93:26:8E:43:20:65:76:34:80:0D:E5:13:FC:D2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62932aa3-7b03-4dee-8ac4-e32c2fe04ef6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.12.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         93:fe:2c:e6:5d:16:c3:99:26:fa:5a:c0:d3:33:ce:26:6d:b9:
         75:32:2c:fb:1f:56:70:93:86:a5:d2:77:61:db:a7:d0:45:f1:
         d4:b9:77:25:7a:6d:f9:95:7d:3c:9b:05:dc:73:55:ac:42:ab:
         4e:0b:48:be:cd:0c:81:55:59:80:86:fd:24:36:47:fd:6d:88:
         d4:2d:48:e9:ae:84:70:88:eb:8f:68:12:f5:2e:a2:d6:8e:38:
         4e:2b:d2:ae:ed:d8:92:a6:a5:ab:ab:da:eb:90:2d:4d:83:cd:
         c2:3c:bd:06:ba:40:6e:3a:b8:3e:8b:88:79:60:63:83:38:63:
         24:9a:01:3e:21:24:bd:5b:ca:f2:d4:12:04:45:f1:dd:0b:79:
         f3:d2:cc:73:e8:b5:16:11:7a:a2:c3:58:87:73:7a:f0:46:e7:
         6a:34:06:50:fb:8c:26:d9:fc:6f:99:46:0a:4f:50:9c:d6:4c:
         e4:f2:7a:d6:37:f5:64:d2:b2:52:12:2d:23:19:22:8c:6f:5d:
         27:a6:27:05:a8:e5:0d:6a:f2:0f:12:b1:3d:ab:cf:f7:43:34:
         73:d4:a4:f8:b1:98:96:a7:bd:97:1b:7b:ee:2b:c3:ef:70:a1:
         bc:6f:fd:64:34:19:74:ed:c1:62:18:6a:85:66:31:14:e8:71:
         e5:92:18:b2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUR1QrZ3LPNUfUEYp34WgYHwtQ1gowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YWQ1MzM3ZDNlNzdkYjc5ZGQwYTViYjkxZTljNzI0OTQ4
Nzk1MGMxMGIzMWVhYmZhMmE4MjI4ZGVhYWE2OGEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvkpJp7MCuH6V6SBqRG0NG4wtQffS8LmGwNC8US/mjmF23
BQ7FnHemb2rx6b2/xgCi0P72xZHoOgmz54GMuYTR6igKWpf0a08nQ7QxQ/oPYieW
Iw4w6j35KEp+fcPEKeFvxurXte+HX1Ees9uDq7GpzL4T7TGTy/s/hoMKg48By4br
2UuJ5q/RWA6y/+zTnausFa/ESqY7LR2sWD8/C7dYyy9CvaWdDfXAr5mrVtoYzCWY
KTnJ6jbcX9dxzj9J/3bLwOrkLaONeTizzcqAgjVpJ1e1VGGmu9dJJIVb/gg5asm8
OYbNWM9xky1rHsId59myVtft1ztdpBATNtn8fUqlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUuuai7ubfkyaOQyBldjSADeUT/NIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyOTMyYWEzLTdiMDMtNGRlZS04YWM0LWUzMmMyZmUwNGVmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQDDANBgkqhkiG9w0BAQsFAAOCAQEAk/4s5l0Ww5km+lrA0zPOJm25dTIs
+x9WcJOGpdJ3Ydun0EXx1Ll3JXpt+ZV9PJsF3HNVrEKrTgtIvs0MgVVZgIb9JDZH
/W2I1C1I6a6EcIjrj2gS9S6i1o44TivSru3Ykqalq6va65AtTYPNwjy9BrpAbjq4
PouIeWBjgzhjJJoBPiEkvVvK8tQSBEXx3Qt589LMc+i1FhF6osNYh3N68EbnajQG
UPuMJtn8b5lGCk9QnNZM5PJ61jf1ZNKyUhItIxkijG9dJ6YnBajlDWryDxKxPavP
90M0c9Sk+LGYlqe9lxt77ivD73ChvG/9ZDQZdO3BYhhqhWYxFOhx5ZIYsg==
-----END CERTIFICATE-----