Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/691e6c28-bb1f-4808-ab44-1ff23f1d6210.roa
File:                     691e6c28-bb1f-4808-ab44-1ff23f1d6210.roa (raw, json)
Hash identifier:          KP/19zZwWd+QA6L5Fr9yLD4a/8zatj/3VFDgEMFtoOw=
Subject key identifier:   1F:47:FD:7C:79:F4:C9:11:49:2B:E9:D8:DA:89:1B:E9:76:FB:1F:B6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       564A321F651DA586AA8B4F83863A163CB64F7CCA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/691e6c28-bb1f-4808-ab44-1ff23f1d6210.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.83.104.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:4a:32:1f:65:1d:a5:86:aa:8b:4f:83:86:3a:16:3c:b6:4f:7c:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=040e30e224b3d87e7478f9db81bededa5d4dc092677a02a6c08491a682cbb615, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9c:c7:45:c0:ee:8c:e4:c6:bb:b9:78:7e:ae:
                    83:ba:09:d1:eb:a0:9f:e4:ee:c1:70:4e:78:45:e7:
                    6f:24:6e:94:be:05:97:df:16:93:d8:d7:04:2d:29:
                    2d:e7:e6:f0:9b:25:e6:35:2c:d1:70:c1:8b:a9:86:
                    2f:70:f4:40:8f:c9:b9:5a:09:e6:92:9e:8b:26:b3:
                    ae:d8:83:ac:ec:e5:46:8e:b1:a9:8f:6c:f6:d2:41:
                    9d:f8:3f:0d:4a:8b:e8:06:50:80:fb:36:e0:f8:2f:
                    31:14:35:c4:fb:6d:ef:30:b6:3d:83:80:32:5e:40:
                    d2:89:e3:9c:1d:b4:2f:bc:18:ea:70:99:99:ca:86:
                    04:66:1f:f9:08:0c:ba:50:23:13:27:3e:6d:a6:34:
                    fe:c7:14:36:d4:e0:6b:0c:93:c5:8b:05:49:37:44:
                    5d:ce:cb:6d:7a:17:57:8f:47:68:78:0d:bf:1a:bc:
                    a9:b3:6f:7c:87:24:b0:49:62:fe:3e:e4:57:b8:45:
                    84:71:23:de:15:d9:67:82:ce:ec:33:9c:9e:78:6d:
                    cf:04:34:0e:07:7f:57:88:68:d0:83:32:d9:52:fd:
                    13:09:86:92:1a:45:90:d0:0b:9c:aa:c0:48:cb:b1:
                    0f:ac:35:74:66:ec:53:75:aa:9f:32:ed:e7:94:61:
                    cc:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:47:FD:7C:79:F4:C9:11:49:2B:E9:D8:DA:89:1B:E9:76:FB:1F:B6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/691e6c28-bb1f-4808-ab44-1ff23f1d6210.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.83.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:b7:0d:25:73:8c:cc:c9:08:85:d1:7f:14:15:91:a5:a9:36:
         2c:5d:4f:c1:19:bb:10:d6:d9:88:63:49:17:c1:66:4c:1c:a8:
         03:3e:45:3e:a4:97:a9:61:7c:da:0b:5e:38:06:5c:e6:77:c0:
         ff:e7:b6:01:df:b9:88:f9:65:a4:92:5c:72:f7:52:51:bd:6b:
         40:c9:d3:bb:1d:e6:57:2e:a2:9c:12:04:e3:e3:cf:d3:f2:62:
         01:a8:78:68:f7:b8:4d:59:6d:0a:5a:49:e0:5b:d0:07:59:5c:
         f8:f9:ed:f3:c6:e0:77:db:09:17:ef:d9:fa:26:29:43:fb:a1:
         ec:fe:76:a9:46:0e:11:ee:de:27:b9:63:86:ea:7e:f9:1a:d5:
         84:8b:ab:fa:3c:f3:c0:80:7e:f3:8b:3a:c3:ab:54:28:8b:41:
         ad:cd:dd:03:29:9b:63:39:84:82:2a:6e:4e:47:06:63:00:54:
         e9:72:f2:cd:c5:eb:4e:0d:e8:b4:0d:de:45:67:dd:7f:b9:ff:
         d2:49:8c:05:73:9b:e2:6a:69:da:77:4b:aa:e0:9f:51:58:ff:
         50:9b:3a:b5:e8:5f:06:99:b0:0c:76:08:a8:e6:0a:53:c2:e2:
         5b:c5:31:fd:3f:02:da:7a:2a:bd:e9:ef:d9:97:71:5c:b6:57:
         78:49:76:08
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVkoyH2UdpYaqi0+DhjoWPLZPfMowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNDBlMzBlMjI0YjNkODdlNzQ3OGY5ZGI4MWJlZGVkYTVk
NGRjMDkyNjc3YTAyYTZjMDg0OTFhNjgyY2JiNjE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1nMdFwO6M5Ma7uXh+roO6CdHroJ/k7sFwTnhF528kbpS+
BZffFpPY1wQtKS3n5vCbJeY1LNFwwYuphi9w9ECPyblaCeaSnosms67Yg6zs5UaO
samPbPbSQZ34Pw1Ki+gGUID7NuD4LzEUNcT7be8wtj2DgDJeQNKJ45wdtC+8GOpw
mZnKhgRmH/kIDLpQIxMnPm2mNP7HFDbU4GsMk8WLBUk3RF3Oy216F1ePR2h4Db8a
vKmzb3yHJLBJYv4+5Fe4RYRxI94V2WeCzuwznJ54bc8ENA4Hf1eIaNCDMtlS/RMJ
hpIaRZDQC5yqwEjLsQ+sNXRm7FN1qp8y7eeUYcyNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUH0f9fHn0yRFJK+nY2okb6Xb7H7YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY5MWU2YzI4LWJiMWYtNDgwOC1hYjQ0LTFmZjIzZjFkNjIxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjU2gwDQYJKoZIhvcNAQELBQADggEBAL+3DSVzjMzJCIXRfxQVkaWpNixd
T8EZuxDW2YhjSRfBZkwcqAM+RT6kl6lhfNoLXjgGXOZ3wP/ntgHfuYj5ZaSSXHL3
UlG9a0DJ07sd5lcuopwSBOPjz9PyYgGoeGj3uE1ZbQpaSeBb0AdZXPj57fPG4Hfb
CRfv2fomKUP7oez+dqlGDhHu3ie5Y4bqfvka1YSLq/o888CAfvOLOsOrVCiLQa3N
3QMpm2M5hIIqbk5HBmMAVOly8s3F604N6LQN3kVn3X+5/9JJjAVzm+Jqadp3S6rg
n1FY/1CbOrXoXwaZsAx2CKjmClPC4lvFMf0/Atp6Kr3p79mXcVy2V3hJdgg=
-----END CERTIFICATE-----