Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/701f0409-6f56-4330-9a4d-25cb0cb0b026.roa
File:                     701f0409-6f56-4330-9a4d-25cb0cb0b026.roa (raw, json)
Hash identifier:          z38KIMwG0edOcYctc2pElJzI24lws8jzutsMYH4sdj8=
Subject key identifier:   40:AA:3B:3A:2A:85:59:C5:9A:A7:69:1D:BE:5B:E9:44:2E:C1:02:07
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73CCBC06523808B4BA8827C4FE080AB64E517F18
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/701f0409-6f56-4330-9a4d-25cb0cb0b026.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.72.0.0/18 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:cc:bc:06:52:38:08:b4:ba:88:27:c4:fe:08:0a:b6:4e:51:7f:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=c787cff48e9518f7b724cc61767de576b70837dd79cdd98fca7091ce3c9bce28, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c7:50:51:d0:20:93:c1:89:69:2e:5b:b8:9d:
                    e6:6c:00:d8:37:2d:d6:54:84:da:00:55:49:00:c4:
                    d3:23:b0:08:b7:bd:28:ff:39:20:e2:89:92:78:75:
                    09:3f:2f:ed:5c:74:e1:33:2e:07:36:05:e4:20:e1:
                    51:05:ed:c8:78:5f:fb:7b:d3:cc:74:0e:d3:c7:0e:
                    a9:7c:fa:d3:78:68:bc:33:33:bf:c7:63:04:c4:db:
                    73:a0:51:f3:c3:f7:a3:45:b9:5f:23:8a:33:bf:b1:
                    1e:97:22:69:9e:32:81:df:a7:26:26:47:67:ff:bc:
                    dd:66:7d:fc:41:60:71:1b:a0:f1:d8:b8:30:a3:6f:
                    87:ac:90:1f:18:22:c1:d6:d5:3f:26:a9:3a:11:9f:
                    e2:05:16:4d:98:6a:29:1e:b8:80:75:68:4b:f1:ed:
                    6f:1f:8c:fb:22:ec:8a:22:18:33:b2:21:cd:0e:d0:
                    ba:89:f6:34:ee:ba:f2:e0:21:88:0d:a7:b7:d4:5f:
                    8f:80:f8:ee:cf:a3:32:c4:50:2f:29:8a:1c:aa:e2:
                    53:dd:88:45:bc:c6:d4:dd:8e:39:a2:ef:9f:aa:3b:
                    15:46:60:41:26:6e:26:5f:1c:1b:de:34:ee:38:97:
                    39:0d:a8:12:c9:1c:bb:41:c0:5a:41:6e:1b:02:cf:
                    2f:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:AA:3B:3A:2A:85:59:C5:9A:A7:69:1D:BE:5B:E9:44:2E:C1:02:07
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/701f0409-6f56-4330-9a4d-25cb0cb0b026.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.72.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         3c:a4:42:bd:fa:4b:36:06:b7:db:e5:d1:54:6f:78:fe:28:d5:
         84:b8:20:12:56:8a:eb:61:cd:22:1d:2f:6b:e8:13:b2:57:ed:
         59:f1:e5:22:8d:fe:24:5f:7a:ce:a4:a4:4d:5b:cc:e7:82:21:
         76:87:19:67:58:17:ac:2c:da:bf:ea:d0:94:11:36:31:d3:3b:
         23:a2:43:f8:2d:95:ce:7c:b8:9f:86:69:73:9e:7d:07:f6:55:
         ac:bc:29:f3:2d:16:44:57:d9:3e:c7:af:26:1f:d7:8b:80:10:
         53:06:f6:11:6d:78:70:13:54:14:c9:d5:06:a4:c9:19:b5:ac:
         14:dc:5e:09:33:91:61:bf:7b:a6:8a:51:c4:13:b2:e7:83:61:
         45:9e:94:2c:0e:cb:71:ac:87:a6:e3:f3:79:42:6d:79:4b:f8:
         f0:98:fb:c9:46:f2:7d:92:d6:12:de:a8:59:3c:37:07:98:6f:
         03:5f:22:15:33:fb:24:2b:78:1d:58:c3:ad:07:a5:02:d5:f5:
         c8:e9:66:a0:4d:54:ba:b0:15:55:30:4e:53:fb:f4:6a:cd:c7:
         e7:09:83:bf:02:eb:5f:1f:15:72:c9:45:21:6e:2d:54:3c:58:
         d1:fc:76:31:fa:77:b5:5c:22:65:71:cf:35:c3:3d:04:e6:e9:
         27:a5:af:4b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUc8y8BlI4CLS6iCfE/ggKtk5RfxgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzg3Y2ZmNDhlOTUxOGY3YjcyNGNjNjE3NjdkZTU3NmI3
MDgzN2RkNzljZGQ5OGZjYTcwOTFjZTNjOWJjZTI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvx1BR0CCTwYlpLlu4neZsANg3LdZUhNoAVUkAxNMjsAi3
vSj/OSDiiZJ4dQk/L+1cdOEzLgc2BeQg4VEF7ch4X/t708x0DtPHDql8+tN4aLwz
M7/HYwTE23OgUfPD96NFuV8jijO/sR6XImmeMoHfpyYmR2f/vN1mffxBYHEboPHY
uDCjb4eskB8YIsHW1T8mqToRn+IFFk2YaikeuIB1aEvx7W8fjPsi7IoiGDOyIc0O
0LqJ9jTuuvLgIYgNp7fUX4+A+O7PozLEUC8pihyq4lPdiEW8xtTdjjmi75+qOxVG
YEEmbiZfHBveNO44lzkNqBLJHLtBwFpBbhsCzy+jAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQKo7OiqFWcWap2kdvlvpRC7BAgcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcwMWYwNDA5LTZmNTYtNDMzMC05YTRkLTI1Y2IwY2IwYjAyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAa4SAAwDQYJKoZIhvcNAQELBQADggEBADykQr36SzYGt9vl0VRveP4o1YS4
IBJWiuthzSIdL2voE7JX7Vnx5SKN/iRfes6kpE1bzOeCIXaHGWdYF6ws2r/q0JQR
NjHTOyOiQ/gtlc58uJ+GaXOefQf2Vay8KfMtFkRX2T7HryYf14uAEFMG9hFteHAT
VBTJ1QakyRm1rBTcXgkzkWG/e6aKUcQTsueDYUWelCwOy3Gsh6bj83lCbXlL+PCY
+8lG8n2S1hLeqFk8NweYbwNfIhUz+yQreB1Yw60HpQLV9cjpZqBNVLqwFVUwTlP7
9GrNx+cJg78C618fFXLJRSFuLVQ8WNH8djH6d7VcImVxzzXDPQTm6Selr0s=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:11:51 2025 by rpki-client