Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/77b4a6c4-6db8-4b2b-8293-b367fc2ded32.roa
File:                     77b4a6c4-6db8-4b2b-8293-b367fc2ded32.roa (raw, json)
Hash identifier:          LpASaJ1Ik5uuaquZ3Z1uf3RdUVCGBcs3tkw8fYHr0Qg=
Subject key identifier:   4E:F2:4A:06:CC:88:C3:7E:7A:B6:5D:89:8B:4B:43:EE:A5:AF:99:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2C40A5A5AA9075B426CB6540D0A02BD017345EF8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/77b4a6c4-6db8-4b2b-8293-b367fc2ded32.roa
Signing time:             Mon 23 Dec 2024 00:00:00 +0000
ROA not before:           Mon 23 Dec 2024 00:00:00 +0000
ROA not after:            Mon 27 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        77.122.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:40:a5:a5:aa:90:75:b4:26:cb:65:40:d0:a0:2b:d0:17:34:5e:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 23 00:00:00 2024 GMT
            Not After : Jan 27 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5f:0e:27:04:01:0f:b8:0b:fa:03:18:b2:b5:
                    24:83:23:1f:a8:c4:5d:33:95:5d:dc:5f:55:0f:1f:
                    2b:b5:a3:57:d8:95:f0:d7:c6:25:c4:a9:5f:9f:cb:
                    4e:3f:1e:5c:56:66:ec:d2:de:6f:e0:e2:e6:7c:32:
                    44:6e:63:01:8a:e3:49:99:15:28:dc:68:3b:f7:2f:
                    b5:5d:be:c8:57:4b:3e:bb:51:48:8a:74:7d:eb:fc:
                    4d:f7:d4:aa:21:da:a2:a8:9e:8c:77:76:aa:d3:15:
                    fa:7b:5a:ae:45:e7:ff:42:d2:4b:0e:df:4b:97:18:
                    88:d4:ba:27:c0:f5:23:ce:27:48:d2:81:a7:92:07:
                    ae:5e:fc:5e:10:26:9d:be:9a:60:19:da:6c:bc:c6:
                    77:af:47:86:6e:b5:00:6d:dc:7e:82:47:54:52:be:
                    60:82:90:83:b0:88:ab:b2:d5:74:75:16:4e:3f:e9:
                    33:d1:ee:1f:aa:66:16:7f:e6:a2:08:bc:da:72:75:
                    b7:a4:81:98:43:97:16:21:77:10:fd:2f:78:71:dd:
                    4f:2f:15:f9:2a:90:4b:13:3f:19:5d:6d:54:e3:d4:
                    d8:cb:27:38:48:e6:d1:92:1d:6a:c8:23:d6:44:8d:
                    4d:d7:3b:37:8b:19:f6:83:8a:ea:6c:94:a7:94:75:
                    b8:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:F2:4A:06:CC:88:C3:7E:7A:B6:5D:89:8B:4B:43:EE:A5:AF:99:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/77b4a6c4-6db8-4b2b-8293-b367fc2ded32.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.122.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b4:70:cb:4e:e9:a0:06:c8:45:4d:72:30:a5:6a:f2:a2:a3:23:
         d7:c0:19:db:01:51:2d:ad:a7:6d:26:44:14:56:9b:a2:a9:d2:
         b4:03:06:b6:65:fe:1f:7f:be:42:2f:86:0f:be:d7:ff:45:fd:
         71:b2:f1:04:6a:76:f3:9b:71:86:75:08:2a:bc:d5:3e:03:c8:
         ff:d1:71:ab:c1:ee:4a:44:fe:5d:68:d7:43:9e:69:22:4a:54:
         68:2c:0e:0b:73:ed:0c:01:86:fa:7d:63:2d:8a:2c:e2:ce:c5:
         ad:39:84:12:9a:f0:67:d9:c8:07:a1:f5:ca:af:10:4d:33:72:
         3c:44:48:24:5c:ec:9b:63:8b:57:08:35:84:ff:8b:4d:c9:93:
         93:dc:d1:3b:b2:ca:02:74:4e:af:10:1a:8a:86:5d:0a:f6:44:
         82:2a:dd:10:ec:64:a9:b6:f7:99:fe:72:1a:80:22:42:cb:f2:
         da:eb:71:8f:28:54:e2:87:69:56:42:61:3b:16:92:b4:5e:d5:
         63:8a:00:41:0c:33:6e:a9:94:63:c8:34:52:bf:ef:3d:e7:b8:
         ec:7e:1e:7d:3c:d9:03:68:c3:83:7e:71:eb:bd:c0:c6:ce:c4:
         38:3f:aa:58:17:bd:01:6d:7a:90:43:e6:01:31:2d:7e:4b:de:
         b2:31:0f:cd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULEClpaqQdbQmy2VA0KAr0Bc0XvgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjQ2MjJhZmRjM2FiNTMzNTFhOTk1ODY4N2M4MTcwODdi
ZGM5Njg5YjVkMDZlNDFiYjJhNDJhZjA0NWVjMmJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTXw4nBAEPuAv6AxiytSSDIx+oxF0zlV3cX1UPHyu1o1fY
lfDXxiXEqV+fy04/HlxWZuzS3m/g4uZ8MkRuYwGK40mZFSjcaDv3L7VdvshXSz67
UUiKdH3r/E331Koh2qKonox3dqrTFfp7Wq5F5/9C0ksO30uXGIjUuifA9SPOJ0jS
gaeSB65e/F4QJp2+mmAZ2my8xnevR4ZutQBt3H6CR1RSvmCCkIOwiKuy1XR1Fk4/
6TPR7h+qZhZ/5qIIvNpydbekgZhDlxYhdxD9L3hx3U8vFfkqkEsTPxldbVTj1NjL
JzhI5tGSHWrII9ZEjU3XOzeLGfaDiupslKeUdbi5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTvJKBsyIw356tl2Ji0tD7qWvmfYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc3YjRhNmM0LTZkYjgtNGIyYi04MjkzLWIzNjdmYzJkZWQzMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBNejANBgkqhkiG9w0BAQsFAAOCAQEAtHDLTumgBshFTXIwpWryoqMj18AZ
2wFRLa2nbSZEFFaboqnStAMGtmX+H3++Qi+GD77X/0X9cbLxBGp285txhnUIKrzV
PgPI/9Fxq8HuSkT+XWjXQ55pIkpUaCwOC3PtDAGG+n1jLYos4s7FrTmEEprwZ9nI
B6H1yq8QTTNyPERIJFzsm2OLVwg1hP+LTcmTk9zRO7LKAnROrxAaioZdCvZEgird
EOxkqbb3mf5yGoAiQsvy2utxjyhU4odpVkJhOxaStF7VY4oAQQwzbqmUY8g0Ur/v
Pee47H4efTzZA2jDg35x673Axs7EOD+qWBe9AW16kEPmATEtfkvesjEPzQ==
-----END CERTIFICATE-----