Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88550d83-7cf6-4241-8cbd-0c1b7e820c36.roa
File:                     88550d83-7cf6-4241-8cbd-0c1b7e820c36.roa (raw, json)
Hash identifier:          csTVNor4GZV0Oal3I/QfQUHrvlvy4mr/gkfTJ3caNAI=
Subject key identifier:   BC:91:0C:57:C1:18:A2:66:1D:DF:EB:94:5D:FB:F9:2E:32:84:35:4F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2ECA1C1AA19369B8E9A054119406BC001E9923DA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88550d83-7cf6-4241-8cbd-0c1b7e820c36.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f16::/34 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:ca:1c:1a:a1:93:69:b8:e9:a0:54:11:94:06:bc:00:1e:99:23:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:f8:4d:87:8e:84:46:1e:96:18:01:6b:14:e1:
                    b7:d9:77:1e:03:90:33:56:55:39:bb:40:b2:f0:25:
                    db:b8:37:5d:f6:dd:05:e7:e6:42:d2:ec:58:86:2e:
                    9a:92:8b:e4:77:33:77:fd:05:cf:d8:2a:85:86:3b:
                    3e:a8:dd:d8:fb:fc:bb:da:b4:c7:7f:b0:31:8d:e6:
                    e2:3d:91:53:e4:9f:14:ca:88:05:e0:1f:2a:0c:95:
                    09:68:e4:92:8e:a9:0d:ac:00:7f:92:73:2a:f4:d1:
                    62:12:4e:96:65:cc:22:2e:8a:d3:02:a3:01:50:c5:
                    b1:5f:b7:04:e4:5b:43:c1:c8:b8:79:e4:14:6c:60:
                    64:5c:b1:1a:10:b2:11:69:26:81:70:d3:b5:45:61:
                    cf:56:75:1f:15:e0:e8:f7:88:45:34:6a:49:69:8d:
                    72:43:0f:e2:e8:03:da:d0:b9:97:b0:b7:20:88:c4:
                    42:d2:ba:7d:34:bc:7c:13:1c:f7:04:31:32:9b:f8:
                    8b:32:86:00:bc:83:2d:46:f4:bc:69:57:ea:c3:92:
                    c0:25:fa:47:27:17:5b:d6:c3:00:2c:0d:86:57:49:
                    5c:4e:29:39:46:50:85:5b:59:b6:0e:44:00:7c:22:
                    86:13:6e:f8:f2:79:f8:57:30:01:b6:32:3e:c4:80:
                    8e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:91:0C:57:C1:18:A2:66:1D:DF:EB:94:5D:FB:F9:2E:32:84:35:4F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88550d83-7cf6-4241-8cbd-0c1b7e820c36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f16::/34

    Signature Algorithm: sha256WithRSAEncryption
         83:11:b3:72:78:fa:cb:1e:3c:aa:ad:bc:6c:8b:a1:ba:8d:4e:
         a2:93:b7:09:e2:a1:0e:be:68:69:a0:e5:4d:c4:ff:d2:fb:56:
         e3:87:b0:60:0f:85:ed:03:37:90:d7:7f:b5:42:8e:05:d4:dc:
         c1:a2:70:e5:2a:63:dd:79:41:a2:91:12:14:14:b5:6e:4f:8b:
         a7:30:c7:d9:4a:0c:f7:6b:44:5d:f4:e5:78:2b:8f:96:5c:40:
         53:9d:e8:a4:92:ab:89:da:98:03:b7:6e:1a:66:39:86:d0:89:
         5b:9b:f2:0b:c8:27:cf:0c:92:1a:14:0e:c7:ab:a4:04:1c:fe:
         d6:90:5d:f9:ad:d4:b8:dc:2f:24:f3:ce:a8:61:84:0c:57:81:
         ac:74:f0:61:b9:a3:f4:5b:83:db:0f:6d:d9:c2:61:d5:e1:24:
         4e:76:ca:6e:3c:47:1f:74:f7:d1:0e:eb:fd:85:5f:61:77:26:
         42:6c:d6:6b:17:09:3b:23:95:c9:c1:45:0c:59:03:84:6c:00:
         bf:00:a8:dd:71:ad:53:74:7b:94:81:72:66:c5:f5:5a:9b:4b:
         95:a5:f9:49:c7:ce:f3:a2:9d:c7:9c:6d:14:4b:cb:78:af:19:
         30:1e:01:4c:7f:75:54:e6:b7:07:ae:6a:2d:fa:9a:3a:e9:05:
         45:44:39:40
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULsocGqGTabjpoFQRlAa8AB6ZI9owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ODYxNWU0NmQyMzAxZDEwZjBkYjBkOGMwNjEwYjkxNjY5
ZjA4MWQ2ZjAyMzNjN2Q0ZGYxYjFmMWQyYmUzNzA5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDi+E2HjoRGHpYYAWsU4bfZdx4DkDNWVTm7QLLwJdu4N132
3QXn5kLS7FiGLpqSi+R3M3f9Bc/YKoWGOz6o3dj7/LvatMd/sDGN5uI9kVPknxTK
iAXgHyoMlQlo5JKOqQ2sAH+Scyr00WISTpZlzCIuitMCowFQxbFftwTkW0PByLh5
5BRsYGRcsRoQshFpJoFw07VFYc9WdR8V4Oj3iEU0aklpjXJDD+LoA9rQuZewtyCI
xELSun00vHwTHPcEMTKb+IsyhgC8gy1G9LxpV+rDksAl+kcnF1vWwwAsDYZXSVxO
KTlGUIVbWbYORAB8IoYTbvjyefhXMAG2Mj7EgI5ZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUvJEMV8EYomYd3+uUXfv5LjKENU8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4NTUwZDgzLTdjZjYtNDI0MS04Y2JkLTBjMWI3ZTgyMGMzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgYmAB8WADANBgkqhkiG9w0BAQsFAAOCAQEAgxGzcnj6yx48qq28bIuhuo1O
opO3CeKhDr5oaaDlTcT/0vtW44ewYA+F7QM3kNd/tUKOBdTcwaJw5Spj3XlBopES
FBS1bk+LpzDH2UoM92tEXfTleCuPllxAU53opJKridqYA7duGmY5htCJW5vyC8gn
zwySGhQOx6ukBBz+1pBd+a3UuNwvJPPOqGGEDFeBrHTwYbmj9FuD2w9t2cJh1eEk
TnbKbjxHH3T30Q7r/YVfYXcmQmzWaxcJOyOVycFFDFkDhGwAvwCo3XGtU3R7lIFy
ZsX1WptLlaX5ScfO86Kdx5xtFEvLeK8ZMB4BTH91VOa3B65qLfqaOukFRUQ5QA==
-----END CERTIFICATE-----