Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8bd09f21-a2dd-4485-9917-18c02bb6ae14.roa
File:                     8bd09f21-a2dd-4485-9917-18c02bb6ae14.roa (raw, json)
Hash identifier:          gTvSwZR/jpZhsFwx7wlH1RtLaC0S9tXpbLkPybChRuM=
Subject key identifier:   34:99:D9:76:60:F2:57:6B:75:81:A5:73:CA:B0:C6:E3:1E:A8:66:C4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       268A7A65459C15033F5D3150246DC30D92478BDB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8bd09f21-a2dd-4485-9917-18c02bb6ae14.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.117.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:8a:7a:65:45:9c:15:03:3f:5d:31:50:24:6d:c3:0d:92:47:8b:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=9c6146e5bad86c47c3733a9f3a6201165c4e28f41d63c992b080ea770cf919e7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c2:e5:ff:bb:af:c5:5a:d8:d4:b8:a1:cc:8d:
                    93:58:15:3d:45:c0:ac:13:9e:23:70:37:a2:66:52:
                    bb:d9:5f:b4:7c:f5:10:68:fb:b1:98:bb:65:b2:be:
                    9a:f1:85:1d:bd:28:23:bb:1a:0d:54:8d:8a:ba:69:
                    9e:18:7d:40:c1:eb:5c:4a:16:e8:fd:24:a7:41:0d:
                    da:e6:5c:ce:9b:89:0c:31:73:33:45:7d:27:fa:3c:
                    97:8f:42:f7:dd:3b:70:d2:ae:1e:d9:eb:d1:4e:1d:
                    6c:b2:ab:2a:13:2d:3e:98:6e:b6:c7:2d:a1:9b:2a:
                    13:0e:c5:76:22:e6:fc:5f:e7:92:db:36:12:6a:80:
                    f0:f0:00:bd:3b:9e:7d:e3:ef:07:f8:41:b8:9a:c9:
                    80:4b:49:16:e6:a5:5f:94:08:22:bf:30:8b:2d:12:
                    37:ec:26:37:ca:af:6c:08:9b:7b:e3:99:9b:49:8b:
                    e3:30:49:28:59:a3:bd:82:bd:f8:5d:96:86:1f:e4:
                    67:e2:fe:f4:df:f1:0c:47:d8:8b:6c:fa:83:be:01:
                    aa:16:af:56:2f:74:fa:7c:b9:91:16:54:c8:39:24:
                    f1:d3:8f:b5:4c:51:78:da:75:79:a1:12:44:a9:0d:
                    39:64:64:86:cf:ab:fa:e6:9a:25:2e:d5:7a:50:35:
                    00:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:99:D9:76:60:F2:57:6B:75:81:A5:73:CA:B0:C6:E3:1E:A8:66:C4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8bd09f21-a2dd-4485-9917-18c02bb6ae14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.117.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d3:71:07:70:32:84:e1:cb:6a:ff:c3:fe:1e:58:20:86:de:d5:
         77:e7:92:43:2b:5f:3f:bc:6b:40:67:67:69:53:9b:83:f9:c1:
         bd:53:d5:e5:60:3f:6b:75:a9:dc:64:61:16:3b:de:69:a2:e5:
         4c:9c:34:e6:95:7d:64:4a:5e:d5:49:83:29:5a:d5:69:5b:cf:
         b3:1f:27:2b:8d:b2:03:00:03:72:2b:5d:7b:f5:3f:b2:ea:03:
         ae:c7:1c:e8:12:8f:bc:da:3f:03:ce:cc:b4:99:dd:8e:62:75:
         b6:67:fa:35:2d:84:d1:5c:67:3b:dd:30:ca:f1:3c:ef:16:e3:
         ac:96:31:54:d0:53:18:e1:f4:aa:8e:e9:53:67:16:9e:3f:e3:
         ad:bf:b8:96:b2:e1:f8:d9:96:8f:7d:32:30:a0:81:fe:1b:73:
         0a:f2:96:9c:65:48:e8:90:25:0c:ad:57:e2:fc:7e:9d:57:e5:
         71:c6:f9:76:dc:21:02:85:f4:3d:55:41:a6:d0:8e:50:4d:da:
         7a:fb:f2:84:20:43:2f:e5:7e:36:14:0f:15:a1:24:6e:ef:f5:
         20:51:c0:b6:b0:2a:19:05:58:c4:08:a7:c1:63:90:14:98:4e:
         88:89:06:0d:e4:19:5e:76:4b:5c:87:8a:79:39:4d:6a:84:17:
         fb:e9:b2:87
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJop6ZUWcFQM/XTFQJG3DDZJHi9swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzYxNDZlNWJhZDg2YzQ3YzM3MzNhOWYzYTYyMDExNjVj
NGUyOGY0MWQ2M2M5OTJiMDgwZWE3NzBjZjkxOWU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPwuX/u6/FWtjUuKHMjZNYFT1FwKwTniNwN6JmUrvZX7R8
9RBo+7GYu2WyvprxhR29KCO7Gg1UjYq6aZ4YfUDB61xKFuj9JKdBDdrmXM6biQwx
czNFfSf6PJePQvfdO3DSrh7Z69FOHWyyqyoTLT6YbrbHLaGbKhMOxXYi5vxf55Lb
NhJqgPDwAL07nn3j7wf4QbiayYBLSRbmpV+UCCK/MIstEjfsJjfKr2wIm3vjmZtJ
i+MwSShZo72CvfhdloYf5Gfi/vTf8QxH2Its+oO+AaoWr1YvdPp8uZEWVMg5JPHT
j7VMUXjadXmhEkSpDTlkZIbPq/rmmiUu1XpQNQCTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUNJnZdmDyV2t1gaVzyrDG4x6oZsQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhiZDA5ZjIxLWEyZGQtNDQ4NS05OTE3LTE4YzAyYmI2YWUxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2dTANBgkqhkiG9w0BAQsFAAOCAQEA03EHcDKE4ctq/8P+Hlgght7Vd+eS
QytfP7xrQGdnaVObg/nBvVPV5WA/a3Wp3GRhFjveaaLlTJw05pV9ZEpe1UmDKVrV
aVvPsx8nK42yAwADcitde/U/suoDrscc6BKPvNo/A87MtJndjmJ1tmf6NS2E0Vxn
O90wyvE87xbjrJYxVNBTGOH0qo7pU2cWnj/jrb+4lrLh+NmWj30yMKCB/htzCvKW
nGVI6JAlDK1X4vx+nVflccb5dtwhAoX0PVVBptCOUE3aevvyhCBDL+V+NhQPFaEk
bu/1IFHAtrAqGQVYxAinwWOQFJhOiIkGDeQZXnZLXIeKeTlNaoQX++myhw==
-----END CERTIFICATE-----