Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d8d5c43-3b4b-4d6b-a36b-51e5b35ea1a5.roa
File:                     8d8d5c43-3b4b-4d6b-a36b-51e5b35ea1a5.roa (raw, json)
Hash identifier:          oRbDN3s8UsT1rIJFLd/rYCWeAXqRGMPbHnGbaQCkJw0=
Subject key identifier:   0C:EC:54:52:39:4D:89:D2:9E:92:74:6B:1F:38:3B:78:96:F7:C5:75
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5C8D65BEA8DA1F14D411788B0DD501CE4DB3343B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d8d5c43-3b4b-4d6b-a36b-51e5b35ea1a5.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.137.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:8d:65:be:a8:da:1f:14:d4:11:78:8b:0d:d5:01:ce:4d:b3:34:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=2fca6a29c4a2800410bd05af0bec9933484de6e0e72f4c1fdc0112d55971003c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:dd:34:96:ed:90:10:b3:bb:74:d7:32:10:91:
                    63:87:58:86:fa:22:2a:10:e4:81:88:1b:74:e5:b4:
                    e5:02:04:d2:fc:83:7b:51:40:99:8b:64:ec:67:c2:
                    1f:ca:fe:b5:fe:de:82:61:ae:99:64:96:5b:98:98:
                    28:97:0d:df:11:43:37:f1:85:f2:4b:98:1b:43:7e:
                    f1:00:b0:41:2b:b3:93:4c:7c:47:f1:1d:ab:9e:54:
                    66:41:64:f7:d5:e0:a1:57:a5:6c:6f:40:33:c9:91:
                    31:c0:06:11:d3:d4:56:34:3f:e6:f1:1f:b9:25:c0:
                    a6:d4:f7:e3:37:93:3e:bf:eb:ce:5b:ec:8e:41:0f:
                    8a:e6:ed:1c:ee:3a:ed:67:ff:24:e7:39:f5:1b:67:
                    05:c0:71:50:b3:7c:75:fc:30:6d:6b:d5:6c:f0:e6:
                    f4:b8:81:26:04:38:b7:76:05:6a:d0:74:b6:3a:e7:
                    5d:97:ce:92:2b:d7:a4:10:8f:f3:b5:c8:9c:37:dd:
                    95:4c:29:59:88:13:00:ed:e0:c4:03:5c:86:ca:f1:
                    43:52:6b:98:59:4b:ae:0a:f4:d9:5f:a8:e5:60:45:
                    67:f9:2b:8b:90:8a:e4:44:e3:f1:5c:db:aa:ec:2e:
                    2b:87:b9:1c:c9:07:dd:1b:c8:e6:51:c2:3b:4c:e8:
                    e4:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:EC:54:52:39:4D:89:D2:9E:92:74:6B:1F:38:3B:78:96:F7:C5:75
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d8d5c43-3b4b-4d6b-a36b-51e5b35ea1a5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.137.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         15:f6:fa:42:d6:bf:3d:17:2d:8f:9d:66:e4:70:39:e7:7c:67:
         18:fb:e8:e0:3d:97:aa:8b:80:48:ca:7a:95:c3:3b:12:52:66:
         8e:51:ed:d3:27:f1:df:bb:8b:7f:c0:ae:72:a8:48:55:07:43:
         a0:c9:a6:fa:a4:b7:be:48:24:6c:1f:4b:39:70:e8:4f:c9:d3:
         ca:39:9e:3f:23:b2:ee:b9:b1:f1:53:f4:74:51:80:4c:cf:fb:
         47:06:6b:7b:16:44:33:54:c0:48:60:b6:c8:51:96:34:bb:57:
         de:ea:46:92:3e:b7:f1:42:c3:05:93:9c:31:86:55:e0:5b:4c:
         88:6b:20:e6:76:de:74:d6:13:90:0a:ca:eb:7d:c8:41:87:84:
         68:47:46:5e:37:0d:06:62:94:e1:9a:c9:95:c8:60:d5:26:ed:
         eb:60:3b:f1:89:ab:80:83:27:77:15:f2:33:d4:33:4e:d9:c0:
         c2:b1:18:6c:41:f3:cb:6f:7c:bc:3c:a5:96:26:e1:7d:1b:66:
         9a:ac:cf:44:f0:29:f3:99:f0:2e:4f:3c:83:f6:f8:c9:b2:c4:
         ec:89:9e:24:e1:11:49:e5:2d:06:2c:21:0f:bd:e6:66:b3:9c:
         14:77:0f:f5:93:f9:8d:a9:40:1b:b2:e2:c2:90:df:1f:6a:7f:
         ea:96:08:90
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXI1lvqjaHxTUEXiLDdUBzk2zNDswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZmNhNmEyOWM0YTI4MDA0MTBiZDA1YWYwYmVjOTkzMzQ4
NGRlNmUwZTcyZjRjMWZkYzAxMTJkNTU5NzEwMDNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA3TSW7ZAQs7t01zIQkWOHWIb6IioQ5IGIG3TltOUCBNL8
g3tRQJmLZOxnwh/K/rX+3oJhrplklluYmCiXDd8RQzfxhfJLmBtDfvEAsEErs5NM
fEfxHaueVGZBZPfV4KFXpWxvQDPJkTHABhHT1FY0P+bxH7klwKbU9+M3kz6/685b
7I5BD4rm7RzuOu1n/yTnOfUbZwXAcVCzfHX8MG1r1Wzw5vS4gSYEOLd2BWrQdLY6
512XzpIr16QQj/O1yJw33ZVMKVmIEwDt4MQDXIbK8UNSa5hZS64K9NlfqOVgRWf5
K4uQiuRE4/Fc26rsLiuHuRzJB90byOZRwjtM6ORPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUDOxUUjlNidKeknRrHzg7eJb3xXUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhkOGQ1YzQzLTNiNGItNGQ2Yi1hMzZiLTUxZTViMzVlYTFhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4iTANBgkqhkiG9w0BAQsFAAOCAQEAFfb6Qta/PRctj51m5HA553xnGPvo
4D2XqouASMp6lcM7ElJmjlHt0yfx37uLf8CucqhIVQdDoMmm+qS3vkgkbB9LOXDo
T8nTyjmePyOy7rmx8VP0dFGATM/7RwZrexZEM1TASGC2yFGWNLtX3upGkj638ULD
BZOcMYZV4FtMiGsg5nbedNYTkArK633IQYeEaEdGXjcNBmKU4ZrJlchg1Sbt62A7
8YmrgIMndxXyM9QzTtnAwrEYbEHzy298vDyllibhfRtmmqzPRPAp85nwLk88g/b4
ybLE7ImeJOERSeUtBiwhD73mZrOcFHcP9ZP5jalAG7LiwpDfH2p/6pYIkA==
-----END CERTIFICATE-----