Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ef1c6b-8753-4f69-8afa-92274ff9cd80.roa
File:                     94ef1c6b-8753-4f69-8afa-92274ff9cd80.roa (raw, json)
Hash identifier:          DwRKnu6U5PUa57ZmSvDJg1528AU6YpQzp8IPOJDizag=
Subject key identifier:   8B:38:5B:B4:19:26:D4:DE:56:27:45:8B:9D:77:23:A1:A7:0B:D4:1A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2C1147E490CB9C121787FDE2788E5F78797F062A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ef1c6b-8753-4f69-8afa-92274ff9cd80.roa
Signing time:             Mon 23 Dec 2024 00:00:00 +0000
ROA not before:           Mon 23 Dec 2024 00:00:00 +0000
ROA not after:            Mon 27 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        160.209.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:11:47:e4:90:cb:9c:12:17:87:fd:e2:78:8e:5f:78:79:7f:06:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 23 00:00:00 2024 GMT
            Not After : Jan 27 23:59:59 2025 GMT
        Subject: serialNumber=142d25b44afbce3020b1875735fab9670a8ae5eeb62625560e76747567e8b112, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7b:e0:3e:e7:0e:a7:25:79:07:9b:96:d9:37:
                    64:23:9f:87:62:cf:b1:60:84:4c:47:ad:d6:eb:b5:
                    26:58:83:f4:f0:da:02:f1:74:cc:e5:2d:d3:a6:6d:
                    07:7d:74:b1:04:15:d7:c7:5d:53:75:6d:aa:d5:be:
                    ea:94:f6:d6:6f:76:2b:6e:ea:a0:85:78:fd:a9:3a:
                    40:ba:f6:bc:b0:91:2d:d4:aa:ac:2f:34:a6:59:5b:
                    72:00:10:c4:92:ac:f6:6d:99:11:e9:d7:c2:3c:f1:
                    0f:59:29:d0:55:d3:5a:a1:d7:12:a4:4b:9a:32:88:
                    b2:4f:ba:a2:0b:de:de:cb:2c:6f:5b:37:92:53:aa:
                    1b:33:26:dd:ff:1c:cf:3c:96:60:18:51:ca:c5:89:
                    45:12:3e:6c:2c:2c:a1:25:19:4f:8f:fa:2e:e0:cd:
                    2e:93:88:82:77:f0:48:ec:c8:5e:92:43:48:3f:f9:
                    aa:5d:9c:5c:c3:17:c4:e9:4d:7b:fc:66:27:25:fc:
                    48:dc:e3:bd:65:ab:a2:4d:de:eb:40:bd:c9:56:98:
                    c8:f0:ec:9c:af:53:c5:7c:b9:e7:54:13:24:bb:1d:
                    eb:f4:c6:21:3a:e5:22:ca:44:e7:d4:b4:62:27:5e:
                    8b:f3:e6:50:e2:8b:df:7c:30:8e:9e:19:fe:2a:b0:
                    76:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:38:5B:B4:19:26:D4:DE:56:27:45:8B:9D:77:23:A1:A7:0B:D4:1A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94ef1c6b-8753-4f69-8afa-92274ff9cd80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.209.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1c:61:84:ff:95:ec:87:b5:b9:0b:e1:17:bb:b6:00:f1:67:a9:
         57:21:a6:84:d5:92:64:9a:e6:da:1d:55:26:ef:a4:92:74:40:
         dd:7f:4d:63:70:cf:d1:50:b6:39:05:09:c4:59:a8:60:d2:e3:
         df:35:fc:c1:dc:fc:6c:4e:c8:82:42:d4:82:47:23:61:81:e4:
         2b:41:94:52:21:06:49:ea:2e:d0:36:71:19:9f:5e:0e:7b:89:
         73:f3:b1:af:4b:d1:30:61:96:88:15:bb:e7:73:c5:67:e5:70:
         5d:d1:e6:7d:06:90:15:7c:2f:e3:2c:37:99:21:e7:dc:78:45:
         04:98:70:e9:91:4f:bb:6a:34:2d:2a:9b:00:18:c4:a6:9d:ec:
         ff:20:f0:b6:37:b2:40:de:28:f1:8e:6a:91:3e:ea:74:14:f8:
         be:4d:3e:9b:3f:63:9c:1c:b6:0b:73:48:4c:65:bf:2b:a5:b1:
         47:ad:3d:a0:e7:95:f5:c3:d1:b6:f0:a7:f7:47:d4:97:5e:a1:
         f9:15:da:ae:ae:1d:db:b6:54:21:9a:ce:7c:2e:2e:96:a7:6a:
         a0:1d:d6:17:e3:d8:13:5c:ba:34:14:41:52:e1:77:d8:94:df:
         29:84:37:60:c0:f9:49:7c:dd:b8:55:6e:ae:91:07:14:c3:e6:
         ef:5b:db:3c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULBFH5JDLnBIXh/3ieI5feHl/BiowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNDJkMjViNDRhZmJjZTMwMjBiMTg3NTczNWZhYjk2NzBh
OGFlNWVlYjYyNjI1NTYwZTc2NzQ3NTY3ZThiMTEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCye+A+5w6nJXkHm5bZN2Qjn4diz7FghExHrdbrtSZYg/Tw
2gLxdMzlLdOmbQd9dLEEFdfHXVN1barVvuqU9tZvditu6qCFeP2pOkC69rywkS3U
qqwvNKZZW3IAEMSSrPZtmRHp18I88Q9ZKdBV01qh1xKkS5oyiLJPuqIL3t7LLG9b
N5JTqhszJt3/HM88lmAYUcrFiUUSPmwsLKElGU+P+i7gzS6TiIJ38EjsyF6SQ0g/
+apdnFzDF8TpTXv8Zicl/Ejc471lq6JN3utAvclWmMjw7JyvU8V8uedUEyS7Hev0
xiE65SLKROfUtGInXovz5lDii998MI6eGf4qsHZpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUizhbtBkm1N5WJ0WLnXcjoacL1BowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0ZWYxYzZiLTg3NTMtNGY2OS04YWZhLTkyMjc0ZmY5Y2Q4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCg0TANBgkqhkiG9w0BAQsFAAOCAQEAHGGE/5Xsh7W5C+EXu7YA8WepVyGm
hNWSZJrm2h1VJu+kknRA3X9NY3DP0VC2OQUJxFmoYNLj3zX8wdz8bE7IgkLUgkcj
YYHkK0GUUiEGSeou0DZxGZ9eDnuJc/Oxr0vRMGGWiBW753PFZ+VwXdHmfQaQFXwv
4yw3mSHn3HhFBJhw6ZFPu2o0LSqbABjEpp3s/yDwtjeyQN4o8Y5qkT7qdBT4vk0+
mz9jnBy2C3NITGW/K6WxR609oOeV9cPRtvCn90fUl16h+RXarq4d27ZUIZrOfC4u
lqdqoB3WF+PYE1y6NBRBUuF32JTfKYQ3YMD5SXzduFVurpEHFMPm71vbPA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:58:23 2025 by rpki-client