Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b62dd467-aa74-4cbe-9a52-75cac6a64b07.roa
File:                     b62dd467-aa74-4cbe-9a52-75cac6a64b07.roa (raw, json)
Hash identifier:          JugTlwiIh1qV5EeRySx0sixR7lWafMbmX7/ofFsXizg=
Subject key identifier:   7F:E8:67:70:71:AB:63:7D:C5:80:AE:6B:9C:E7:17:BF:B4:20:E8:6C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       19F89037E0B5C1FFDA7493EFB2AFF7B63393506B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b62dd467-aa74-4cbe-9a52-75cac6a64b07.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        16.155.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:f8:90:37:e0:b5:c1:ff:da:74:93:ef:b2:af:f7:b6:33:93:50:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=5c4f138fb372dc657ff3b583e866cb724d132f8ac4f9874979395ae1008c7c39, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:40:1e:a0:85:7a:6e:28:d7:d6:f5:9f:2d:82:
                    db:86:d5:7f:a5:47:8e:41:92:2b:05:85:99:9c:24:
                    95:1d:d1:44:79:1d:77:f7:95:0c:ba:fe:89:18:9f:
                    9e:d6:a1:74:58:09:70:fd:d1:9d:b5:aa:c8:47:7b:
                    87:f5:15:77:ee:ce:50:f1:2e:8d:d4:1f:f5:2c:7a:
                    ef:85:37:29:79:db:ea:f1:b0:97:94:56:99:5f:e0:
                    95:87:86:c4:ea:d7:6f:33:1c:35:e6:40:1b:06:b4:
                    0a:ae:88:e7:8d:37:8f:2d:db:48:a9:0f:d3:31:fe:
                    c3:b6:5b:1e:05:dc:29:06:47:66:b4:82:81:d4:2e:
                    25:79:63:45:23:89:a1:5e:e8:6e:ff:ed:6e:7f:b6:
                    f1:29:ba:8c:b9:1f:6f:72:39:a2:cb:5a:73:a1:f3:
                    d3:6d:c8:73:a1:a4:6e:71:d8:86:8a:28:da:95:b0:
                    39:a6:c7:95:bb:1b:e1:9c:69:b3:36:5f:2d:c4:62:
                    86:a6:d9:de:30:97:2d:e7:18:dd:58:cc:6d:20:8d:
                    0a:47:9a:c8:8c:bc:57:ac:45:75:f9:8a:42:20:a7:
                    48:47:4c:25:d1:6b:0e:68:56:36:5e:61:27:95:99:
                    06:fe:13:a9:ef:78:f2:d7:87:c0:43:1f:e9:50:e0:
                    d8:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:E8:67:70:71:AB:63:7D:C5:80:AE:6B:9C:E7:17:BF:B4:20:E8:6C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b62dd467-aa74-4cbe-9a52-75cac6a64b07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.155.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         20:70:e7:e4:5f:0f:0d:e8:9f:2e:40:6a:02:b9:fe:90:4b:ab:
         f2:e8:2a:4a:5d:64:7a:34:54:6e:f0:8d:31:dd:ef:23:bd:33:
         6f:a8:61:50:1e:3a:8d:ee:40:13:c8:dc:d3:6e:89:ed:97:0f:
         30:df:8a:dc:ad:c1:d2:e0:5a:55:93:f9:c2:d1:35:b3:88:e1:
         4f:2d:fb:e8:ea:a9:e8:d2:a1:56:3d:d8:9d:52:cd:ec:8c:19:
         2c:23:16:d9:50:bd:5d:9c:36:67:d6:f3:17:7b:3b:e0:2f:2a:
         64:98:6f:f6:11:d4:d8:bb:5d:2d:82:02:e5:cd:68:bf:ba:a9:
         5f:ed:aa:70:d0:2b:cd:62:72:84:b4:df:04:66:a0:e6:05:97:
         e7:e0:39:46:31:5f:be:a9:8c:41:a3:bf:1a:31:29:dd:a2:72:
         3f:f5:17:5f:74:1f:e5:e0:4a:80:bd:89:f4:30:01:b3:d8:ad:
         7e:15:72:4a:13:98:45:1f:db:27:4a:55:7f:9b:16:c6:4b:e6:
         69:b7:fc:1c:eb:9e:cb:e0:42:ab:93:15:0b:b3:95:89:73:d7:
         79:94:03:7b:56:d6:3a:b3:55:ab:f4:e5:fa:66:e7:14:81:0f:
         a2:cb:d1:de:cc:d2:90:5c:52:76:cb:19:b6:26:a7:a6:be:b9:
         ba:68:4a:07
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGfiQN+C1wf/adJPvsq/3tjOTUGswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YzRmMTM4ZmIzNzJkYzY1N2ZmM2I1ODNlODY2Y2I3MjRk
MTMyZjhhYzRmOTg3NDk3OTM5NWFlMTAwOGM3YzM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDnQB6ghXpuKNfW9Z8tgtuG1X+lR45BkisFhZmcJJUd0UR5
HXf3lQy6/okYn57WoXRYCXD90Z21qshHe4f1FXfuzlDxLo3UH/Useu+FNyl52+rx
sJeUVplf4JWHhsTq128zHDXmQBsGtAquiOeNN48t20ipD9Mx/sO2Wx4F3CkGR2a0
goHULiV5Y0UjiaFe6G7/7W5/tvEpuoy5H29yOaLLWnOh89NtyHOhpG5x2IaKKNqV
sDmmx5W7G+GcabM2Xy3EYoam2d4wly3nGN1YzG0gjQpHmsiMvFesRXX5ikIgp0hH
TCXRaw5oVjZeYSeVmQb+E6nvePLXh8BDH+lQ4NibAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUf+hncHGrY33FgK5rnOcXv7Qg6GwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I2MmRkNDY3LWFhNzQtNGNiZS05YTUyLTc1Y2FjNmE2NGIwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQmzANBgkqhkiG9w0BAQsFAAOCAQEAIHDn5F8PDeifLkBqArn+kEur8ugq
Sl1kejRUbvCNMd3vI70zb6hhUB46je5AE8jc026J7ZcPMN+K3K3B0uBaVZP5wtE1
s4jhTy376Oqp6NKhVj3YnVLN7IwZLCMW2VC9XZw2Z9bzF3s74C8qZJhv9hHU2Ltd
LYIC5c1ov7qpX+2qcNArzWJyhLTfBGag5gWX5+A5RjFfvqmMQaO/GjEp3aJyP/UX
X3Qf5eBKgL2J9DABs9itfhVyShOYRR/bJ0pVf5sWxkvmabf8HOuey+BCq5MVC7OV
iXPXeZQDe1bWOrNVq/Tl+mbnFIEPosvR3szSkFxSdssZtianpr65umhKBw==
-----END CERTIFICATE-----