Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b6dd9924-f0a7-4608-b3b1-00e59ba96d3b.roa
File:                     b6dd9924-f0a7-4608-b3b1-00e59ba96d3b.roa (raw, json)
Hash identifier:          4AL10vMagETgrtO0LtnyxlOdv8ZmFp8WpoShZ/uT/6k=
Subject key identifier:   F3:3A:7F:7A:C2:2B:CE:19:F6:97:D5:A1:12:E8:20:AA:02:EE:4E:5F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       37733DDBDF5CFADCAADBCFAA8473D71AADBDF3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b6dd9924-f0a7-4608-b3b1-00e59ba96d3b.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        143.135.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:73:3d:db:df:5c:fa:dc:aa:db:cf:aa:84:73:d7:1a:ad:bd:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=56267a4126d525b75d01fb6b676011bfe00f01959252519b780598dcee138362, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c0:e3:63:d8:e5:e6:13:5f:43:46:8c:ba:03:
                    1d:c6:58:bf:31:aa:86:e7:00:e4:c4:35:d5:88:c7:
                    bf:46:3c:f2:0e:97:7b:17:ee:06:0f:68:de:5e:61:
                    75:3a:e7:1b:35:c1:dd:4c:de:4f:ae:83:4f:dd:9c:
                    e5:28:6d:cc:3b:4c:0b:9c:d9:25:81:9a:e1:07:95:
                    a1:23:38:f1:31:8c:e1:da:f7:c4:4f:1d:5f:f0:b9:
                    5b:44:eb:05:df:53:c9:24:7d:66:79:21:8f:6a:1e:
                    41:52:18:21:0e:c0:ba:8e:85:c0:8a:3c:b4:0f:13:
                    3a:0f:86:cc:20:d4:77:4e:31:6c:60:d8:35:38:1b:
                    58:ed:b4:6f:03:d1:c0:c5:c3:0a:ba:7c:7c:b5:41:
                    cd:2a:2e:fb:a7:6b:59:4b:a1:7d:02:7a:e8:ed:a3:
                    6d:b7:58:e9:1d:52:9e:ca:70:6c:33:0d:e1:c3:ee:
                    e6:2c:45:c8:73:06:92:7c:6c:4c:4b:f7:36:22:88:
                    c5:62:a1:86:2c:47:f1:da:71:0d:24:1b:40:7e:e2:
                    16:56:80:d6:4d:88:0e:59:4e:ba:d6:f2:05:34:41:
                    8c:97:9a:c3:64:1e:5d:3a:c9:78:5b:56:46:83:ac:
                    d9:37:4b:ea:fa:d6:4f:87:ab:f9:16:e1:1b:be:6e:
                    d3:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:3A:7F:7A:C2:2B:CE:19:F6:97:D5:A1:12:E8:20:AA:02:EE:4E:5F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b6dd9924-f0a7-4608-b3b1-00e59ba96d3b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.135.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9f:e8:23:f0:17:6b:ff:89:7b:25:6d:f9:71:cf:6b:ae:99:f7:
         da:f1:27:d2:d9:2c:94:4a:41:80:4e:67:d3:1b:85:4b:f7:f5:
         23:69:0d:b2:2c:f8:5c:51:a1:07:8a:82:87:aa:39:7a:96:fd:
         d8:b5:84:0d:33:0a:ed:b6:a8:79:02:76:20:e0:0e:45:4d:9f:
         f4:d3:12:9c:f9:7b:cb:39:cc:a2:0a:d3:84:f4:f5:fc:d8:80:
         9e:3e:8d:74:e6:bb:e6:12:df:ef:ef:11:a4:51:3c:10:ef:24:
         77:37:b8:72:d5:5a:a3:94:75:5b:74:cb:94:d5:e5:12:d2:f9:
         73:71:08:3f:c8:35:c1:23:83:cc:15:c1:1e:15:b6:17:4f:47:
         83:96:1a:62:c9:5f:c6:7f:1e:d0:58:5d:f1:63:25:83:ab:5a:
         32:9a:99:0d:8b:46:8b:df:cb:82:f5:54:d9:1a:9d:ec:d0:55:
         bf:de:1c:e5:74:70:5f:01:7b:ab:9c:4f:ca:fb:9c:2b:7f:8f:
         9f:dd:67:95:3b:eb:9c:62:4c:4d:30:85:b7:cb:75:1a:d7:5e:
         e4:72:a9:d6:97:32:7f:de:d1:07:89:89:57:1b:2c:a4:cf:94:
         4f:04:27:2b:25:82:14:2c:bc:a1:22:7b:2f:71:e0:45:f2:7e:
         9d:20:c1:3b
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgITN3M9299c+tyq28+qhHPXGq298zANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNDEyMjQwMDAwMDBaFw0yNTAxMjgyMzU5NTla
MHoxSTBHBgNVBAUTQDU2MjY3YTQxMjZkNTI1Yjc1ZDAxZmI2YjY3NjAxMWJmZTAw
ZjAxOTU5MjUyNTE5Yjc4MDU5OGRjZWUxMzgzNjIxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfA42PY5eYTX0NGjLoDHcZYvzGqhucA5MQ11YjHv0Y88g6X
exfuBg9o3l5hdTrnGzXB3UzeT66DT92c5ShtzDtMC5zZJYGa4QeVoSM48TGM4dr3
xE8dX/C5W0TrBd9TySR9Znkhj2oeQVIYIQ7Auo6FwIo8tA8TOg+GzCDUd04xbGDY
NTgbWO20bwPRwMXDCrp8fLVBzSou+6drWUuhfQJ66O2jbbdY6R1SnspwbDMN4cPu
5ixFyHMGknxsTEv3NiKIxWKhhixH8dpxDSQbQH7iFlaA1k2IDllOutbyBTRBjJea
w2QeXTrJeFtWRoOs2TdL6vrWT4er+RbhG75u0z0CAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBTzOn96wivOGfaX1aES6CCqAu5OXzAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvYjZkZDk5MjQtZjBhNy00NjA4LWIzYjEtMDBlNTliYTk2ZDNiLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDAI+HMA0GCSqGSIb3DQEBCwUAA4IBAQCf6CPwF2v/iXslbflxz2uumffa8SfS
2SyUSkGATmfTG4VL9/UjaQ2yLPhcUaEHioKHqjl6lv3YtYQNMwrttqh5AnYg4A5F
TZ/00xKc+XvLOcyiCtOE9PX82ICePo105rvmEt/v7xGkUTwQ7yR3N7hy1VqjlHVb
dMuU1eUS0vlzcQg/yDXBI4PMFcEeFbYXT0eDlhpiyV/Gfx7QWF3xYyWDq1oympkN
i0aL38uC9VTZGp3s0FW/3hzldHBfAXurnE/K+5wrf4+f3WeVO+ucYkxNMIW3y3Ua
117kcqnWlzJ/3tEHiYlXGyykz5RPBCcrJYIULLyhInsvceBF8n6dIME7
-----END CERTIFICATE-----