Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9a8ef92-370f-4832-9f4b-0f1111d0bfe1.roa
File:                     b9a8ef92-370f-4832-9f4b-0f1111d0bfe1.roa (raw, json)
Hash identifier:          ht251Df8hf72PmeYF4Pb6AYLrdiRjEPBt4VT75gNq0c=
Subject key identifier:   9F:0F:03:AD:2D:BF:08:FC:32:67:FB:17:BC:1C:75:BD:E9:5E:AA:53
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0D9C064A10FC73BF305563804280026F366DE4A8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9a8ef92-370f-4832-9f4b-0f1111d0bfe1.roa
Signing time:             Tue 17 Dec 2024 00:00:00 +0000
ROA not before:           Tue 17 Dec 2024 00:00:00 +0000
ROA not after:            Tue 21 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f1f:4000::/36 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:9c:06:4a:10:fc:73:bf:30:55:63:80:42:80:02:6f:36:6d:e4:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 17 00:00:00 2024 GMT
            Not After : Jan 21 23:59:59 2025 GMT
        Subject: serialNumber=07f34691a030808caa9e6759c29993939fa4743e265941d01373096cafb4b364, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:8f:87:be:f2:90:4b:c8:62:6a:59:8d:ed:58:
                    eb:4e:f6:a1:ae:7a:91:08:50:31:45:9d:ab:ea:40:
                    d2:ea:d5:1d:70:c6:02:50:58:1e:2e:0c:44:fd:45:
                    e9:b7:71:95:bc:2b:0d:df:cc:f0:6e:4d:46:de:f8:
                    83:a2:20:e0:86:53:bd:b5:02:db:f9:8e:9f:da:7f:
                    9e:c7:36:11:81:5b:8f:70:f3:57:6b:6f:da:b3:bf:
                    ae:e5:32:fd:a5:7c:c6:29:26:14:14:b6:a8:6b:26:
                    28:43:59:15:d0:c7:6e:c6:65:76:86:fe:d5:f7:09:
                    27:d7:81:89:d8:5f:14:09:71:0d:ab:0c:08:76:9d:
                    76:b9:aa:01:da:73:e8:0b:42:fe:97:bd:4e:0a:59:
                    ce:c5:af:c0:e4:23:66:a7:e0:4c:c5:c2:f3:79:35:
                    dd:f3:1d:ed:ac:54:c2:bd:7c:4e:c3:df:9f:8c:5f:
                    21:94:c0:12:f2:b5:38:ae:89:29:5b:41:15:46:1c:
                    db:2d:a5:b7:ae:f9:fa:ce:ff:28:9c:ea:6f:19:68:
                    cb:29:d6:2f:a3:d0:2c:77:04:18:59:06:bb:3d:4a:
                    1d:8b:fe:3d:22:68:be:76:87:07:2f:70:8c:bf:03:
                    44:e8:fd:b0:91:4a:6e:de:ed:5e:23:97:18:99:60:
                    b4:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:0F:03:AD:2D:BF:08:FC:32:67:FB:17:BC:1C:75:BD:E9:5E:AA:53
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9a8ef92-370f-4832-9f4b-0f1111d0bfe1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1f:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         6d:ac:38:0f:da:7a:62:7e:ca:0a:04:7b:5a:7e:ad:ee:93:37:
         ea:d2:b9:e0:8d:3f:7b:3a:46:6c:c3:02:18:01:4a:00:15:2a:
         bf:0a:1d:01:c6:bb:a0:ed:61:91:36:11:cb:d2:b9:f6:f8:8e:
         a0:61:5b:99:c9:47:76:dd:db:64:95:31:0e:9d:89:17:70:41:
         65:5b:7a:16:89:6a:47:7f:b0:c7:7c:0c:ff:16:f2:68:e8:e3:
         b1:c3:0c:c4:36:fa:eb:9e:8e:bf:44:fb:4c:01:86:ff:31:54:
         f9:b5:0a:f5:e0:b3:34:df:57:90:1e:0d:93:fd:52:d8:80:85:
         e1:5f:a1:71:5d:0c:f0:4f:a0:b6:5c:c6:ca:31:6c:87:a8:4d:
         d4:c9:cc:de:f9:63:0c:7e:bb:46:29:f1:6c:99:67:73:82:dd:
         c7:0a:9c:7b:de:48:12:29:ea:7b:3f:6f:95:3d:11:16:cf:86:
         01:bb:17:05:fb:7c:54:52:3e:21:5b:e1:e3:ba:1e:c1:b7:19:
         97:a2:68:84:f4:6f:77:3c:62:64:f7:18:e7:ec:76:c0:7d:5c:
         d0:88:fb:5d:20:a6:fe:cd:80:90:05:40:8c:25:42:ee:2a:b5:
         44:e3:fe:6b:8b:88:22:8a:b0:5f:97:37:31:3d:77:e0:44:d2:
         78:cd:50:3b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUDZwGShD8c78wVWOAQoACbzZt5KgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjE3MDAwMDAwWhcNMjUwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwN2YzNDY5MWEwMzA4MDhjYWE5ZTY3NTljMjk5OTM5Mzlm
YTQ3NDNlMjY1OTQxZDAxMzczMDk2Y2FmYjRiMzY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2j4e+8pBLyGJqWY3tWOtO9qGuepEIUDFFnavqQNLq1R1w
xgJQWB4uDET9Rem3cZW8Kw3fzPBuTUbe+IOiIOCGU721Atv5jp/af57HNhGBW49w
81drb9qzv67lMv2lfMYpJhQUtqhrJihDWRXQx27GZXaG/tX3CSfXgYnYXxQJcQ2r
DAh2nXa5qgHac+gLQv6XvU4KWc7Fr8DkI2an4EzFwvN5Nd3zHe2sVMK9fE7D35+M
XyGUwBLytTiuiSlbQRVGHNstpbeu+frO/yic6m8ZaMsp1i+j0Cx3BBhZBrs9Sh2L
/j0iaL52hwcvcIy/A0To/bCRSm7e7V4jlxiZYLQVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUnw8DrS2/CPwyZ/sXvBx1veleqlMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I5YThlZjkyLTM3MGYtNDgzMi05ZjRiLTBmMTExMWQwYmZlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8fQDANBgkqhkiG9w0BAQsFAAOCAQEAbaw4D9p6Yn7KCgR7Wn6t7pM3
6tK54I0/ezpGbMMCGAFKABUqvwodAca7oO1hkTYRy9K59viOoGFbmclHdt3bZJUx
Dp2JF3BBZVt6FolqR3+wx3wM/xbyaOjjscMMxDb6656Ov0T7TAGG/zFU+bUK9eCz
NN9XkB4Nk/1S2ICF4V+hcV0M8E+gtlzGyjFsh6hN1MnM3vljDH67RinxbJlnc4Ld
xwqce95IEinqez9vlT0RFs+GAbsXBft8VFI+IVvh47oewbcZl6JohPRvdzxiZPcY
5+x2wH1c0Ij7XSCm/s2AkAVAjCVC7iq1ROP+a4uIIoqwX5c3MT134ETSeM1QOw==
-----END CERTIFICATE-----