Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bdcf269d-d387-404f-84a3-a8fdb2d5a919.roa
File:                     bdcf269d-d387-404f-84a3-a8fdb2d5a919.roa (raw, json)
Hash identifier:          q2e30LWKSmao7FojM9LV9o+4Pa6L5aF6b3O9mJK23D8=
Subject key identifier:   FA:DF:81:2D:3E:46:6F:B6:71:C4:2D:51:55:66:D1:3D:8E:32:ED:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3832D55E89D1FA6C9F52ABE53125BFF42307F9F9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bdcf269d-d387-404f-84a3-a8fdb2d5a919.roa
Signing time:             Tue 31 Dec 2024 00:00:00 +0000
ROA not before:           Tue 31 Dec 2024 00:00:00 +0000
ROA not after:            Tue 04 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        162.61.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:32:d5:5e:89:d1:fa:6c:9f:52:ab:e5:31:25:bf:f4:23:07:f9:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 31 00:00:00 2024 GMT
            Not After : Feb  4 23:59:59 2025 GMT
        Subject: serialNumber=d2476868c9b47cbb7e920873ea623e2f4667c3fc71dc012a34e39077330d9af8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:17:e0:75:b1:07:e7:3d:34:cd:40:4c:32:4f:
                    25:ab:47:5d:fd:47:84:83:b7:5f:23:c3:e1:ca:8a:
                    14:f2:8b:ee:1e:d3:46:86:07:aa:bb:5b:14:3b:68:
                    88:0c:72:48:10:a4:cc:c4:48:e4:7b:dc:a8:52:62:
                    df:bd:46:8d:1c:01:63:2b:2b:a7:70:4b:4c:c0:e1:
                    e1:11:01:cf:76:46:47:8a:be:9a:07:50:5a:65:a6:
                    04:8b:db:cd:e8:f8:8a:c1:39:91:f2:d6:47:29:f3:
                    24:e5:59:4e:47:e6:88:9d:16:07:b4:38:a9:70:66:
                    a4:c8:7d:23:f8:d5:8a:3e:11:93:ae:cf:d0:e3:d4:
                    92:d0:f9:6a:4f:53:a2:7c:fd:23:24:a6:42:58:87:
                    76:68:ef:18:b6:dc:2f:94:c0:9b:bc:1a:62:f3:68:
                    f6:04:40:e1:83:9a:87:bc:1e:be:d9:ef:ab:d5:09:
                    2a:b7:80:01:b7:41:ac:cb:fe:37:db:67:fa:f9:9b:
                    f9:b2:ef:94:16:48:52:5f:42:e7:de:7b:28:81:db:
                    87:09:4c:09:4e:74:61:dc:a4:8e:78:9d:0e:c2:10:
                    57:27:c4:ba:ff:0e:bb:a5:c1:fb:2d:36:73:cf:f6:
                    21:c7:ee:87:7c:52:f6:58:8a:44:54:0f:c7:a3:e1:
                    96:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:DF:81:2D:3E:46:6F:B6:71:C4:2D:51:55:66:D1:3D:8E:32:ED:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bdcf269d-d387-404f-84a3-a8fdb2d5a919.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.61.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ab:c4:06:bf:b0:04:12:52:cc:7d:80:38:d7:4a:c4:74:0e:55:
         1f:5f:e4:64:9d:03:52:a9:6c:b4:53:9b:a0:b2:89:d7:67:74:
         e1:80:57:a3:2f:a6:0b:38:83:b2:03:69:ed:e7:f5:3b:2b:c7:
         e3:5e:b4:69:15:74:fe:da:62:aa:e7:6b:d1:48:09:9b:27:44:
         c8:7b:fe:73:47:ee:bf:2c:a0:b9:89:b7:b7:58:87:d6:74:74:
         70:a2:37:38:bf:45:64:3a:f2:99:18:30:3b:d8:86:3d:d2:e5:
         13:83:a6:46:74:86:f6:91:ac:aa:fd:51:8d:5f:03:c3:f7:bf:
         86:cf:f7:8f:f1:d0:b4:c6:13:13:89:12:31:58:11:b3:82:d6:
         fa:07:c1:b0:37:b6:60:6d:91:5c:88:23:3b:1a:d6:82:f0:99:
         7c:86:44:1d:83:f9:ca:ac:ec:1e:a0:04:ae:00:8e:74:72:d5:
         64:8f:67:df:20:62:26:d9:9b:97:61:27:ed:1a:a8:2e:da:f3:
         e3:66:d8:0e:e7:e1:30:09:0f:67:f4:4d:05:53:11:86:2e:1d:
         a7:9c:3f:4e:89:22:39:bb:d9:ca:ac:ae:b3:ca:cf:cd:e5:2f:
         d1:50:bd:29:93:dc:98:02:08:48:f0:d4:ba:af:b5:a5:2e:0f:
         ab:30:ef:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUODLVXonR+myfUqvlMSW/9CMH+fkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMxMDAwMDAwWhcNMjUwMjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMjQ3Njg2OGM5YjQ3Y2JiN2U5MjA4NzNlYTYyM2UyZjQ2
NjdjM2ZjNzFkYzAxMmEzNGUzOTA3NzMzMGQ5YWY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4F+B1sQfnPTTNQEwyTyWrR139R4SDt18jw+HKihTyi+4e
00aGB6q7WxQ7aIgMckgQpMzESOR73KhSYt+9Ro0cAWMrK6dwS0zA4eERAc92RkeK
vpoHUFplpgSL283o+IrBOZHy1kcp8yTlWU5H5oidFge0OKlwZqTIfSP41Yo+EZOu
z9Dj1JLQ+WpPU6J8/SMkpkJYh3Zo7xi23C+UwJu8GmLzaPYEQOGDmoe8Hr7Z76vV
CSq3gAG3QazL/jfbZ/r5m/my75QWSFJfQufeeyiB24cJTAlOdGHcpI54nQ7CEFcn
xLr/DrulwfstNnPP9iHH7od8UvZYikRUD8ej4ZadAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+t+BLT5Gb7ZxxC1RVWbRPY4y7fwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JkY2YyNjlkLWQzODctNDA0Zi04NGEzLWE4ZmRiMmQ1YTkxOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCiPTANBgkqhkiG9w0BAQsFAAOCAQEAq8QGv7AEElLMfYA410rEdA5VH1/k
ZJ0DUqlstFOboLKJ12d04YBXoy+mCziDsgNp7ef1OyvH4160aRV0/tpiqudr0UgJ
mydEyHv+c0fuvyyguYm3t1iH1nR0cKI3OL9FZDrymRgwO9iGPdLlE4OmRnSG9pGs
qv1RjV8Dw/e/hs/3j/HQtMYTE4kSMVgRs4LW+gfBsDe2YG2RXIgjOxrWgvCZfIZE
HYP5yqzsHqAErgCOdHLVZI9n3yBiJtmbl2En7RqoLtrz42bYDufhMAkPZ/RNBVMR
hi4dp5w/TokiObvZyqyus8rPzeUv0VC9KZPcmAIISPDUuq+1pS4PqzDvHg==
-----END CERTIFICATE-----