Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8e5ac5f-913d-4b1d-8bff-5820514d5b32.roa
File:                     c8e5ac5f-913d-4b1d-8bff-5820514d5b32.roa (raw, json)
Hash identifier:          oiRPEzc5pQNzsrMRpVE8ylPdXl2+hjOXsikjoshj6Fg=
Subject key identifier:   04:CC:AB:75:7A:6F:49:2D:26:4C:3E:6A:A3:7B:C2:D0:E4:A1:C6:C8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7E8364AC3686A0567C907D190DF12A61090BF69B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8e5ac5f-913d-4b1d-8bff-5820514d5b32.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        216.240.128.0/19 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:83:64:ac:36:86:a0:56:7c:90:7d:19:0d:f1:2a:61:09:0b:f6:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=b15da5fa716e3c207d2714e3ca51b7b9debcfd8fcc8df3a66ba6c37ab61e02a2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:6b:16:ac:dc:70:2d:f9:ce:f1:17:b2:87:2f:
                    d0:ba:0b:87:ad:e8:8c:7a:8d:8a:f7:27:24:06:ef:
                    0b:36:da:fb:4d:1e:ff:a3:ca:6f:27:01:07:52:9c:
                    02:70:7c:12:52:5c:92:40:7c:59:9f:f9:c1:c1:cb:
                    3f:ea:88:14:0d:f8:c4:a8:6d:28:e5:eb:6d:58:e4:
                    d8:f6:42:4f:8b:d4:fe:3c:e1:12:86:29:88:50:16:
                    a8:d4:24:91:4e:cb:1c:f7:8a:32:fc:31:9b:40:c1:
                    16:90:92:89:74:90:95:05:83:46:f7:8e:db:93:a6:
                    32:f8:0e:08:01:13:4f:a1:0a:98:d2:a9:e2:cd:0f:
                    8e:72:b1:e4:d4:6c:1a:2d:da:c4:14:20:e7:96:14:
                    39:91:3e:fe:ba:85:56:72:53:a6:36:a2:41:e5:ee:
                    ec:f3:ac:f8:af:9d:86:2c:08:e0:2f:54:99:74:48:
                    9c:3c:3e:ae:57:6e:ee:9c:ee:73:33:da:a7:6e:62:
                    61:3a:54:38:20:45:f7:a2:b8:bd:d1:d6:f3:32:68:
                    22:54:d6:91:86:24:42:fc:67:0c:a1:0b:6f:34:76:
                    e9:8f:85:9f:9d:48:59:34:a6:19:11:14:d7:99:df:
                    c7:51:e9:5a:d0:56:d7:7d:44:7a:9a:47:6f:74:9d:
                    d3:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:CC:AB:75:7A:6F:49:2D:26:4C:3E:6A:A3:7B:C2:D0:E4:A1:C6:C8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8e5ac5f-913d-4b1d-8bff-5820514d5b32.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.240.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         7b:69:71:26:57:a5:b9:34:6a:45:b2:42:e0:0d:63:21:7a:3e:
         d7:90:95:1d:b8:18:10:16:5b:28:02:66:1e:3e:6a:08:6f:bf:
         ef:59:9a:23:23:ef:ce:c9:ee:ba:a3:25:28:93:71:2a:c8:e6:
         27:5f:43:39:4f:eb:ca:45:15:d2:6b:9c:cf:43:91:0f:ab:91:
         72:45:92:69:94:a8:1b:18:c5:de:56:78:9b:16:2d:80:bc:eb:
         41:3f:77:6a:c0:8c:05:69:f9:f4:8c:d2:e6:9a:84:bf:ac:9a:
         db:3d:41:19:f6:b4:65:52:50:18:8c:85:48:92:7d:f9:f3:31:
         63:7c:af:fd:62:be:94:90:d2:d1:d1:80:fa:84:a8:4c:ea:11:
         1d:09:9c:8e:96:0f:42:74:bd:73:d4:dd:a4:ac:bf:2e:31:e7:
         d6:40:75:53:74:26:1f:50:d4:92:04:b1:23:32:41:07:7e:1b:
         03:89:24:88:aa:7d:3e:b0:50:54:63:8e:7e:30:4d:40:6e:c3:
         6c:09:02:c7:dc:12:09:2e:12:6b:94:e3:e6:df:2a:95:85:93:
         7a:cb:7c:12:ff:f7:1d:d3:fc:d5:9d:d2:d9:fb:8f:7e:88:a6:
         cf:85:75:74:d3:3f:0c:2b:ac:fa:9f:1b:db:d1:81:07:11:26:
         37:e7:e7:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfoNkrDaGoFZ8kH0ZDfEqYQkL9pswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMTVkYTVmYTcxNmUzYzIwN2QyNzE0ZTNjYTUxYjdiOWRl
YmNmZDhmY2M4ZGYzYTY2YmE2YzM3YWI2MWUwMmEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+axas3HAt+c7xF7KHL9C6C4et6Ix6jYr3JyQG7ws22vtN
Hv+jym8nAQdSnAJwfBJSXJJAfFmf+cHByz/qiBQN+MSobSjl621Y5Nj2Qk+L1P48
4RKGKYhQFqjUJJFOyxz3ijL8MZtAwRaQkol0kJUFg0b3jtuTpjL4DggBE0+hCpjS
qeLND45yseTUbBot2sQUIOeWFDmRPv66hVZyU6Y2okHl7uzzrPivnYYsCOAvVJl0
SJw8Pq5Xbu6c7nMz2qduYmE6VDggRfeiuL3R1vMyaCJU1pGGJEL8ZwyhC280dumP
hZ+dSFk0phkRFNeZ38dR6VrQVtd9RHqaR290ndOvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBMyrdXpvSS0mTD5qo3vC0OShxsgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4ZTVhYzVmLTkxM2QtNGIxZC04YmZmLTU4MjA1MTRkNWIzMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXY8IAwDQYJKoZIhvcNAQELBQADggEBAHtpcSZXpbk0akWyQuANYyF6PteQ
lR24GBAWWygCZh4+aghvv+9ZmiMj787J7rqjJSiTcSrI5idfQzlP68pFFdJrnM9D
kQ+rkXJFkmmUqBsYxd5WeJsWLYC860E/d2rAjAVp+fSM0uaahL+smts9QRn2tGVS
UBiMhUiSffnzMWN8r/1ivpSQ0tHRgPqEqEzqER0JnI6WD0J0vXPU3aSsvy4x59ZA
dVN0Jh9Q1JIEsSMyQQd+GwOJJIiqfT6wUFRjjn4wTUBuw2wJAsfcEgkuEmuU4+bf
KpWFk3rLfBL/9x3T/NWd0tn7j36Ips+FdXTTPwwrrPqfG9vRgQcRJjfn55w=
-----END CERTIFICATE-----