Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5bfd9fe-e444-4386-9d55-ddffb565b851.roa
File:                     d5bfd9fe-e444-4386-9d55-ddffb565b851.roa (raw, json)
Hash identifier:          OsfBUafTriZ85i/21eceA4otOtzhlm46Mh6oq/f21jA=
Subject key identifier:   8A:50:98:12:2E:1C:D8:57:BC:67:83:F6:FB:63:A7:DA:FA:51:DC:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       07064E6FF6C3923DD6C1D0E1B0A39538B56F760D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5bfd9fe-e444-4386-9d55-ddffb565b851.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.176.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:06:4e:6f:f6:c3:92:3d:d6:c1:d0:e1:b0:a3:95:38:b5:6f:76:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=1b507967d043146a0d41133ea6f7febe15d5a8dd9e9b5cf6ee278040af475640, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:86:2a:0d:74:61:dc:ca:85:9e:e2:fe:de:f7:
                    a0:a2:2f:65:0c:8b:17:c2:dd:fe:2e:a2:13:89:94:
                    80:5e:8a:f8:84:92:cd:fd:85:19:d9:16:95:08:12:
                    1d:2b:cc:c3:70:c2:3b:f1:d7:20:54:f9:5f:4f:04:
                    5b:63:09:4e:72:4a:28:44:b0:c2:4f:53:db:aa:e0:
                    bc:ee:a6:1e:55:25:4a:1a:c1:d5:3f:b5:37:32:6f:
                    ea:43:49:eb:03:b3:d3:7f:78:64:32:5d:52:7a:fb:
                    ca:31:8a:f3:94:ed:99:6b:c7:b8:85:f8:4f:84:34:
                    04:a5:e2:26:43:12:40:ab:3f:f2:d3:ed:62:a7:96:
                    14:57:5e:5f:5f:5d:95:e5:ac:47:08:ae:71:ff:76:
                    67:91:0c:94:25:d5:ef:4c:18:99:d1:28:84:f5:02:
                    a0:a6:3c:0d:d0:86:14:44:42:2c:c8:22:60:19:bd:
                    a7:48:1e:62:b9:b9:d5:0c:87:d8:c0:e8:50:0d:78:
                    97:3e:71:b7:e0:4b:23:bb:a7:fd:df:3f:35:70:7d:
                    8c:5a:28:e8:50:79:f7:8c:9d:62:b8:ce:71:49:bc:
                    ad:84:38:aa:3f:4f:8d:1e:88:28:9a:8f:17:c4:9c:
                    5c:b0:8b:ed:07:45:b2:28:b7:33:e9:06:3b:75:1f:
                    3f:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:50:98:12:2E:1C:D8:57:BC:67:83:F6:FB:63:A7:DA:FA:51:DC:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5bfd9fe-e444-4386-9d55-ddffb565b851.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.176.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         52:23:2c:c2:85:9b:46:6f:de:14:ee:85:ea:6f:ac:1b:47:76:
         9e:a5:77:96:2e:96:7c:f2:2e:cc:3f:b8:2a:f2:59:d2:fd:29:
         77:b9:86:85:9a:f9:55:f4:0c:c5:2a:67:43:01:8e:94:60:13:
         62:eb:a1:14:46:65:60:7a:22:d4:e2:cd:46:04:2d:2c:00:ad:
         22:04:e0:1b:62:a1:51:ce:4c:b5:f1:c0:0e:71:c9:24:0c:61:
         8b:f0:02:34:f1:a1:8a:bc:96:e9:9c:d7:7d:8e:ef:84:96:d2:
         cc:99:50:06:01:d1:c5:4e:3f:06:04:bd:f1:a2:99:0e:81:6c:
         6e:0b:8b:1a:d2:b7:15:4e:5e:8f:3d:66:a1:a1:12:9e:74:dc:
         42:c8:0c:ec:44:66:66:d8:1b:fa:98:72:39:5a:8f:1f:d5:db:
         0b:91:03:01:5c:08:a9:c8:6d:01:b8:59:93:64:47:70:93:68:
         a5:5e:4f:14:23:c7:5a:bd:ef:e6:12:64:03:79:76:0e:f5:c7:
         70:8f:d7:08:a4:2b:de:7e:d2:8a:65:f2:97:43:d3:7e:f6:8f:
         6b:da:aa:93:44:3a:79:c8:39:8c:54:14:b3:dd:53:70:60:67:
         e1:a1:3d:43:df:e4:f5:55:ae:67:81:79:b5:9e:38:6a:2b:4b:
         a8:ec:ed:b8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBwZOb/bDkj3WwdDhsKOVOLVvdg0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjUwNzk2N2QwNDMxNDZhMGQ0MTEzM2VhNmY3ZmViZTE1
ZDVhOGRkOWU5YjVjZjZlZTI3ODA0MGFmNDc1NjQwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvhioNdGHcyoWe4v7e96CiL2UMixfC3f4uohOJlIBeiviE
ks39hRnZFpUIEh0rzMNwwjvx1yBU+V9PBFtjCU5ySihEsMJPU9uq4Lzuph5VJUoa
wdU/tTcyb+pDSesDs9N/eGQyXVJ6+8oxivOU7Zlrx7iF+E+ENASl4iZDEkCrP/LT
7WKnlhRXXl9fXZXlrEcIrnH/dmeRDJQl1e9MGJnRKIT1AqCmPA3QhhREQizIImAZ
vadIHmK5udUMh9jA6FANeJc+cbfgSyO7p/3fPzVwfYxaKOhQefeMnWK4znFJvK2E
OKo/T40eiCiajxfEnFywi+0HRbIotzPpBjt1Hz+HAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUilCYEi4c2Fe8Z4P2+2On2vpR3C0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1YmZkOWZlLWU0NDQtNDM4Ni05ZDU1LWRkZmZiNTY1Yjg1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4sDANBgkqhkiG9w0BAQsFAAOCAQEAUiMswoWbRm/eFO6F6m+sG0d2nqV3
li6WfPIuzD+4KvJZ0v0pd7mGhZr5VfQMxSpnQwGOlGATYuuhFEZlYHoi1OLNRgQt
LACtIgTgG2KhUc5MtfHADnHJJAxhi/ACNPGhiryW6ZzXfY7vhJbSzJlQBgHRxU4/
BgS98aKZDoFsbguLGtK3FU5ejz1moaESnnTcQsgM7ERmZtgb+phyOVqPH9XbC5ED
AVwIqchtAbhZk2RHcJNopV5PFCPHWr3v5hJkA3l2DvXHcI/XCKQr3n7SimXyl0PT
fvaPa9qqk0Q6ecg5jFQUs91TcGBn4aE9Q9/k9VWuZ4F5tZ44aitLqOztuA==
-----END CERTIFICATE-----