Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d83792ea-71f8-466f-b54d-d92ec2735649.roa
File:                     d83792ea-71f8-466f-b54d-d92ec2735649.roa (raw, json)
Hash identifier:          xlb0FExmuPpdNurRawKTcbuLcdR6lk2/3MEK84Q6JHc=
Subject key identifier:   4D:07:4B:91:58:B3:07:88:9C:18:6E:A7:19:CF:4F:E0:61:86:5E:B4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4467D875DCE5C10A489DB7AE6B20B79D6DE8E11E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d83792ea-71f8-466f-b54d-d92ec2735649.roa
Signing time:             Wed 25 Dec 2024 00:00:00 +0000
ROA not before:           Wed 25 Dec 2024 00:00:00 +0000
ROA not after:            Wed 29 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        130.31.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:67:d8:75:dc:e5:c1:0a:48:9d:b7:ae:6b:20:b7:9d:6d:e8:e1:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 25 00:00:00 2024 GMT
            Not After : Jan 29 23:59:59 2025 GMT
        Subject: serialNumber=f44ae361b2484ca3871ecc2a9dde8fd7ea0cd1878d8bd2f2de9aca335e8b90ac, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:50:5c:7b:cf:8c:c8:95:74:fe:16:33:f5:52:
                    62:94:28:c3:3d:b1:a4:af:d2:df:ef:8f:b3:ee:84:
                    3e:2f:57:71:f4:6e:50:47:18:32:62:92:24:f3:a4:
                    8c:4f:f0:f2:9c:dd:d6:85:05:24:89:32:10:f5:16:
                    45:c0:bf:17:0a:7c:12:44:39:ae:5f:c4:09:e3:09:
                    b4:48:e6:2b:98:a9:c8:5d:60:eb:66:a4:74:81:a4:
                    b5:a0:11:f8:25:ec:7c:57:13:88:4e:3c:c0:bf:f5:
                    50:07:e6:55:73:db:00:e0:97:5b:3c:b9:4b:b5:bc:
                    ec:cc:c7:9d:50:0a:b4:cb:c3:3e:f4:40:00:d2:4e:
                    c0:30:f9:35:b2:5a:9a:ba:9c:a8:fc:20:a0:17:b8:
                    31:0d:f7:0f:a9:e1:29:6f:9c:1b:07:2b:98:b7:77:
                    64:84:8b:cc:00:b9:70:a0:33:8d:13:42:bb:bb:ad:
                    da:f1:f5:5d:38:3a:09:c3:0e:47:ec:55:c5:11:30:
                    ce:1c:4e:a7:7e:a1:7e:7c:2e:10:90:d6:5f:75:87:
                    f5:22:cd:24:d4:9f:26:ab:49:fe:c9:2d:7e:f5:ee:
                    c0:c6:a2:d2:b5:1b:66:95:4b:77:d9:29:16:2d:d3:
                    b7:69:fd:c9:c7:39:78:ff:4e:fc:10:26:e5:d8:94:
                    d9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:07:4B:91:58:B3:07:88:9C:18:6E:A7:19:CF:4F:E0:61:86:5E:B4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d83792ea-71f8-466f-b54d-d92ec2735649.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.31.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0f:be:6c:5a:bb:9c:a6:39:6e:bc:6f:86:e2:b2:a1:fb:fc:44:
         4a:cf:ed:10:9e:17:62:a8:4e:e1:61:b8:9d:76:b8:49:3a:30:
         34:c2:8c:40:21:e8:23:09:6c:06:26:fa:fe:85:0c:21:0b:db:
         06:71:a8:1d:cb:78:3f:b6:18:14:aa:fd:99:2e:94:c4:bd:ba:
         8a:8e:96:05:a4:84:d1:c8:6e:4f:d1:6f:79:de:8f:f3:11:67:
         8b:fe:55:95:2f:ee:97:83:07:b4:2f:53:37:bc:dc:c3:dd:b4:
         22:a0:80:36:a1:11:e9:ee:06:f0:31:54:95:67:42:70:67:c0:
         40:14:58:5f:44:d8:be:a4:0d:14:00:f6:59:f1:7f:af:e1:a1:
         82:eb:b3:0d:5d:5d:5f:d3:f3:cd:90:4d:5e:0d:c6:45:bc:d0:
         09:58:68:52:dd:41:4c:40:35:d6:0e:45:e7:e0:3c:ab:1e:e3:
         f1:fa:0c:53:b2:55:65:50:3d:60:ff:e8:ea:e7:6f:c2:cd:38:
         c9:94:c6:d5:8e:61:65:8d:57:82:47:dc:8e:7f:93:57:f1:e7:
         fa:a6:b0:79:5a:85:9a:dd:17:3d:2d:8e:fa:9a:8f:f7:37:98:
         07:45:0e:c8:a6:a4:e6:18:27:95:92:0c:3c:19:4f:62:3d:b6:
         5d:e2:07:3a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURGfYddzlwQpInbeuayC3nW3o4R4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI1MDAwMDAwWhcNMjUwMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNDRhZTM2MWIyNDg0Y2EzODcxZWNjMmE5ZGRlOGZkN2Vh
MGNkMTg3OGQ4YmQyZjJkZTlhY2EzMzVlOGI5MGFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvUFx7z4zIlXT+FjP1UmKUKMM9saSv0t/vj7PuhD4vV3H0
blBHGDJikiTzpIxP8PKc3daFBSSJMhD1FkXAvxcKfBJEOa5fxAnjCbRI5iuYqchd
YOtmpHSBpLWgEfgl7HxXE4hOPMC/9VAH5lVz2wDgl1s8uUu1vOzMx51QCrTLwz70
QADSTsAw+TWyWpq6nKj8IKAXuDEN9w+p4SlvnBsHK5i3d2SEi8wAuXCgM40TQru7
rdrx9V04OgnDDkfsVcURMM4cTqd+oX58LhCQ1l91h/UizSTUnyarSf7JLX717sDG
otK1G2aVS3fZKRYt07dp/cnHOXj/TvwQJuXYlNk1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTQdLkVizB4icGG6nGc9P4GGGXrQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q4Mzc5MmVhLTcxZjgtNDY2Zi1iNTRkLWQ5MmVjMjczNTY0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCCHzANBgkqhkiG9w0BAQsFAAOCAQEAD75sWrucpjluvG+G4rKh+/xESs/t
EJ4XYqhO4WG4nXa4STowNMKMQCHoIwlsBib6/oUMIQvbBnGoHct4P7YYFKr9mS6U
xL26io6WBaSE0chuT9Fved6P8xFni/5VlS/ul4MHtC9TN7zcw920IqCANqER6e4G
8DFUlWdCcGfAQBRYX0TYvqQNFAD2WfF/r+GhguuzDV1dX9PzzZBNXg3GRbzQCVho
Ut1BTEA11g5F5+A8qx7j8foMU7JVZVA9YP/o6udvws04yZTG1Y5hZY1Xgkfcjn+T
V/Hn+qaweVqFmt0XPS2O+pqP9zeYB0UOyKak5hgnlZIMPBlPYj22XeIHOg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:00:35 2025 by rpki-client