Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8cc95a4-9974-4ebe-b08b-86b1d4db672d.roa
File:                     d8cc95a4-9974-4ebe-b08b-86b1d4db672d.roa (raw, json)
Hash identifier:          G12K7ch1w+9ahDrQolIEne4ZQ2KvVsRXfBqbeNH3Y6o=
Subject key identifier:   4D:14:FC:41:D2:F8:C5:AB:B6:77:19:2F:7A:B6:6E:3D:44:7C:52:89
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       35C79842B39FC814E80BFCAC5FC751C0A4A993FF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8cc95a4-9974-4ebe-b08b-86b1d4db672d.roa
Signing time:             Mon 13 Nov 2023 00:00:00 +0000
ROA not before:           Mon 13 Nov 2023 00:00:00 +0000
ROA not after:            Mon 18 Dec 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        192.31.212.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:c7:98:42:b3:9f:c8:14:e8:0b:fc:ac:5f:c7:51:c0:a4:a9:93:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:00:00 2023 GMT
            Not After : Dec 18 23:59:59 2023 GMT
        Subject: serialNumber=4820acfc41c052d4c934979334b8121d05d0d8dd448fe55dde50589a781cc777, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d3:97:08:82:a6:76:67:4e:df:c4:c4:3f:36:
                    23:a9:19:aa:39:1b:03:9f:51:90:83:ee:a1:13:b8:
                    53:e7:3e:6a:61:5d:68:a5:43:7f:d9:18:95:4c:31:
                    ee:16:f6:02:07:99:ac:a3:d1:a8:aa:46:ba:8c:de:
                    34:68:e6:19:72:a9:b7:e2:96:e2:fb:25:9d:6e:7a:
                    0d:f8:fb:0d:3e:58:11:bb:a8:4e:fc:c5:d1:a0:a3:
                    cd:ab:d5:3d:8d:59:8c:64:13:81:ad:ed:53:4c:bb:
                    36:ca:a5:85:ee:6d:6e:0c:db:2b:ef:14:35:86:8a:
                    d4:f3:1e:39:7a:b2:10:6f:26:85:b3:00:a8:bd:ab:
                    46:e9:17:84:95:7b:f4:d5:de:50:54:c5:f7:26:36:
                    e7:03:7d:0b:73:f8:6e:c3:df:7f:77:c0:96:a4:82:
                    bc:0c:52:69:b1:6d:31:04:1a:51:85:c2:f2:c7:ce:
                    37:be:cd:0d:c3:de:c3:63:a9:cd:8f:39:be:65:8c:
                    86:a7:5c:f2:b6:27:0d:3c:6c:e8:c2:9a:f9:96:71:
                    47:6b:0f:a8:ba:fb:eb:61:30:6b:01:2f:df:17:90:
                    d2:b9:86:b8:41:6f:69:c5:f6:8e:40:18:e8:f5:d3:
                    c1:8b:91:fe:16:e2:34:27:ce:e4:5b:e3:77:6f:f2:
                    a4:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:14:FC:41:D2:F8:C5:AB:B6:77:19:2F:7A:B6:6E:3D:44:7C:52:89
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8cc95a4-9974-4ebe-b08b-86b1d4db672d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.31.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:31:49:b7:de:b9:30:2a:0b:34:47:79:74:1c:d8:00:0f:d1:
         47:8c:37:b2:82:dd:76:ba:b8:35:b4:97:07:55:67:f5:34:af:
         78:4f:0f:e7:83:3e:db:ba:d3:54:c9:e1:7e:37:48:2b:d3:99:
         54:8b:22:f9:7b:c9:e8:1a:4e:ba:b2:82:dd:fe:46:3b:45:92:
         8c:bc:9f:04:81:55:10:6c:17:37:8b:64:21:6a:5a:8e:26:56:
         3c:a2:32:6a:49:21:5d:9c:cc:89:61:93:3f:30:a5:b2:84:5f:
         a8:73:af:ce:56:cf:2c:9e:40:0b:83:85:b8:7d:2d:ad:e3:e8:
         fd:8d:be:38:67:58:e6:f2:c2:1c:c0:0e:81:0d:c7:13:8d:57:
         e7:25:62:39:51:7f:49:ab:c5:57:1c:dd:77:d4:8a:8d:1d:57:
         11:a6:50:70:60:42:85:a2:a1:c2:4c:f8:c0:8e:42:42:20:4a:
         d0:81:73:9a:d4:d3:48:83:5e:2c:47:0b:d7:59:3b:ef:3a:f3:
         6c:46:59:50:9e:b5:01:58:ca:8c:8f:96:67:40:f8:83:30:62:
         5e:8e:1e:3f:fb:bf:cf:f3:fd:10:f7:5e:12:3b:f6:b9:fb:95:
         4b:23:40:03:17:a6:73:97:cf:8a:ba:f4:ed:c7:0d:81:08:fd:
         ff:70:bf:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNceYQrOfyBToC/ysX8dRwKSpk/8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMxMTEzMDAwMDAwWhcNMjMxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ODIwYWNmYzQxYzA1MmQ0YzkzNDk3OTMzNGI4MTIxZDA1
ZDBkOGRkNDQ4ZmU1NWRkZTUwNTg5YTc4MWNjNzc3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCb05cIgqZ2Z07fxMQ/NiOpGao5GwOfUZCD7qETuFPnPmph
XWilQ3/ZGJVMMe4W9gIHmayj0aiqRrqM3jRo5hlyqbfiluL7JZ1ueg34+w0+WBG7
qE78xdGgo82r1T2NWYxkE4Gt7VNMuzbKpYXubW4M2yvvFDWGitTzHjl6shBvJoWz
AKi9q0bpF4SVe/TV3lBUxfcmNucDfQtz+G7D3393wJakgrwMUmmxbTEEGlGFwvLH
zje+zQ3D3sNjqc2POb5ljIanXPK2Jw08bOjCmvmWcUdrD6i6++thMGsBL98XkNK5
hrhBb2nF9o5AGOj108GLkf4W4jQnzuRb43dv8qRlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTRT8QdL4xau2dxkverZuPUR8UokwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q4Y2M5NWE0LTk5NzQtNGViZS1iMDhiLTg2YjFkNGRiNjcyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADAH9QwDQYJKoZIhvcNAQELBQADggEBAGcxSbfeuTAqCzRHeXQc2AAP0UeM
N7KC3Xa6uDW0lwdVZ/U0r3hPD+eDPtu601TJ4X43SCvTmVSLIvl7yegaTrqygt3+
RjtFkoy8nwSBVRBsFzeLZCFqWo4mVjyiMmpJIV2czIlhkz8wpbKEX6hzr85Wzyye
QAuDhbh9La3j6P2NvjhnWObywhzADoENxxONV+clYjlRf0mrxVcc3XfUio0dVxGm
UHBgQoWiocJM+MCOQkIgStCBc5rU00iDXixHC9dZO+8682xGWVCetQFYyoyPlmdA
+IMwYl6OHj/7v8/z/RD3XhI79rn7lUsjQAMXpnOXz4q69O3HDYEI/f9wv6Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:52 2024 by rpki-client on console-fra.rpki-client.org