Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dae3dc93-17f6-4963-b124-37a6479f0289.roa
File:                     dae3dc93-17f6-4963-b124-37a6479f0289.roa (raw, json)
Hash identifier:          iUgkLEoP39oh38kH6vUXbnhW7JRiWT9eNsJoZmUsQjE=
Subject key identifier:   1A:0E:82:1C:36:03:32:4F:BA:DC:90:0B:A2:A9:C8:FC:AB:64:7E:75
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5BEFB1409AD796F8B1D23B8393D861BDF903F343
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dae3dc93-17f6-4963-b124-37a6479f0289.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f70:5000::/40 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:ef:b1:40:9a:d7:96:f8:b1:d2:3b:83:93:d8:61:bd:f9:03:f3:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=29443ad1c50a7159a3cabb0b28a7786b19b3b9b4f07ff28d4b66081339a57840, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:62:17:6f:8b:06:6d:56:8b:05:3e:ea:37:15:
                    8e:d8:a2:75:78:a0:7b:80:e0:8d:50:d0:d0:e4:a6:
                    e6:21:64:65:50:e4:17:6c:27:e8:e9:a4:de:8c:65:
                    c0:de:d2:42:bc:fd:45:7a:10:c6:59:e0:6b:3d:96:
                    72:49:6d:5a:dd:58:71:1d:d1:99:0c:7f:63:9b:ff:
                    31:49:db:8f:1f:d3:ec:74:e9:71:65:26:c2:1e:6d:
                    39:ac:54:e1:5f:57:a9:2f:08:c3:7b:e6:2c:9d:d5:
                    b1:10:1d:2f:20:21:53:3a:59:19:f2:9c:a3:d1:03:
                    97:d4:e7:7c:bc:e1:c1:06:84:0f:32:60:07:9f:a5:
                    77:96:b0:7a:de:b4:f4:b5:72:bf:4f:f7:29:c6:45:
                    bf:dd:17:a8:b0:34:22:21:bb:1a:73:90:ca:da:ab:
                    11:2d:21:c2:59:4d:7f:8d:fe:24:07:e3:45:c6:4e:
                    27:39:5e:2c:7d:fc:b7:5c:ec:9c:07:2a:6d:33:13:
                    04:d5:cb:c1:61:23:cf:b5:10:88:22:0c:73:b5:15:
                    c3:38:f3:fc:73:4e:1e:39:e4:4a:3a:ba:a3:ea:f3:
                    fd:61:0a:39:9a:81:c6:17:24:28:29:f3:67:4b:d7:
                    ec:02:96:7c:c9:3c:c1:43:c1:8f:8b:b8:25:3c:a2:
                    4b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:0E:82:1C:36:03:32:4F:BA:DC:90:0B:A2:A9:C8:FC:AB:64:7E:75
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dae3dc93-17f6-4963-b124-37a6479f0289.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f70:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         8e:91:20:82:6f:aa:9f:e3:3f:b2:68:36:87:37:54:68:fa:3e:
         88:0c:ba:e7:6d:a0:2b:36:83:6f:9e:87:dc:a7:48:d0:56:14:
         b4:91:1d:5f:0d:83:3f:c2:ce:b3:52:04:61:8f:50:0b:59:ef:
         46:a1:ea:ef:b3:fe:50:32:2d:66:8c:e6:cb:c9:6c:97:0b:68:
         81:77:0d:2b:96:79:c3:56:66:bc:01:b2:52:7a:10:0d:0b:a7:
         e5:0d:b6:b5:53:22:d9:02:e3:6a:b8:6f:8d:2b:40:e7:5f:37:
         7b:61:d2:72:fb:bd:03:1b:eb:60:17:a8:4d:e7:bd:0a:19:fe:
         05:d1:0a:4e:65:6d:03:8d:16:5d:96:14:38:6e:41:b7:35:b0:
         fe:1d:26:c2:91:bc:9f:6c:90:4c:e8:b3:1a:78:45:0a:29:e8:
         49:8e:fd:30:ae:39:8f:f5:eb:b2:70:c5:11:06:e4:83:40:c5:
         3f:cf:47:d6:3a:60:9f:f3:73:35:11:23:0b:bd:1c:4a:ef:b0:
         82:92:7f:71:b4:34:49:fc:c2:68:32:04:b5:bf:fc:15:d1:1b:
         91:f3:6b:34:08:28:0a:9d:c9:e1:74:ef:76:5c:2e:ab:8e:9c:
         1d:b9:89:d0:48:0d:bb:1b:82:d7:bc:4f:8c:a5:08:f5:d7:3a:
         a3:a3:9e:b8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUW++xQJrXlvix0juDk9hhvfkD80MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOTQ0M2FkMWM1MGE3MTU5YTNjYWJiMGIyOGE3Nzg2YjE5
YjNiOWI0ZjA3ZmYyOGQ0YjY2MDgxMzM5YTU3ODQwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGYhdviwZtVosFPuo3FY7YonV4oHuA4I1Q0NDkpuYhZGVQ
5BdsJ+jppN6MZcDe0kK8/UV6EMZZ4Gs9lnJJbVrdWHEd0ZkMf2Ob/zFJ248f0+x0
6XFlJsIebTmsVOFfV6kvCMN75iyd1bEQHS8gIVM6WRnynKPRA5fU53y84cEGhA8y
YAefpXeWsHretPS1cr9P9ynGRb/dF6iwNCIhuxpzkMraqxEtIcJZTX+N/iQH40XG
Tic5Xix9/Ldc7JwHKm0zEwTVy8FhI8+1EIgiDHO1FcM48/xzTh455Eo6uqPq8/1h
CjmagcYXJCgp82dL1+wClnzJPMFDwY+LuCU8oktDAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUGg6CHDYDMk+63JALoqnI/KtkfnUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhZTNkYzkzLTE3ZjYtNDk2My1iMTI0LTM3YTY0NzlmMDI4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9wUDANBgkqhkiG9w0BAQsFAAOCAQEAjpEggm+qn+M/smg2hzdUaPo+
iAy6522gKzaDb56H3KdI0FYUtJEdXw2DP8LOs1IEYY9QC1nvRqHq77P+UDItZozm
y8lslwtogXcNK5Z5w1ZmvAGyUnoQDQun5Q22tVMi2QLjarhvjStA5183e2HScvu9
AxvrYBeoTee9Chn+BdEKTmVtA40WXZYUOG5BtzWw/h0mwpG8n2yQTOizGnhFCino
SY79MK45j/XrsnDFEQbkg0DFP89H1jpgn/NzNREjC70cSu+wgpJ/cbQ0SfzCaDIE
tb/8FdEbkfNrNAgoCp3J4XTvdlwuq46cHbmJ0EgNuxuC17xPjKUI9dc6o6OeuA==
-----END CERTIFICATE-----