Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db1f2730-0f56-434b-aea7-5265e3cade65.roa
File:                     db1f2730-0f56-434b-aea7-5265e3cade65.roa (raw, json)
Hash identifier:          PR29Y/51A3UP6OgLM9AMCCtnnhd4zmxymo2AA1+iwF0=
Subject key identifier:   58:7F:58:46:83:AC:1A:79:DF:50:E4:73:DE:59:7D:53:BC:7D:C2:36
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       500A7835A379054E2A77F77E2C778B77FECB02AA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db1f2730-0f56-434b-aea7-5265e3cade65.roa
Signing time:             Wed 16 Jul 2025 00:10:16 +0000
ROA not before:           Wed 16 Jul 2025 00:10:16 +0000
ROA not after:            Wed 20 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.144.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:0a:78:35:a3:79:05:4e:2a:77:f7:7e:2c:77:8b:77:fe:cb:02:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 16 00:10:16 2025 GMT
            Not After : Aug 20 23:59:59 2025 GMT
        Subject: serialNumber=688343431aa03b59debd3795b210ae77969b9afda057d4f85042e808d0d302b7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:46:3b:0f:3a:54:31:34:1e:a4:d6:e1:6a:2e:
                    a5:70:c6:f0:b9:2d:12:14:86:c7:16:df:89:1b:ab:
                    06:5c:50:ce:61:67:d4:d9:b5:29:2b:2d:14:bb:98:
                    66:34:e6:8f:02:78:f7:ed:70:96:84:75:84:7d:cc:
                    22:07:51:52:ec:c8:54:e4:b4:35:34:8d:05:d9:90:
                    fa:36:b0:13:28:61:04:89:33:06:38:52:a0:01:a7:
                    ca:4a:85:15:1e:38:6c:f3:41:eb:f0:d4:57:36:3a:
                    c5:87:79:6e:c2:1f:8c:c4:98:a9:c5:4f:28:95:37:
                    89:2b:a4:18:81:84:09:a1:9a:3d:a0:20:0b:f7:27:
                    fb:93:15:ab:84:e5:d8:24:ee:f6:fd:af:90:3c:5d:
                    fe:0d:5f:80:d7:8b:fb:43:ff:8e:62:fe:92:7b:39:
                    25:73:6c:3e:46:30:52:cb:04:66:21:88:12:a4:65:
                    a9:f0:62:81:22:22:33:cb:d3:72:44:ed:ca:12:60:
                    28:00:9e:49:ff:ae:0e:df:39:e1:f1:7a:ea:86:e0:
                    79:86:45:c4:fe:86:26:8d:a0:87:f4:3e:ae:f8:fb:
                    c9:24:82:9b:b9:dd:1e:9f:72:d3:05:c6:26:6b:6e:
                    8e:b1:4f:c0:ad:88:9d:3d:20:3e:59:ba:81:dc:27:
                    b5:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:7F:58:46:83:AC:1A:79:DF:50:E4:73:DE:59:7D:53:BC:7D:C2:36
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db1f2730-0f56-434b-aea7-5265e3cade65.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.144.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ba:07:6b:a9:e7:fd:88:e0:c2:ba:a8:ff:65:cd:77:b9:9d:d2:
         50:e4:6b:81:c9:da:9e:66:7c:95:52:98:b7:aa:a1:bc:0d:04:
         8a:6d:e0:66:3a:8b:ef:17:87:f7:c2:12:fb:ca:c2:53:bd:d5:
         d4:eb:10:b6:c4:f0:53:2d:cc:85:2d:0d:08:a7:63:64:a6:fb:
         8c:4f:85:ee:bc:2d:5b:bb:0f:7e:25:01:69:ed:28:45:6e:27:
         f8:7e:a1:38:6f:ad:2f:d9:34:3e:f0:01:f9:ad:6f:22:d6:3f:
         e9:93:ac:cf:02:88:bf:55:12:cb:f8:16:89:f1:89:c9:38:60:
         4b:bc:5e:f2:f2:fd:a1:d5:03:db:33:7c:58:5e:6e:06:4f:a8:
         45:dc:c2:28:1c:91:c7:7d:47:f1:f5:42:d4:1b:5a:09:e4:bd:
         09:d8:e3:b6:7e:34:3d:e2:9a:f1:33:bf:0d:fd:a7:ca:a0:9e:
         6c:c3:e5:de:78:2c:2d:1f:8d:e4:cf:78:3b:c9:73:d9:80:7d:
         b4:a1:cb:6f:91:5d:56:8d:3b:c3:aa:7b:ea:c9:5a:b1:86:da:
         68:95:78:c1:23:68:eb:e0:cc:27:98:54:a6:d8:33:9f:eb:7d:
         2d:ce:e0:19:cb:05:1d:75:75:c8:af:56:68:2a:b5:21:d9:2f:
         37:72:8c:70
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUAp4NaN5BU4qd/d+LHeLd/7LAqowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE2MDAxMDE2WhcNMjUwODIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODgzNDM0MzFhYTAzYjU5ZGViZDM3OTViMjEwYWU3Nzk2
OWI5YWZkYTA1N2Q0Zjg1MDQyZTgwOGQwZDMwMmI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClRjsPOlQxNB6k1uFqLqVwxvC5LRIUhscW34kbqwZcUM5h
Z9TZtSkrLRS7mGY05o8CePftcJaEdYR9zCIHUVLsyFTktDU0jQXZkPo2sBMoYQSJ
MwY4UqABp8pKhRUeOGzzQevw1Fc2OsWHeW7CH4zEmKnFTyiVN4krpBiBhAmhmj2g
IAv3J/uTFauE5dgk7vb9r5A8Xf4NX4DXi/tD/45i/pJ7OSVzbD5GMFLLBGYhiBKk
ZanwYoEiIjPL03JE7coSYCgAnkn/rg7fOeHxeuqG4HmGRcT+hiaNoIf0Pq74+8kk
gpu53R6fctMFxiZrbo6xT8CtiJ09ID5ZuoHcJ7XVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWH9YRoOsGnnfUORz3ll9U7x9wjYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RiMWYyNzMwLTBmNTYtNDM0Yi1hZWE3LTUyNjVlM2NhZGU2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQkDANBgkqhkiG9w0BAQsFAAOCAQEAugdrqef9iODCuqj/Zc13uZ3SUORr
gcnanmZ8lVKYt6qhvA0Eim3gZjqL7xeH98IS+8rCU73V1OsQtsTwUy3MhS0NCKdj
ZKb7jE+F7rwtW7sPfiUBae0oRW4n+H6hOG+tL9k0PvAB+a1vItY/6ZOszwKIv1US
y/gWifGJyThgS7xe8vL9odUD2zN8WF5uBk+oRdzCKByRx31H8fVC1BtaCeS9Cdjj
tn40PeKa8TO/Df2nyqCebMPl3ngsLR+N5M94O8lz2YB9tKHLb5FdVo07w6p76sla
sYbaaJV4wSNo6+DMJ5hUptgzn+t9Lc7gGcsFHXV1yK9WaCq1IdkvN3KMcA==
-----END CERTIFICATE-----