Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de525e36-bd5b-41d9-928d-bf35b242bea8.roa
File:                     de525e36-bd5b-41d9-928d-bf35b242bea8.roa (raw, json)
Hash identifier:          oAGyAAaWGWoGKZEu3aa/cijLvfOT9iE28+HBPDGTJVg=
Subject key identifier:   E2:54:D5:56:CC:CB:0C:60:6B:A2:57:C0:81:13:0C:92:49:24:99:1B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2B02C09856B2C6AAD123C83AAED952A65FB572E9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de525e36-bd5b-41d9-928d-bf35b242bea8.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.16.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:02:c0:98:56:b2:c6:aa:d1:23:c8:3a:ae:d9:52:a6:5f:b5:72:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: serialNumber=bf8f2d8faf7c27308db6b01e24163c023c78059b0f33bbe001d138133ee2e027, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:38:ab:6e:05:f0:5a:80:91:df:30:88:a5:f9:
                    fb:00:75:fb:1f:a4:dd:03:b2:4a:fb:31:f2:b3:7a:
                    33:4c:8c:82:54:cc:30:03:64:25:e0:ba:08:b9:ea:
                    c8:f7:3d:9b:10:2f:9f:db:b6:91:54:70:14:a8:ff:
                    88:cc:e2:31:2c:4a:8d:31:f2:4b:02:11:55:e7:55:
                    27:05:65:34:1a:6b:00:ec:22:86:0c:5a:32:09:45:
                    b9:c0:ef:3c:5d:5d:16:23:f3:55:2f:1d:49:62:34:
                    58:b5:cb:01:1f:e0:0b:f8:d9:7e:63:19:04:f0:ab:
                    d4:92:03:a1:06:52:16:07:14:c9:8c:fc:04:b2:4a:
                    81:0a:7c:fe:0c:cd:49:50:b5:88:33:da:7f:28:8a:
                    0b:9c:1f:41:a4:ab:73:0d:d5:46:14:b1:be:7a:a2:
                    f7:ad:e7:9f:7f:f0:6d:dc:56:e9:f4:1a:7b:01:3c:
                    bc:0c:30:a7:75:b1:bd:fd:31:8d:e5:0a:01:31:9c:
                    47:bb:fc:0f:8b:b2:10:b4:79:e4:81:95:5a:f3:8b:
                    2e:c6:62:dd:b3:48:a9:77:3f:4d:a2:05:15:f7:8b:
                    b2:51:3d:df:74:65:13:11:70:97:97:98:60:4a:e1:
                    62:ab:ba:6c:a8:30:31:dd:bf:fa:84:36:62:c4:d4:
                    4b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:54:D5:56:CC:CB:0C:60:6B:A2:57:C0:81:13:0C:92:49:24:99:1B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/de525e36-bd5b-41d9-928d-bf35b242bea8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.16.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0b:c1:0a:f5:a0:1d:1c:40:37:8a:d3:87:2c:ad:ec:32:43:18:
         92:d2:a7:67:c2:bf:8e:1f:0d:85:e3:8c:24:eb:25:bf:d4:1f:
         ab:8e:aa:1f:46:4b:43:b0:ab:12:a2:76:1d:32:10:32:b7:bf:
         14:ac:6d:ca:61:3f:36:a6:a2:dc:df:7e:bf:27:00:95:fb:24:
         9b:dc:06:3f:d7:79:1f:23:9c:7f:88:7a:60:41:cf:b3:6e:dc:
         99:a8:00:f4:db:e2:e9:1d:0c:d9:d6:9b:87:22:61:0e:f2:50:
         ab:e9:ef:30:6e:af:30:01:7f:25:e7:0b:2a:b1:9f:2d:56:d6:
         06:4f:0f:cf:ec:ad:11:d4:3c:5b:77:47:31:7a:90:5a:66:44:
         03:56:c7:29:c3:df:90:56:c5:01:37:e2:b0:a7:14:97:72:1f:
         ab:fb:db:71:13:5a:68:f8:3e:1e:06:eb:b7:dd:df:b4:05:4a:
         8b:4f:d6:c6:b5:6f:fa:08:fb:b9:d1:d1:c1:e6:15:d8:06:d7:
         a0:76:83:13:3f:83:97:41:69:6c:6b:0d:61:0b:b5:fc:94:63:
         55:2e:df:9b:13:62:8c:25:b9:d2:35:7f:d5:37:9a:5b:3d:1c:
         cb:9a:8d:ac:29:d3:dd:a2:07:bc:34:9a:78:d5:dc:9c:c8:cd:
         57:5d:45:0d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKwLAmFayxqrRI8g6rtlSpl+1cukwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjhmMmQ4ZmFmN2MyNzMwOGRiNmIwMWUyNDE2M2MwMjNj
NzgwNTliMGYzM2JiZTAwMWQxMzgxMzNlZTJlMDI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUOKtuBfBagJHfMIil+fsAdfsfpN0Dskr7MfKzejNMjIJU
zDADZCXgugi56sj3PZsQL5/btpFUcBSo/4jM4jEsSo0x8ksCEVXnVScFZTQaawDs
IoYMWjIJRbnA7zxdXRYj81UvHUliNFi1ywEf4Av42X5jGQTwq9SSA6EGUhYHFMmM
/ASySoEKfP4MzUlQtYgz2n8oigucH0Gkq3MN1UYUsb56ovet559/8G3cVun0GnsB
PLwMMKd1sb39MY3lCgExnEe7/A+LshC0eeSBlVrziy7GYt2zSKl3P02iBRX3i7JR
Pd90ZRMRcJeXmGBK4WKrumyoMDHdv/qENmLE1Ev/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4lTVVszLDGBrolfAgRMMkkkkmRswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RlNTI1ZTM2LWJkNWItNDFkOS05MjhkLWJmMzViMjQyYmVhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4EDANBgkqhkiG9w0BAQsFAAOCAQEAC8EK9aAdHEA3itOHLK3sMkMYktKn
Z8K/jh8NheOMJOslv9Qfq46qH0ZLQ7CrEqJ2HTIQMre/FKxtymE/Nqai3N9+vycA
lfskm9wGP9d5HyOcf4h6YEHPs27cmagA9Nvi6R0M2dabhyJhDvJQq+nvMG6vMAF/
JecLKrGfLVbWBk8Pz+ytEdQ8W3dHMXqQWmZEA1bHKcPfkFbFATfisKcUl3Ifq/vb
cRNaaPg+Hgbrt93ftAVKi0/WxrVv+gj7udHRweYV2AbXoHaDEz+Dl0FpbGsNYQu1
/JRjVS7fmxNijCW50jV/1TeaWz0cy5qNrCnT3aIHvDSaeNXcnMjNV11FDQ==
-----END CERTIFICATE-----