Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1894177-207c-42a2-a307-84b3c6d74032.roa
File:                     e1894177-207c-42a2-a307-84b3c6d74032.roa (raw, json)
Hash identifier:          C17rIMcRz8VYlLgZsXrY1bxxvJeuychZqp47zCCaC+M=
Subject key identifier:   F7:47:D8:C1:4A:CC:AA:C2:C9:2A:DE:F0:93:AE:DC:55:46:58:75:30
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       03A2F8401A75184FA05AF43036C98C93D257C393
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1894177-207c-42a2-a307-84b3c6d74032.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.73.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:a2:f8:40:1a:75:18:4f:a0:5a:f4:30:36:c9:8c:93:d2:57:c3:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=8c6f988bca59b421322e3502ef4074156179d3625e471361310982c9d76fb760, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:eb:05:02:fa:f1:72:a4:15:c5:72:5d:a8:9b:
                    99:7e:20:a7:19:5d:48:31:2f:d3:a1:a3:04:9d:d8:
                    c4:71:d1:1a:85:e5:90:37:75:05:9a:6d:59:1c:ba:
                    e3:e0:4b:84:d4:96:ca:91:f5:b7:85:dd:65:98:12:
                    9d:39:49:85:ff:b2:22:db:84:12:6f:e4:76:92:df:
                    0f:ed:24:19:96:33:37:e8:e0:a3:73:9d:72:60:47:
                    57:e7:7f:fd:1e:34:72:26:d7:08:d7:e4:3e:77:78:
                    bb:ff:de:ab:5c:62:dc:c6:17:d4:e4:f8:dd:47:d0:
                    07:20:fe:b2:66:8a:2b:8c:7a:55:ab:89:80:4b:57:
                    42:35:a8:2f:d2:53:f3:e4:80:f0:f1:10:1e:ec:88:
                    c5:f8:ba:91:40:7d:cf:db:18:30:71:22:12:fb:3f:
                    b9:1f:bb:e9:b1:6b:4a:80:cc:dd:50:9e:67:f7:64:
                    22:a0:49:bb:ef:de:f5:33:57:6f:f3:a6:a7:53:b4:
                    0a:11:ae:59:1f:77:c0:e4:74:33:95:44:6b:64:e0:
                    59:01:b9:85:11:e8:8e:2a:8f:84:ef:3a:e1:4b:47:
                    96:bc:d6:1d:b4:0d:e0:06:a2:44:ac:e9:c8:4d:77:
                    83:e5:f5:d4:a9:4b:a9:6d:6a:31:5f:f5:3f:05:76:
                    aa:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:47:D8:C1:4A:CC:AA:C2:C9:2A:DE:F0:93:AE:DC:55:46:58:75:30
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1894177-207c-42a2-a307-84b3c6d74032.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.73.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         07:95:14:01:ef:03:9e:67:d3:2e:df:d1:fa:97:2d:91:ca:cc:
         e1:2e:f8:b4:74:75:0a:52:17:18:81:b6:72:11:a5:a5:e9:5c:
         94:77:48:dd:b0:12:30:cb:25:fa:08:45:2b:39:a8:b7:91:e4:
         73:0c:58:35:05:36:85:ab:ac:f2:64:98:19:d1:5a:5b:ae:c6:
         ef:ca:12:93:6f:44:bf:72:30:9d:1e:97:e9:e9:b4:08:35:1e:
         72:c6:92:b8:35:24:af:82:39:88:ec:24:98:35:f4:1f:87:a5:
         4f:b3:2d:6c:cf:0a:b3:46:f3:c8:5a:81:77:93:f4:f1:04:7e:
         b9:97:62:90:11:65:66:d1:76:53:d2:1b:cb:c0:46:d2:2e:33:
         7a:2e:a1:6f:f3:b3:e9:d1:6e:1a:08:23:6d:6d:b5:e6:e3:08:
         74:38:d6:85:7c:4d:1f:e3:7c:81:95:a9:14:d5:ba:b4:88:ad:
         5c:78:d2:38:98:02:7e:c0:06:b2:ae:6a:b5:de:90:d8:a0:09:
         0f:0b:c6:34:11:06:1a:31:d5:09:97:cd:c8:70:a0:30:02:42:
         f6:12:f4:bf:6e:04:91:c4:ea:80:3e:f8:07:a1:1d:c0:64:e2:
         81:8a:fc:ac:66:dc:ee:a6:22:e4:62:b5:a4:04:43:2c:35:49:
         a7:17:e1:85
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUA6L4QBp1GE+gWvQwNsmMk9JXw5MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzZmOTg4YmNhNTliNDIxMzIyZTM1MDJlZjQwNzQxNTYx
NzlkMzYyNWU0NzEzNjEzMTA5ODJjOWQ3NmZiNzYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDN6wUC+vFypBXFcl2om5l+IKcZXUgxL9OhowSd2MRx0RqF
5ZA3dQWabVkcuuPgS4TUlsqR9beF3WWYEp05SYX/siLbhBJv5HaS3w/tJBmWMzfo
4KNznXJgR1fnf/0eNHIm1wjX5D53eLv/3qtcYtzGF9Tk+N1H0Acg/rJmiiuMelWr
iYBLV0I1qC/SU/PkgPDxEB7siMX4upFAfc/bGDBxIhL7P7kfu+mxa0qAzN1Qnmf3
ZCKgSbvv3vUzV2/zpqdTtAoRrlkfd8DkdDOVRGtk4FkBuYUR6I4qj4TvOuFLR5a8
1h20DeAGokSs6chNd4Pl9dSpS6ltajFf9T8FdqoxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU90fYwUrMqsLJKt7wk67cVUZYdTAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UxODk0MTc3LTIwN2MtNDJhMi1hMzA3LTg0YjNjNmQ3NDAzMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4STANBgkqhkiG9w0BAQsFAAOCAQEAB5UUAe8DnmfTLt/R+pctkcrM4S74
tHR1ClIXGIG2chGlpelclHdI3bASMMsl+ghFKzmot5HkcwxYNQU2haus8mSYGdFa
W67G78oSk29Ev3IwnR6X6em0CDUecsaSuDUkr4I5iOwkmDX0H4elT7MtbM8Ks0bz
yFqBd5P08QR+uZdikBFlZtF2U9Iby8BG0i4zei6hb/Oz6dFuGggjbW215uMIdDjW
hXxNH+N8gZWpFNW6tIitXHjSOJgCfsAGsq5qtd6Q2KAJDwvGNBEGGjHVCZfNyHCg
MAJC9hL0v24EkcTqgD74B6EdwGTigYr8rGbc7qYi5GK1pARDLDVJpxfhhQ==
-----END CERTIFICATE-----