Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1d3b229-a2df-453a-8c9e-64c6bc7c2ce1.roa
File:                     e1d3b229-a2df-453a-8c9e-64c6bc7c2ce1.roa (raw, json)
Hash identifier:          htJqbe+P1zKjPg7+IBluFguqI7ivKs0et2sFAR26slA=
Subject key identifier:   A1:AA:D8:24:7A:87:9E:4A:0A:DC:67:F4:55:E7:4E:E3:FD:56:16:77
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       256C50BB8ED02D91419727B56D8AA33494C7C0BE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1d3b229-a2df-453a-8c9e-64c6bc7c2ce1.roa
Signing time:             Wed 18 Dec 2024 00:00:00 +0000
ROA not before:           Wed 18 Dec 2024 00:00:00 +0000
ROA not after:            Wed 22 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.12.6.0/23 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:6c:50:bb:8e:d0:2d:91:41:97:27:b5:6d:8a:a3:34:94:c7:c0:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 18 00:00:00 2024 GMT
            Not After : Jan 22 23:59:59 2025 GMT
        Subject: serialNumber=9b54bbdf8330b4e3b0eb9875d782ecaa9fad863104abdb131548f4c918061fb5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:51:c6:8f:67:8d:74:c4:95:25:da:07:5c:e7:
                    bf:88:85:ac:40:4d:db:da:31:ff:1a:0a:b0:57:8f:
                    f6:2f:d9:6a:72:dd:56:cc:2f:b1:d4:0a:43:fb:ff:
                    29:77:31:23:56:cf:5a:0f:fb:31:0e:bc:cc:f4:96:
                    15:f6:e4:8b:d1:18:ba:5b:f8:f0:bf:12:3b:c8:7e:
                    e9:20:db:28:e4:2d:c1:a4:1e:cf:da:4f:4d:12:5c:
                    a1:b6:42:6a:c5:9b:28:86:dd:5e:54:e3:72:4b:8d:
                    00:8f:9f:cb:ce:17:80:ec:19:10:2a:9a:94:dd:c8:
                    5c:ed:c3:01:3f:cc:a4:c4:1e:65:af:0f:85:02:af:
                    23:a0:12:ee:56:5d:4f:05:f3:2b:41:37:c8:db:97:
                    07:2b:ea:d8:0c:a4:5c:97:2f:27:63:dd:da:12:85:
                    09:72:5f:ad:ca:ff:0b:89:b1:47:6f:d7:1b:3e:0a:
                    9d:ec:7b:c0:63:be:fe:5c:cb:92:01:11:d7:73:d2:
                    0a:75:ae:ab:ff:76:46:18:98:f8:25:12:1a:07:99:
                    5a:51:78:4f:75:c1:c2:4b:91:31:25:98:7e:25:e8:
                    23:9d:f3:38:ee:c6:ad:8b:79:9c:20:8d:13:a6:91:
                    69:9b:c5:08:e3:92:e4:8b:2b:98:78:86:85:52:1a:
                    fd:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:AA:D8:24:7A:87:9E:4A:0A:DC:67:F4:55:E7:4E:E3:FD:56:16:77
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1d3b229-a2df-453a-8c9e-64c6bc7c2ce1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.12.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bc:6d:7e:07:50:be:bd:21:28:0e:70:2b:10:45:9e:4a:c4:77:
         e7:4c:2c:f0:18:21:f2:c7:c2:4e:16:dc:db:e5:56:1c:2d:b3:
         be:7f:78:44:86:d9:a0:fc:b4:75:7f:0c:d3:aa:6e:7c:ab:da:
         46:38:92:c2:6b:b6:68:c0:19:e3:b9:72:0d:8a:de:e7:9d:10:
         59:6a:96:a4:80:62:69:33:e2:c3:63:cf:c3:31:b8:56:ca:33:
         9b:59:e3:03:84:e3:47:62:35:14:13:fe:fc:40:1e:76:c6:15:
         7e:2d:ee:96:20:f8:07:4c:1c:68:e2:f0:60:15:29:e8:44:3f:
         7d:a5:ff:55:fd:6b:87:a4:aa:d1:df:70:89:32:22:a8:68:68:
         ad:68:b2:49:f1:da:ad:fc:34:c5:b0:04:cb:32:c5:08:26:4f:
         f0:29:84:3b:6e:bd:80:90:dc:df:4c:b8:a2:6b:c3:2c:7a:dc:
         25:2e:98:e0:b8:c5:07:fc:c5:a4:3f:2d:0f:a4:f2:d9:6f:50:
         b5:ab:40:f0:4c:56:0e:24:56:d2:a6:f8:23:8e:77:01:51:f7:
         61:08:c8:7e:1c:7a:62:dd:04:54:76:97:b8:e3:c3:08:d9:65:
         5b:8d:19:ce:16:e7:30:9e:e0:46:01:ec:8e:2e:60:5d:97:ff:
         34:9e:c8:83
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJWxQu47QLZFBlye1bYqjNJTHwL4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjE4MDAwMDAwWhcNMjUwMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YjU0YmJkZjgzMzBiNGUzYjBlYjk4NzVkNzgyZWNhYTlm
YWQ4NjMxMDRhYmRiMTMxNTQ4ZjRjOTE4MDYxZmI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmUcaPZ410xJUl2gdc57+IhaxATdvaMf8aCrBXj/Yv2Wpy
3VbML7HUCkP7/yl3MSNWz1oP+zEOvMz0lhX25IvRGLpb+PC/EjvIfukg2yjkLcGk
Hs/aT00SXKG2QmrFmyiG3V5U43JLjQCPn8vOF4DsGRAqmpTdyFztwwE/zKTEHmWv
D4UCryOgEu5WXU8F8ytBN8jblwcr6tgMpFyXLydj3doShQlyX63K/wuJsUdv1xs+
Cp3se8Bjvv5cy5IBEddz0gp1rqv/dkYYmPglEhoHmVpReE91wcJLkTElmH4l6COd
8zjuxq2LeZwgjROmkWmbxQjjkuSLK5h4hoVSGv1JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoarYJHqHnkoK3Gf0VedO4/1WFncwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UxZDNiMjI5LWEyZGYtNDUzYS04YzllLTY0YzZiYzdjMmNlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEQDAYwDQYJKoZIhvcNAQELBQADggEBALxtfgdQvr0hKA5wKxBFnkrEd+dM
LPAYIfLHwk4W3NvlVhwts75/eESG2aD8tHV/DNOqbnyr2kY4ksJrtmjAGeO5cg2K
3uedEFlqlqSAYmkz4sNjz8MxuFbKM5tZ4wOE40diNRQT/vxAHnbGFX4t7pYg+AdM
HGji8GAVKehEP32l/1X9a4ekqtHfcIkyIqhoaK1osknx2q38NMWwBMsyxQgmT/Ap
hDtuvYCQ3N9MuKJrwyx63CUumOC4xQf8xaQ/LQ+k8tlvULWrQPBMVg4kVtKm+COO
dwFR92EIyH4cemLdBFR2l7jjwwjZZVuNGc4W5zCe4EYB7I4uYF2X/zSeyIM=
-----END CERTIFICATE-----