Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fe5762-4cf1-443f-adef-629a57e6582b.roa
File:                     e2fe5762-4cf1-443f-adef-629a57e6582b.roa (raw, json)
Hash identifier:          nPbnKnSty5wUpCqqy6Ex4wmi9L9/carJ5HTJRviv854=
Subject key identifier:   A1:58:C1:29:0A:42:0E:98:F2:F6:76:01:22:62:DB:31:70:4C:98:7B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       15E4D7E9345398B6FE4967FA8F93D11CAB7C1345
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fe5762-4cf1-443f-adef-629a57e6582b.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.113.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:e4:d7:e9:34:53:98:b6:fe:49:67:fa:8f:93:d1:1c:ab:7c:13:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=5905e609a31ff48ee9f4467b303825e9f5912699d516ece5483f940d13f0481c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:30:72:e7:aa:6a:c9:c5:62:45:16:4b:7d:8a:
                    1c:f3:94:cc:ab:ef:5c:de:40:e6:c6:d2:cc:9e:21:
                    e0:c8:06:e4:6d:e3:c3:4a:3a:5a:ed:48:1a:a0:e2:
                    bd:43:2c:bb:75:a4:db:1f:8f:00:74:23:ee:89:6b:
                    01:c6:28:bb:60:ab:ca:0b:ed:54:eb:ae:af:51:58:
                    f0:31:ef:00:79:63:3a:7f:35:6a:48:73:96:40:2e:
                    c8:8a:b1:ec:24:19:ad:37:8b:1b:c0:8f:00:b1:2f:
                    28:0d:f1:8f:0b:e7:8a:3f:d6:fd:71:25:8e:69:3a:
                    b9:4e:f4:41:f1:5f:a8:a8:6d:15:fe:8c:f7:29:86:
                    4a:bb:c6:2b:ad:13:ba:ed:78:b2:80:7c:4a:7c:7b:
                    e6:f3:d7:ad:84:bc:13:99:d2:50:36:c7:91:d3:b4:
                    e0:47:e8:49:0b:37:cd:18:65:b6:f6:0d:17:f9:6e:
                    4d:b8:a1:5d:12:82:4b:ec:37:44:24:6f:d1:55:a3:
                    12:06:42:71:a3:0a:25:0d:be:a8:5b:c4:a1:35:e3:
                    05:f0:42:b0:fa:75:df:52:8f:9d:1d:49:d5:85:0b:
                    10:60:b3:0e:bc:12:2a:64:9e:7e:d0:98:15:b7:0c:
                    fb:e8:28:bd:78:68:17:6a:6e:3d:c7:68:85:7d:98:
                    d1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:58:C1:29:0A:42:0E:98:F2:F6:76:01:22:62:DB:31:70:4C:98:7B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fe5762-4cf1-443f-adef-629a57e6582b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.113.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9d:b3:4c:bc:95:2c:61:82:9e:ef:ba:3f:40:4f:bf:f7:be:34:
         55:6f:9d:5b:d1:aa:18:99:7e:70:d6:c9:2a:bd:d2:3e:7a:3c:
         ce:b0:9b:ae:be:f1:46:95:c4:76:c5:2e:a6:5d:7d:e2:ee:8c:
         ab:c9:43:61:d6:05:b5:40:f6:2f:46:34:0a:4a:45:ac:6a:6b:
         6d:ce:32:b9:66:9e:3c:e4:2f:b8:e5:e4:9e:48:24:4b:bb:14:
         ee:cd:4b:5c:c1:8a:2d:1d:1f:5a:58:2c:68:ad:16:15:50:4e:
         d0:a9:94:fc:d3:6d:94:de:d2:30:87:86:12:4b:92:2f:4a:6d:
         2f:61:cc:c3:0f:e8:60:65:29:36:fc:54:83:d4:49:fc:8c:25:
         4b:97:54:d9:33:b5:ba:4c:a6:b3:e6:f1:0d:00:41:93:85:60:
         f1:5e:db:ce:40:db:a7:5a:88:61:f6:e0:a7:fe:8d:a5:bf:0f:
         4f:6b:93:e9:45:98:d4:c0:3d:30:8e:b4:b1:0f:bf:d8:e7:9f:
         5c:f2:79:38:3b:e8:48:b4:44:33:ee:c2:b4:4e:30:cd:9c:4d:
         b9:e5:de:0e:f1:37:03:ea:e3:1f:5c:e4:1f:34:1a:53:f2:a2:
         b5:57:6f:10:89:c7:e3:27:ca:48:34:ae:39:c8:ba:45:e3:5a:
         c5:7a:69:0e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFeTX6TRTmLb+SWf6j5PRHKt8E0UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1OTA1ZTYwOWEzMWZmNDhlZTlmNDQ2N2IzMDM4MjVlOWY1
OTEyNjk5ZDUxNmVjZTU0ODNmOTQwZDEzZjA0ODFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZMHLnqmrJxWJFFkt9ihzzlMyr71zeQObG0syeIeDIBuRt
48NKOlrtSBqg4r1DLLt1pNsfjwB0I+6JawHGKLtgq8oL7VTrrq9RWPAx7wB5Yzp/
NWpIc5ZALsiKsewkGa03ixvAjwCxLygN8Y8L54o/1v1xJY5pOrlO9EHxX6iobRX+
jPcphkq7xiutE7rteLKAfEp8e+bz162EvBOZ0lA2x5HTtOBH6EkLN80YZbb2DRf5
bk24oV0SgkvsN0Qkb9FVoxIGQnGjCiUNvqhbxKE14wXwQrD6dd9Sj50dSdWFCxBg
sw68Eipknn7QmBW3DPvoKL14aBdqbj3HaIV9mNGfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUoVjBKQpCDpjy9nYBImLbMXBMmHswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyZmU1NzYyLTRjZjEtNDQzZi1hZGVmLTYyOWE1N2U2NTgyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQcTANBgkqhkiG9w0BAQsFAAOCAQEAnbNMvJUsYYKe77o/QE+/9740VW+d
W9GqGJl+cNbJKr3SPno8zrCbrr7xRpXEdsUupl194u6Mq8lDYdYFtUD2L0Y0CkpF
rGprbc4yuWaePOQvuOXknkgkS7sU7s1LXMGKLR0fWlgsaK0WFVBO0KmU/NNtlN7S
MIeGEkuSL0ptL2HMww/oYGUpNvxUg9RJ/IwlS5dU2TO1ukyms+bxDQBBk4Vg8V7b
zkDbp1qIYfbgp/6Npb8PT2uT6UWY1MA9MI60sQ+/2OefXPJ5ODvoSLREM+7CtE4w
zZxNueXeDvE3A+rjH1zkHzQaU/KitVdvEInH4yfKSDSuOci6ReNaxXppDg==
-----END CERTIFICATE-----