Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4990bdb-a89a-4dd1-a5ce-48ac82c9231f.roa
File:                     e4990bdb-a89a-4dd1-a5ce-48ac82c9231f.roa (raw, json)
Hash identifier:          O33+V5chDFULjDxhurwrwUp8FAascRH+2dejHXFnSGE=
Subject key identifier:   2C:BB:3B:7F:29:0D:3F:5C:7E:6F:52:08:E7:DB:FE:5A:BE:84:F5:56
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       303ACDE67D82A214BD0BFC9F31C5BB741D5492C1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4990bdb-a89a-4dd1-a5ce-48ac82c9231f.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        77.112.0.0/14 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:3a:cd:e6:7d:82:a2:14:bd:0b:fc:9f:31:c5:bb:74:1d:54:92:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:1c:76:07:23:a8:7d:f6:fb:57:03:90:7c:94:
                    c9:6a:1e:14:82:48:00:1c:63:61:36:84:3f:f3:ae:
                    64:89:55:3b:f6:25:b0:ba:24:7e:f5:28:ff:eb:72:
                    1d:41:e9:fc:1e:42:e0:bd:ba:4c:9d:70:cf:f6:0a:
                    4d:d4:72:4b:d1:67:cf:da:f2:3e:d6:29:eb:01:e1:
                    c2:70:37:db:cb:77:de:5f:a5:df:3b:94:dc:90:eb:
                    11:29:2a:49:2f:e4:c2:a3:8b:f3:79:29:4c:0a:61:
                    ed:d8:c5:24:7f:e1:31:ff:f4:59:3d:f4:3a:58:66:
                    44:64:35:03:95:bc:a5:73:dc:20:c7:17:73:7b:b2:
                    c1:c4:99:32:70:ae:b2:d5:d6:f3:ba:10:5f:91:87:
                    23:50:0a:c2:dd:27:78:07:3d:12:5c:2a:99:22:30:
                    6d:a9:c5:6e:6a:48:4d:98:ef:dd:15:87:b7:a3:1b:
                    f8:57:04:3b:cb:30:c5:74:81:60:32:48:28:f0:b5:
                    ca:4d:53:3d:24:bd:c0:32:a5:7f:7c:4d:4a:37:6a:
                    52:d4:36:0f:38:71:be:78:0b:09:f4:1a:1c:d0:61:
                    9c:9a:7d:1a:3c:39:8c:01:8a:38:c8:65:cb:df:d9:
                    fc:0a:92:0b:fb:75:f7:42:a8:b3:14:95:31:1f:86:
                    6f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:BB:3B:7F:29:0D:3F:5C:7E:6F:52:08:E7:DB:FE:5A:BE:84:F5:56
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4990bdb-a89a-4dd1-a5ce-48ac82c9231f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.112.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         61:6d:ee:1b:31:24:35:0f:d1:59:67:26:c3:e5:71:ae:f6:66:
         16:80:7f:bd:ec:75:9e:aa:93:a2:5b:3d:34:aa:ed:c1:04:44:
         2c:6b:87:be:a7:c3:79:67:4e:f0:5b:a5:51:a9:e6:aa:68:18:
         02:eb:76:06:76:ca:c5:60:60:80:19:69:8a:ce:18:42:26:86:
         02:1d:5d:b3:8d:16:a8:a7:66:4c:20:81:7e:39:45:40:ea:d2:
         ef:26:1d:2f:c7:1d:4c:d5:24:d6:32:f7:59:53:dd:47:53:b8:
         6c:7b:80:c3:e1:e8:92:64:89:fc:59:3f:7d:6a:8f:0e:bb:42:
         03:95:b6:db:69:a9:04:6d:d4:2a:39:14:d3:cf:c4:a3:58:49:
         ff:2a:c7:da:eb:3f:22:95:d7:1d:d2:a6:77:90:3a:e8:5c:5f:
         ea:8a:8c:78:0a:4e:be:7b:6e:93:ee:e4:5d:ee:53:07:bf:ca:
         c5:b6:8a:1d:b6:ac:db:af:0e:c9:4d:2b:9e:e7:05:1a:36:e1:
         ef:04:19:a4:c9:c7:e1:51:0a:c2:91:82:bd:6f:f7:46:05:28:
         0d:c1:f9:4d:52:14:30:8a:d2:6a:29:da:09:07:65:9b:e1:2d:
         c2:15:3e:ee:c0:8a:ff:66:5b:79:8a:2f:76:3e:b7:06:33:2d:
         fa:97:7e:40
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMDrN5n2CohS9C/yfMcW7dB1UksEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNTkyYTdlY2FmNDFjNjc2ODQ1ZGE3N2UxYjFmZTQ3ZDI4
MzBjYTBkMDE1MTUyMjI1MDU1NzhjOGJhMGFiODY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDuHHYHI6h99vtXA5B8lMlqHhSCSAAcY2E2hD/zrmSJVTv2
JbC6JH71KP/rch1B6fweQuC9ukydcM/2Ck3UckvRZ8/a8j7WKesB4cJwN9vLd95f
pd87lNyQ6xEpKkkv5MKji/N5KUwKYe3YxSR/4TH/9Fk99DpYZkRkNQOVvKVz3CDH
F3N7ssHEmTJwrrLV1vO6EF+RhyNQCsLdJ3gHPRJcKpkiMG2pxW5qSE2Y790Vh7ej
G/hXBDvLMMV0gWAySCjwtcpNUz0kvcAypX98TUo3alLUNg84cb54Cwn0GhzQYZya
fRo8OYwBijjIZcvf2fwKkgv7dfdCqLMUlTEfhm9jAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQULLs7fykNP1x+b1II59v+Wr6E9VYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U0OTkwYmRiLWE4OWEtNGRkMS1hNWNlLTQ4YWM4MmM5MjMxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJNcDANBgkqhkiG9w0BAQsFAAOCAQEAYW3uGzEkNQ/RWWcmw+VxrvZmFoB/
vex1nqqTols9NKrtwQRELGuHvqfDeWdO8FulUanmqmgYAut2BnbKxWBggBlpis4Y
QiaGAh1ds40WqKdmTCCBfjlFQOrS7yYdL8cdTNUk1jL3WVPdR1O4bHuAw+HokmSJ
/Fk/fWqPDrtCA5W222mpBG3UKjkU08/Eo1hJ/yrH2us/IpXXHdKmd5A66Fxf6oqM
eApOvntuk+7kXe5TB7/KxbaKHbas268OyU0rnucFGjbh7wQZpMnH4VEKwpGCvW/3
RgUoDcH5TVIUMIrSainaCQdlm+EtwhU+7sCK/2ZbeYovdj63BjMt+pd+QA==
-----END CERTIFICATE-----