Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e70619ef-99f7-46eb-a898-5e439f8b4962.roa
File:                     e70619ef-99f7-46eb-a898-5e439f8b4962.roa (raw, json)
Hash identifier:          avEeHXMN+sPeCwlA7yJo8ytGIcaAO9F8eitP2LTHcAI=
Subject key identifier:   E9:5B:5E:27:81:6D:38:54:74:9B:24:32:B9:17:5C:BE:97:F0:7A:16
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0D5D9EDDB01A4E05B0011752A2EC94651790D21F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e70619ef-99f7-46eb-a898-5e439f8b4962.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        194.134.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:5d:9e:dd:b0:1a:4e:05:b0:01:17:52:a2:ec:94:65:17:90:d2:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=0e11f4f87b263d82e82b81db95a0d72d92ba4684989d322acfdeeb93f4ab9147, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:1a:35:3f:9a:ac:a6:cb:e8:d5:05:fe:6f:0f:
                    16:da:7f:17:72:9b:75:b3:9e:9f:55:88:e1:f2:d1:
                    59:13:5c:22:cf:3f:58:79:3f:a9:34:e1:b5:65:32:
                    27:f9:fd:f8:dd:a9:6c:b3:41:91:84:3f:59:b6:db:
                    6b:7d:4e:7c:0c:7f:07:39:ba:c2:98:33:e0:e0:1b:
                    c0:1c:2f:29:4b:04:6b:50:ff:e4:33:8e:bb:d9:c8:
                    5f:0f:ed:05:21:5e:04:38:b5:f2:f3:45:2a:71:f3:
                    9f:7f:0f:98:bf:cd:bf:97:29:60:d3:ad:77:27:7f:
                    e4:ea:43:b6:cb:d3:72:12:d9:87:de:ad:15:da:c8:
                    0e:60:1d:cf:81:7d:42:4b:b5:d5:55:6d:53:fd:8c:
                    a5:ce:48:02:d6:f4:4c:86:2f:52:6c:3a:90:17:a3:
                    30:1b:4d:0b:33:1f:22:bf:2a:6a:cd:ab:f2:f0:0a:
                    ba:b7:da:a5:8e:ad:54:45:83:e1:30:4a:d0:f6:98:
                    78:65:5e:2f:da:26:84:dc:00:e1:73:5c:01:8e:c9:
                    b7:58:2a:32:0f:1f:80:be:ae:87:45:80:f0:51:da:
                    ae:06:9d:ac:a6:0b:84:fa:f5:12:50:73:bc:10:92:
                    d2:ef:36:68:78:b5:81:8e:3d:0b:1f:4d:eb:c0:d7:
                    5a:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:5B:5E:27:81:6D:38:54:74:9B:24:32:B9:17:5C:BE:97:F0:7A:16
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e70619ef-99f7-46eb-a898-5e439f8b4962.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5d:df:70:4a:2c:47:56:13:8e:14:d2:91:92:4a:3b:fd:7d:5c:
         35:1e:07:d5:a6:10:bf:58:38:d5:40:86:a4:a6:c4:f1:41:a0:
         da:ab:20:95:00:6b:bd:4c:63:5b:96:d1:c9:88:f5:eb:99:21:
         06:df:bd:46:c9:e6:db:b6:4b:0d:00:15:fc:7d:27:04:f3:24:
         d5:92:61:c2:03:de:e2:05:7c:6e:c5:2a:71:59:70:5f:7b:57:
         a5:e0:1c:da:04:51:08:7a:35:5e:76:d4:d5:8c:01:fb:65:f1:
         2f:b0:94:63:fb:65:5d:1f:3c:9f:c3:f7:71:59:68:ab:59:93:
         fa:9b:db:6d:82:f4:fc:c8:d0:fc:08:2e:a1:cc:87:42:e3:44:
         c5:ce:c8:2f:02:8c:87:7d:02:22:e2:82:0a:d9:d3:d6:5e:57:
         17:e9:92:d4:f2:e5:18:a3:ae:60:3b:70:0f:87:11:43:db:16:
         dc:39:e0:ae:49:c2:a7:89:5e:9f:43:94:be:96:c3:1c:05:15:
         f4:b0:7a:69:f1:e1:4b:2b:92:25:e8:b3:34:bd:a4:c2:7a:ed:
         91:8f:70:a1:58:03:07:db:b4:d5:69:d9:ba:c3:30:e5:de:2a:
         e9:f6:98:0e:cf:ba:9c:68:cb:eb:5d:c3:18:ba:7c:83:5b:fd:
         d4:be:b2:d0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDV2e3bAaTgWwARdSouyUZReQ0h8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTExZjRmODdiMjYzZDgyZTgyYjgxZGI5NWEwZDcyZDky
YmE0Njg0OTg5ZDMyMmFjZmRlZWI5M2Y0YWI5MTQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhGjU/mqymy+jVBf5vDxbafxdym3Wznp9ViOHy0VkTXCLP
P1h5P6k04bVlMif5/fjdqWyzQZGEP1m222t9TnwMfwc5usKYM+DgG8AcLylLBGtQ
/+QzjrvZyF8P7QUhXgQ4tfLzRSpx859/D5i/zb+XKWDTrXcnf+TqQ7bL03IS2Yfe
rRXayA5gHc+BfUJLtdVVbVP9jKXOSALW9EyGL1JsOpAXozAbTQszHyK/KmrNq/Lw
Crq32qWOrVRFg+EwStD2mHhlXi/aJoTcAOFzXAGOybdYKjIPH4C+rodFgPBR2q4G
naymC4T69RJQc7wQktLvNmh4tYGOPQsfTevA11obAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6VteJ4FtOFR0myQyuRdcvpfwehYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3MDYxOWVmLTk5ZjctNDZlYi1hODk4LTVlNDM5ZjhiNDk2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDChjANBgkqhkiG9w0BAQsFAAOCAQEAXd9wSixHVhOOFNKRkko7/X1cNR4H
1aYQv1g41UCGpKbE8UGg2qsglQBrvUxjW5bRyYj165khBt+9Rsnm27ZLDQAV/H0n
BPMk1ZJhwgPe4gV8bsUqcVlwX3tXpeAc2gRRCHo1XnbU1YwB+2XxL7CUY/tlXR88
n8P3cVloq1mT+pvbbYL0/MjQ/AguocyHQuNExc7ILwKMh30CIuKCCtnT1l5XF+mS
1PLlGKOuYDtwD4cRQ9sW3DngrknCp4len0OUvpbDHAUV9LB6afHhSyuSJeizNL2k
wnrtkY9woVgDB9u01WnZusMw5d4q6faYDs+6nGjL613DGLp8g1v91L6y0A==
-----END CERTIFICATE-----