Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f15ca992-c3bc-475b-b0e3-d4bcb678df5f.roa
File:                     f15ca992-c3bc-475b-b0e3-d4bcb678df5f.roa (raw, json)
Hash identifier:          Y0dfg6R/KvnPp7VHVrKS1In8xPZXo4aI1yJ7ZFXep0A=
Subject key identifier:   2B:CD:54:8E:70:8F:FF:14:FA:1D:67:D3:17:AF:82:04:7B:76:96:FA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4FE4495BD1DFB0ECEB35A1684F0146FE896EC183
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f15ca992-c3bc-475b-b0e3-d4bcb678df5f.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        182.29.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:e4:49:5b:d1:df:b0:ec:eb:35:a1:68:4f:01:46:fe:89:6e:c1:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=5ce3ea3f1209d5f13c42110bc3883cb4f4f6a93f99bd62afc869db94e335122b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:40:e0:d3:6d:a7:aa:33:0a:35:de:0e:aa:78:
                    67:0e:03:c7:a3:aa:30:a1:fe:ea:58:70:5f:e4:88:
                    9c:35:6f:35:e7:1f:e4:85:3f:66:fa:7c:39:1d:1a:
                    be:d7:b2:af:5b:25:dc:50:f7:de:c1:9a:7b:7f:fb:
                    7a:d9:30:dc:d3:f8:40:cd:23:e4:2b:e2:c4:d7:92:
                    68:6a:0e:30:26:e9:d5:f3:db:8a:1f:f6:6e:93:73:
                    84:fd:58:7c:af:62:68:15:e2:a0:8f:b6:b8:cd:cb:
                    ab:8e:ad:fe:21:98:ed:a9:12:f8:6c:89:8f:09:40:
                    ec:af:2a:d7:72:d7:57:2c:ea:45:a5:35:bb:34:58:
                    c3:96:5d:74:bb:10:3d:45:39:e5:3a:2f:05:8e:4d:
                    d3:b6:45:9d:53:4c:d8:36:c3:a3:e5:13:68:af:a7:
                    3f:ff:0e:61:2e:5f:cd:d4:72:a7:19:de:ba:30:91:
                    22:02:71:59:e2:03:ca:d0:d7:26:45:9a:47:38:dd:
                    93:7b:fc:7a:54:9c:38:d9:57:94:af:04:eb:12:3c:
                    31:af:73:98:62:0d:c6:5f:12:d0:4f:e8:3f:d8:a4:
                    c7:bf:c6:fe:dd:c5:38:d9:e7:a6:c1:db:7d:e5:b7:
                    58:96:db:ad:aa:17:44:e0:d2:45:04:a1:d8:0c:7b:
                    65:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:CD:54:8E:70:8F:FF:14:FA:1D:67:D3:17:AF:82:04:7B:76:96:FA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f15ca992-c3bc-475b-b0e3-d4bcb678df5f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.29.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         16:20:00:dc:15:6e:ff:fb:a3:67:5c:01:3b:09:3d:d5:e6:a2:
         14:62:a1:f7:41:dd:bb:43:78:ac:91:0c:54:db:8d:7b:1e:fe:
         d6:81:79:78:a1:60:05:76:58:c2:fa:8a:ae:1a:65:fc:bb:36:
         86:6f:71:05:e1:7f:f1:0d:9f:f1:39:85:6f:da:19:df:31:d0:
         26:60:4f:31:3a:26:f2:0c:7a:c4:49:bf:51:a5:db:14:78:d6:
         c5:a3:96:4d:f4:e8:3a:f6:8e:2b:52:cd:a8:76:45:22:57:91:
         b6:5e:a3:5f:cd:0f:6c:70:c6:56:b5:b0:58:2a:96:2e:ca:1c:
         8a:fc:f2:e4:60:f6:3a:c5:59:d4:06:e3:38:b4:62:67:03:85:
         b6:17:66:c1:2d:4e:57:81:a2:1f:91:8e:3d:8f:e8:31:fc:f7:
         22:49:1e:4b:7c:61:df:f7:e4:49:a9:f4:1c:a2:20:1c:93:60:
         2e:8a:dd:31:0c:6c:9a:0c:ae:08:bc:f3:3a:c7:4b:eb:96:07:
         80:84:84:0a:e6:e1:03:d6:57:d9:69:b9:5d:6b:f0:ea:51:59:
         ef:ae:ef:02:9e:51:53:5f:0f:2b:9d:1a:e1:2d:89:6d:76:ba:
         a1:0d:13:07:14:47:1b:67:2a:e6:4c:be:f3:3c:f8:0f:a3:66:
         c7:7c:04:e6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUT+RJW9HfsOzrNaFoTwFG/oluwYMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1Y2UzZWEzZjEyMDlkNWYxM2M0MjExMGJjMzg4M2NiNGY0
ZjZhOTNmOTliZDYyYWZjODY5ZGI5NGUzMzUxMjJiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBQODTbaeqMwo13g6qeGcOA8ejqjCh/upYcF/kiJw1bzXn
H+SFP2b6fDkdGr7Xsq9bJdxQ997Bmnt/+3rZMNzT+EDNI+Qr4sTXkmhqDjAm6dXz
24of9m6Tc4T9WHyvYmgV4qCPtrjNy6uOrf4hmO2pEvhsiY8JQOyvKtdy11cs6kWl
Nbs0WMOWXXS7ED1FOeU6LwWOTdO2RZ1TTNg2w6PlE2ivpz//DmEuX83UcqcZ3row
kSICcVniA8rQ1yZFmkc43ZN7/HpUnDjZV5SvBOsSPDGvc5hiDcZfEtBP6D/YpMe/
xv7dxTjZ56bB233lt1iW262qF0Tg0kUEodgMe2W9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUK81UjnCP/xT6HWfTF6+CBHt2lvowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YxNWNhOTkyLWMzYmMtNDc1Yi1iMGUzLWQ0YmNiNjc4ZGY1Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwC2HTANBgkqhkiG9w0BAQsFAAOCAQEAFiAA3BVu//ujZ1wBOwk91eaiFGKh
90Hdu0N4rJEMVNuNex7+1oF5eKFgBXZYwvqKrhpl/Ls2hm9xBeF/8Q2f8TmFb9oZ
3zHQJmBPMTom8gx6xEm/UaXbFHjWxaOWTfToOvaOK1LNqHZFIleRtl6jX80PbHDG
VrWwWCqWLsocivzy5GD2OsVZ1AbjOLRiZwOFthdmwS1OV4GiH5GOPY/oMfz3Ikke
S3xh3/fkSan0HKIgHJNgLordMQxsmgyuCLzzOsdL65YHgISECubhA9ZX2Wm5XWvw
6lFZ767vAp5RU18PK50a4S2JbXa6oQ0TBxRHG2cq5ky+8zz4D6Nmx3wE5g==
-----END CERTIFICATE-----