Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/b9ee931e-fb76-4c4b-b142-cc81cdbb1ee4.roa
File:                     b9ee931e-fb76-4c4b-b142-cc81cdbb1ee4.roa (raw, json)
Hash identifier:          0NynkGDpA/u8+hTUUPy7rs8SIkUoVuq6YHRNaHr6JQQ=
Subject key identifier:   05:6A:4A:B1:D6:90:2B:53:9F:35:44:1C:72:2A:52:0E:A9:A4:C5:DD
Certificate issuer:       /CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
Certificate serial:       285FB54BEC0BD076ADA575C36D0D770339A1AC17
Authority key identifier: FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/b9ee931e-fb76-4c4b-b142-cc81cdbb1ee4.roa
Signing time:             Mon 09 Dec 2024 00:00:00 +0000
ROA not before:           Mon 09 Dec 2024 00:00:00 +0000
ROA not after:            Mon 13 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        184.169.128.0/17 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:5f:b5:4b:ec:0b:d0:76:ad:a5:75:c3:6d:0d:77:03:39:a1:ac:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
        Validity
            Not Before: Dec  9 00:00:00 2024 GMT
            Not After : Jan 13 23:59:59 2025 GMT
        Subject: CN=71c3876e-b944-4600-92c7-cec33d89523f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:d3:62:d1:d2:51:4b:98:4c:93:55:c8:1c:d6:
                    67:ab:59:52:2e:e5:7e:aa:52:a1:7c:87:53:6d:a0:
                    01:27:a2:00:1c:83:07:0f:2e:74:f9:a2:74:38:42:
                    13:45:f2:d9:c8:e1:b7:34:0f:d1:45:da:6e:4c:df:
                    7f:bf:d6:26:29:58:28:20:8c:7e:19:64:e5:ca:f0:
                    21:21:c1:83:9d:4e:69:66:91:5d:7b:9f:4d:32:d0:
                    89:74:b5:3b:4f:68:07:6f:0c:1c:71:95:79:cc:1d:
                    b9:10:de:fd:cb:db:39:c6:8d:3d:28:74:e9:75:55:
                    de:2b:b9:bb:ef:84:45:1a:3c:68:88:9d:65:6d:d1:
                    e8:66:ec:cd:60:57:12:be:a8:ce:50:11:0b:72:9e:
                    44:94:2b:0c:c4:18:9b:00:ba:9f:2a:8b:2f:6c:c7:
                    e6:0d:6d:c5:d4:6e:e7:98:0a:ce:ea:83:b7:98:26:
                    c2:2e:6c:89:da:2d:89:21:70:a0:dc:6a:95:2b:91:
                    30:f4:92:c5:58:a8:5e:b7:00:a7:90:3b:ea:65:1f:
                    4f:c6:b7:76:50:f7:d7:11:91:a1:72:54:31:db:30:
                    cf:9e:b3:2a:77:c5:5f:37:c3:73:91:27:fd:f5:b5:
                    86:64:88:70:94:1a:f8:6c:73:88:d1:5e:26:69:60:
                    55:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:6A:4A:B1:D6:90:2B:53:9F:35:44:1C:72:2A:52:0E:A9:A4:C5:DD
            X509v3 Authority Key Identifier:
                keyid:FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/b9ee931e-fb76-4c4b-b142-cc81cdbb1ee4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.169.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         02:c1:ff:2e:c3:fe:f6:ca:53:ed:28:19:9f:57:17:a0:ad:06:
         c0:0a:d3:7f:6e:11:09:f8:0f:bd:d9:32:36:4b:d7:fd:21:03:
         1a:1b:66:f8:43:b8:60:2a:5f:c3:f6:20:67:b9:1d:b2:e1:bf:
         66:fe:e4:67:8f:c1:2e:3c:52:9e:d9:ce:b2:9d:f0:80:fb:12:
         d3:37:ab:67:5c:cd:25:2a:e3:01:a4:09:4f:26:f5:38:d8:55:
         30:c0:18:63:25:df:a2:51:43:09:93:ff:4a:e5:0d:28:87:60:
         d5:c1:9d:6e:dc:08:41:43:28:72:ce:74:6e:99:0f:1a:c0:2c:
         77:ea:98:8a:13:67:33:7a:71:77:85:61:cb:ee:7d:1c:78:26:
         2b:45:d3:2c:99:92:de:27:ee:7b:99:52:48:a8:35:50:80:b0:
         22:a9:18:4a:f3:ef:a6:68:41:52:99:db:c0:39:d2:94:49:47:
         c3:be:34:7e:6b:6e:28:bd:1a:2d:a6:f9:a7:9d:69:f5:8e:f3:
         48:7e:00:b4:e7:c7:2a:93:04:2e:79:6d:fa:13:9d:f3:ef:9a:
         62:72:f8:66:8e:34:ab:04:b7:cb:57:91:07:f2:d1:af:60:64:
         a4:60:3d:7b:d3:ea:56:b6:17:c5:9c:d3:fe:71:30:ed:d6:76:
         40:63:54:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKF+1S+wL0HatpXXDbQ13AzmhrBcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNWQ4MDM4MDVlMjE4MjNjOTMxOTg3ZTljOWMzN2YwNDAy
MGFhYmFiZjliNGRmZjliNjQwHhcNMjQxMjA5MDAwMDAwWhcNMjUwMTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYzFhZWJlMTZlZmZkZjc5ODViMTdkNjdjZWZjZDk1MzVj
Y2VhNDI3N2FlMGI0MDJhYTUzYzY3ZDA0ODg5YWIxMS0wKwYDVQQDEyQ3MWMzODc2
ZS1iOTQ0LTQ2MDAtOTJjNy1jZWMzM2Q4OTUyM2YwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDt02LR0lFLmEyTVcgc1merWVIu5X6qUqF8h1NtoAEnogAc
gwcPLnT5onQ4QhNF8tnI4bc0D9FF2m5M33+/1iYpWCggjH4ZZOXK8CEhwYOdTmlm
kV17n00y0Il0tTtPaAdvDBxxlXnMHbkQ3v3L2znGjT0odOl1Vd4rubvvhEUaPGiI
nWVt0ehm7M1gVxK+qM5QEQtynkSUKwzEGJsAup8qiy9sx+YNbcXUbueYCs7qg7eY
JsIubInaLYkhcKDcapUrkTD0ksVYqF63AKeQO+plH0/Gt3ZQ99cRkaFyVDHbMM+e
syp3xV83w3ORJ/31tYZkiHCUGvhsc4jRXiZpYFVvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBWpKsdaQK1OfNUQccipSDqmkxd0wHwYDVR0jBBgwFoAU/iLg9yLMTwYM
WFoSb+aiZQA2XkgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80MmIyOTkxZi0y
MmM3LTQyZjctOGNmNS00ZjMxMzg4NTk3MzIvNWQ4MDM4MDVlMjE4MjNjOTMxOTg3
ZTljOWMzN2YwNDAyMGFhYmFiZjliNGRmZjliNjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYTg0MTgyM2MtYTEwZC00NzdjLWJmZGYtNDA4
NmYwYjE1OTRjL2I5ZWU5MzFlLWZiNzYtNGM0Yi1iMTQyLWNjODFjZGJiMWVlNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2E4NDE4MjNjLWExMGQtNDc3Yy1iZmRm
LTQwODZmMGIxNTk0Yy9HQ1BKTVpoLW5KdzM4RUFncXJxX20wM19tMlEuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAe4qYAwDQYJKoZIhvcNAQELBQADggEBAALB/y7D/vbKU+0oGZ9XF6CtBsAK
039uEQn4D73ZMjZL1/0hAxobZvhDuGAqX8P2IGe5HbLhv2b+5GePwS48Up7ZzrKd
8ID7EtM3q2dczSUq4wGkCU8m9TjYVTDAGGMl36JRQwmT/0rlDSiHYNXBnW7cCEFD
KHLOdG6ZDxrALHfqmIoTZzN6cXeFYcvufRx4JitF0yyZkt4n7nuZUkioNVCAsCKp
GErz76ZoQVKZ28A50pRJR8O+NH5rbii9Gi2m+aedafWO80h+ALTnxyqTBC55bfoT
nfPvmmJy+GaONKsEt8tXkQfy0a9gZKRgPXvT6la2F8Wc0/5xMO3WdkBjVBM=
-----END CERTIFICATE-----