Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/c853646f-32bf-4a51-b5ec-4bb1e520c0a5.roa
File:                     c853646f-32bf-4a51-b5ec-4bb1e520c0a5.roa (raw, json)
Hash identifier:          4n4m9R5qSQvgrA48f0SvAyHKR4+LiuRnoZnDaEMjnXc=
Subject key identifier:   A0:82:8B:28:9D:29:0F:11:91:28:50:B7:0D:75:F2:42:FC:89:D6:DF
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       4F46E4D2C5519DAB4C608AF5DC35AF2FADF0A69C
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/c853646f-32bf-4a51-b5ec-4bb1e520c0a5.roa
Signing time:             Mon 25 Nov 2024 00:00:00 +0000
ROA not before:           Mon 25 Nov 2024 00:00:00 +0000
ROA not after:            Mon 30 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:520f::/48 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:46:e4:d2:c5:51:9d:ab:4c:60:8a:f5:dc:35:af:2f:ad:f0:a6:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Nov 25 00:00:00 2024 GMT
            Not After : Dec 30 23:59:59 2024 GMT
        Subject: CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:50:d1:1f:ca:64:5c:56:ae:14:f9:c4:5a:36:
                    19:c8:46:cc:e6:bf:c5:b2:80:a2:e7:c1:fa:bc:fb:
                    fd:3e:66:ce:22:0a:e5:4c:94:89:8d:b4:29:b1:03:
                    9f:76:f7:e3:a6:d8:7f:32:ec:8a:00:64:8e:cd:3f:
                    ea:ce:f4:74:40:54:6c:45:5c:a4:c2:19:26:99:fa:
                    fe:bd:69:a3:51:c0:16:b7:05:a8:71:89:62:5f:6b:
                    f5:98:e1:dc:de:25:87:6d:12:36:fd:6d:bb:a1:16:
                    95:3c:21:9b:1d:87:78:95:49:1a:67:c4:28:59:4e:
                    f1:04:a2:6b:99:c0:16:82:3e:52:07:56:a1:f2:ba:
                    07:30:ac:c5:d5:ec:94:46:d9:bf:18:86:77:bb:36:
                    ba:81:28:eb:2d:95:f2:d2:c3:21:73:10:56:07:59:
                    0e:a5:1e:3c:91:fd:00:86:9a:2b:7d:bc:08:46:70:
                    2e:47:39:9d:b3:59:77:fa:62:32:c8:07:a5:f8:c7:
                    b9:86:08:a0:32:81:ae:f6:01:be:67:60:45:4b:06:
                    e9:66:11:b6:e2:39:b8:3d:37:bf:95:6a:86:1e:42:
                    75:3c:16:68:72:df:19:f1:b0:80:f4:14:13:b7:c4:
                    e5:49:77:e9:f9:1c:3d:00:0d:a3:08:97:1d:d1:b4:
                    f0:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:82:8B:28:9D:29:0F:11:91:28:50:B7:0D:75:F2:42:FC:89:D6:DF
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/c853646f-32bf-4a51-b5ec-4bb1e520c0a5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:520f::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:d5:20:d2:6c:39:25:68:ce:5f:05:e8:3b:9e:1e:55:d3:c5:
         9b:0b:91:75:5d:7d:7d:c1:b2:6d:4c:70:af:a6:58:a7:87:a8:
         57:f5:f0:49:77:a0:9e:a5:76:42:f3:19:14:88:9a:fd:56:14:
         d5:99:12:e7:6b:72:f9:74:db:b4:0e:73:d1:ec:74:bc:2d:61:
         0f:6e:ce:59:7e:b3:c5:d1:09:fc:37:48:b4:a6:97:ac:91:63:
         89:1c:f8:7f:87:45:3e:09:0f:d5:26:7c:d4:31:2f:75:e4:3f:
         35:6f:d7:cd:11:73:ef:4b:06:14:7a:ad:c9:2e:41:35:67:ff:
         49:78:2e:6b:23:92:6b:de:5e:0f:31:0c:af:d3:6f:30:37:1d:
         25:d4:5e:53:c8:06:61:2d:de:ab:7e:7b:b0:94:57:db:3b:a4:
         af:35:89:8e:65:a2:21:b8:22:e3:c6:34:86:e3:4a:d8:f2:96:
         e7:bc:b6:58:6a:27:48:2a:3d:76:e4:17:dd:8b:dd:c0:88:e5:
         d3:5e:0f:16:9d:b3:4f:43:60:9f:c4:da:3b:66:75:e6:1e:2c:
         fa:c7:b3:89:94:7e:b0:49:cf:75:3c:da:a1:06:62:74:a8:27:
         8f:aa:af:1d:31:30:3b:e4:db:83:03:fc:17:03:2b:a3:0f:14:
         44:7d:95:43
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUT0bk0sVRnatMYIr13DWvL63wppwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjQxMTI1MDAwMDAwWhcNMjQxMjMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYjBmNGNhOWZiYzYzN2Q5NWRjNzgyMzI3NzY3MTBkNmYz
NWUyZTdhMDgxMmMyOGQwN2Q2ZjRlMmFiY2JhZmMxMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxUNEfymRcVq4U+cRaNhnIRszmv8WygKLnwfq8+/0+Zs4i
CuVMlImNtCmxA5929+Om2H8y7IoAZI7NP+rO9HRAVGxFXKTCGSaZ+v69aaNRwBa3
BahxiWJfa/WY4dzeJYdtEjb9bbuhFpU8IZsdh3iVSRpnxChZTvEEomuZwBaCPlIH
VqHyugcwrMXV7JRG2b8Yhne7NrqBKOstlfLSwyFzEFYHWQ6lHjyR/QCGmit9vAhG
cC5HOZ2zWXf6YjLIB6X4x7mGCKAyga72Ab5nYEVLBulmEbbiObg9N7+VaoYeQnU8
Fmhy3xnxsID0FBO3xOVJd+n5HD0ADaMIlx3RtPALAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUoIKLKJ0pDxGRKFC3DXXyQvyJ1t8wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2M4NTM2NDZmLTMyYmYtNGE1MS1iNWVjLTRiYjFlNTIwYzBhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAUg8wDQYJKoZIhvcNAQELBQADggEBABTVINJsOSVozl8F6DueHlXT
xZsLkXVdfX3Bsm1McK+mWKeHqFf18El3oJ6ldkLzGRSImv1WFNWZEudrcvl027QO
c9HsdLwtYQ9uzll+s8XRCfw3SLSml6yRY4kc+H+HRT4JD9UmfNQxL3XkPzVv180R
c+9LBhR6rckuQTVn/0l4LmsjkmveXg8xDK/TbzA3HSXUXlPIBmEt3qt+e7CUV9s7
pK81iY5loiG4IuPGNIbjStjylue8tlhqJ0gqPXbkF92L3cCI5dNeDxads09DYJ/E
2jtmdeYeLPrHs4mUfrBJz3U82qEGYnSoJ4+qrx0xMDvk24MD/BcDK6MPFER9lUM=
-----END CERTIFICATE-----