Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c9c4fca9-cb74-4c47-9727-dab8239ebe5c.roa
File:                     c9c4fca9-cb74-4c47-9727-dab8239ebe5c.roa (raw, json)
Hash identifier:          //LWhqUkNKBMrKnIb/S1XKbtNhoikiQxn2DdIhs5uV0=
Subject key identifier:   E0:10:10:4C:CA:D1:D5:CC:17:17:7C:07:64:AC:95:AD:07:35:82:49
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4A78A3830F0C3558A777F326259628B2E270B300
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c9c4fca9-cb74-4c47-9727-dab8239ebe5c.roa
Signing time:             Mon 16 Dec 2024 00:00:00 +0000
ROA not before:           Mon 16 Dec 2024 00:00:00 +0000
ROA not after:            Mon 20 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        150.222.92.0/22 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:78:a3:83:0f:0c:35:58:a7:77:f3:26:25:96:28:b2:e2:70:b3:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 16 00:00:00 2024 GMT
            Not After : Jan 20 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a4:dd:15:4d:a7:dc:e9:7e:39:34:8c:11:f8:
                    2a:83:34:19:ad:3d:1c:cb:20:ce:7b:27:68:75:73:
                    7a:db:7f:25:47:a3:e9:41:aa:0c:92:b0:8f:27:f9:
                    cc:d0:60:9f:68:d8:b3:13:9d:04:6e:0e:51:53:1c:
                    08:6a:aa:37:27:a4:b2:70:96:d0:3b:58:fe:cf:42:
                    1f:b2:c3:07:1c:fd:3c:61:82:46:c0:e6:79:05:9d:
                    ad:13:6f:c1:8f:98:7c:a2:15:ac:98:92:40:7e:7a:
                    79:5d:0c:bb:f9:63:01:55:82:c4:5c:3b:1f:8c:3b:
                    18:bf:95:8b:9c:81:9b:d2:b5:35:6b:20:e2:e8:7f:
                    58:d3:d8:9f:c8:64:74:26:fc:a8:30:d2:f9:2b:64:
                    cc:59:ec:45:67:ca:3b:29:cb:be:66:0b:05:f7:6b:
                    31:8a:25:49:81:73:33:be:64:a4:07:a8:a7:b5:84:
                    b6:74:06:e4:d4:37:8a:32:7e:4e:2e:d9:cb:e1:e3:
                    c3:82:48:98:8b:9e:01:b7:e3:7a:f5:40:26:10:67:
                    aa:e9:23:bf:14:ea:2f:0a:ba:b7:d6:0c:97:45:07:
                    71:c9:ce:72:8c:12:0c:41:8e:c6:24:11:51:7a:20:
                    ea:c8:fc:ea:1e:9a:c6:d5:f7:e8:33:1d:c9:39:c8:
                    57:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:10:10:4C:CA:D1:D5:CC:17:17:7C:07:64:AC:95:AD:07:35:82:49
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c9c4fca9-cb74-4c47-9727-dab8239ebe5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.222.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:da:01:21:9a:ab:ab:90:b0:e3:36:fe:b9:6e:e1:39:40:78:
         06:d7:d6:12:c4:ef:58:c2:1e:0d:48:61:64:41:ed:cd:ae:ff:
         f2:97:24:ef:03:56:11:8f:be:80:d8:d5:a9:74:61:0e:db:04:
         06:a5:b4:46:ec:2d:19:d1:77:be:17:9c:97:d8:54:6f:24:4d:
         59:ef:70:ab:db:da:49:37:73:4d:64:86:e1:b8:e1:40:90:72:
         49:11:2b:80:91:91:a2:56:04:71:da:ae:17:9f:9d:c1:52:5f:
         b2:cd:b9:db:f5:f5:09:64:fd:e1:41:f9:16:b9:43:50:9a:51:
         0f:06:c6:ef:7f:d3:d7:6a:0a:17:2f:7a:0e:4e:e8:1c:a7:5f:
         91:01:c0:38:e4:93:49:1b:2d:4f:b7:c5:23:eb:ef:c2:3c:c9:
         3f:b4:68:43:36:e9:72:e2:be:52:d6:e9:5c:ce:11:2b:6d:86:
         71:8f:2d:04:5e:15:86:24:a5:74:92:10:2d:a8:38:ae:db:4c:
         fe:9e:f0:b3:31:b2:fc:2e:8f:a8:72:42:a4:ef:17:ef:f5:9d:
         41:2a:03:df:0e:d8:a0:a2:75:be:18:26:2a:22:34:44:48:fc:
         fe:2d:ce:c2:e8:62:33:85:c3:0f:29:d0:2d:26:3c:ca:7c:cc:
         5a:26:ee:18
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSnijgw8MNVind/MmJZYosuJwswAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQxMjE2MDAwMDAwWhcNMjUwMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YzBjZGU5ZTUwMjVhMjk0NTQ5NWJmODIyZDM1NzFiMGY3
YTEzZWVlMGUxODIwMmYzMDVlZWNhMGE0MGZiODMzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQpN0VTafc6X45NIwR+CqDNBmtPRzLIM57J2h1c3rbfyVH
o+lBqgySsI8n+czQYJ9o2LMTnQRuDlFTHAhqqjcnpLJwltA7WP7PQh+ywwcc/Txh
gkbA5nkFna0Tb8GPmHyiFayYkkB+enldDLv5YwFVgsRcOx+MOxi/lYucgZvStTVr
IOLof1jT2J/IZHQm/Kgw0vkrZMxZ7EVnyjspy75mCwX3azGKJUmBczO+ZKQHqKe1
hLZ0BuTUN4oyfk4u2cvh48OCSJiLngG343r1QCYQZ6rpI78U6i8KurfWDJdFB3HJ
znKMEgxBjsYkEVF6IOrI/OoemsbV9+gzHck5yFerAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4BAQTMrR1cwXF3wHZKyVrQc1gkkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2M5YzRmY2E5LWNiNzQtNGM0Ny05NzI3LWRhYjgyMzllYmU1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKW3lwwDQYJKoZIhvcNAQELBQADggEBACjaASGaq6uQsOM2/rlu4TlAeAbX
1hLE71jCHg1IYWRB7c2u//KXJO8DVhGPvoDY1al0YQ7bBAaltEbsLRnRd74XnJfY
VG8kTVnvcKvb2kk3c01khuG44UCQckkRK4CRkaJWBHHarhefncFSX7LNudv19Qlk
/eFB+Ra5Q1CaUQ8Gxu9/09dqChcveg5O6BynX5EBwDjkk0kbLU+3xSPr78I8yT+0
aEM26XLivlLW6VzOEStthnGPLQReFYYkpXSSEC2oOK7bTP6e8LMxsvwuj6hyQqTv
F+/1nUEqA98O2KCidb4YJioiNERI/P4tzsLoYjOFww8p0C0mPMp8zFom7hg=
-----END CERTIFICATE-----