Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15c07b66-1c51-4d33-b49f-96ae1eb97ffc.roa
File:                     15c07b66-1c51-4d33-b49f-96ae1eb97ffc.roa (raw, json)
Hash identifier:          a9xtZ+Vu2KXzuMUW8JS9sYuYIxiG6LgOdccpndmyVnQ=
Subject key identifier:   E3:E4:CE:8C:70:0A:2E:B9:6D:04:21:A7:D1:5F:60:F2:F3:CF:A0:3F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       65F5D6B337FE2D76EB2706025385E8CEF4B57359
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15c07b66-1c51-4d33-b49f-96ae1eb97ffc.roa
Signing time:             Mon 23 Dec 2024 00:00:00 +0000
ROA not before:           Mon 23 Dec 2024 00:00:00 +0000
ROA not after:            Mon 27 Jan 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        182.24.0.0/14 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:f5:d6:b3:37:fe:2d:76:eb:27:06:02:53:85:e8:ce:f4:b5:73:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 23 00:00:00 2024 GMT
            Not After : Jan 27 23:59:59 2025 GMT
        Subject: serialNumber=2a23ec89ffe9d7d0a9bd0f1586fe6fb0d964070a22a5c09c0a8c816376e78088, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a3:f0:41:d5:9c:77:32:a4:cb:1d:97:f6:d4:
                    ef:27:ce:85:db:41:1b:c4:83:da:bd:c0:9f:ae:30:
                    99:b7:04:dd:07:93:61:7f:4e:ff:00:2e:5c:a5:45:
                    b2:96:1f:1f:ae:7c:80:41:cc:88:7a:3d:8c:2f:ef:
                    c8:02:ab:bd:3a:26:b9:6e:03:87:bf:19:e1:dc:fd:
                    0c:09:54:cc:c2:51:66:35:37:db:09:59:d3:cb:62:
                    9c:df:33:95:bb:3c:36:71:71:2b:80:6e:46:24:dd:
                    e5:20:5e:67:4d:32:3c:be:02:12:c9:20:6c:59:42:
                    63:46:4b:50:ee:a2:90:11:87:8f:3d:cc:46:e9:49:
                    db:01:6f:c5:55:0c:67:04:7a:4b:20:4e:24:cf:6b:
                    b9:22:68:ee:78:5b:cf:a9:22:bf:a7:fc:85:20:70:
                    f9:6c:bc:9e:38:11:ec:ea:63:f2:9c:9a:4d:14:fd:
                    4f:67:63:c8:ce:ee:e5:66:fb:1d:a3:32:1b:30:e5:
                    34:20:3e:43:8d:4b:e1:18:f7:3f:36:f4:37:e4:34:
                    9c:e4:c5:c9:03:dc:01:04:c0:9d:fd:20:bb:14:02:
                    c2:29:c1:a5:ba:f7:40:4e:e8:18:b1:e3:cc:5e:98:
                    f6:27:b8:8a:e6:01:cb:a3:74:9b:e2:76:30:0f:65:
                    22:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:E4:CE:8C:70:0A:2E:B9:6D:04:21:A7:D1:5F:60:F2:F3:CF:A0:3F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15c07b66-1c51-4d33-b49f-96ae1eb97ffc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.24.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         03:1d:6e:3f:c9:c8:d9:c8:14:ac:79:b8:6c:f4:63:a4:bd:4e:
         12:b5:1b:63:f1:ee:34:55:69:8a:af:37:2b:b3:0d:cd:af:33:
         27:95:82:1f:bf:1f:0d:9f:be:04:24:e0:f1:ae:6f:c8:31:1e:
         16:dd:1c:cc:d2:74:f4:0b:26:cd:d0:86:8d:81:b7:45:4a:8e:
         17:22:6a:df:4e:a9:a3:5d:67:53:68:97:06:8c:0f:9b:84:75:
         ae:40:7d:1d:6b:82:34:6d:4d:cd:ab:0e:7a:80:90:88:d7:28:
         86:57:c2:96:79:1e:77:87:8c:d7:64:be:51:c6:77:27:6c:b6:
         16:fb:dc:8a:57:23:11:af:69:25:67:b6:75:98:b4:d6:11:5c:
         6f:de:07:7a:57:53:ae:f9:21:31:63:02:fb:a8:74:71:3c:00:
         de:ac:68:9e:c4:30:85:f7:ec:74:39:4d:38:cc:4f:2d:72:d3:
         37:2f:eb:4e:dd:5b:77:16:e7:40:15:97:e7:f5:24:b7:ff:54:
         fb:14:7e:b1:35:fb:ee:14:73:9b:68:0c:fa:d6:fa:69:fe:1e:
         e2:b3:11:8a:71:c6:35:d6:b0:82:a1:7a:1f:4e:0c:2b:36:1e:
         1a:5b:73:83:cb:b4:19:83:71:c6:8a:53:25:b1:29:82:23:42:
         bc:f2:04:24
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZfXWszf+LXbrJwYCU4XozvS1c1kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjIzMDAwMDAwWhcNMjUwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYTIzZWM4OWZmZTlkN2QwYTliZDBmMTU4NmZlNmZiMGQ5
NjQwNzBhMjJhNWMwOWMwYThjODE2Mzc2ZTc4MDg4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdo/BB1Zx3MqTLHZf21O8nzoXbQRvEg9q9wJ+uMJm3BN0H
k2F/Tv8ALlylRbKWHx+ufIBBzIh6PYwv78gCq706JrluA4e/GeHc/QwJVMzCUWY1
N9sJWdPLYpzfM5W7PDZxcSuAbkYk3eUgXmdNMjy+AhLJIGxZQmNGS1DuopARh489
zEbpSdsBb8VVDGcEeksgTiTPa7kiaO54W8+pIr+n/IUgcPlsvJ44EezqY/Kcmk0U
/U9nY8jO7uVm+x2jMhsw5TQgPkONS+EY9z829DfkNJzkxckD3AEEwJ39ILsUAsIp
waW690BO6Bix48xemPYnuIrmAcujdJvidjAPZSK5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4+TOjHAKLrltBCGn0V9g8vPPoD8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1YzA3YjY2LTFjNTEtNGQzMy1iNDlmLTk2YWUxZWI5N2ZmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwK2GDANBgkqhkiG9w0BAQsFAAOCAQEAAx1uP8nI2cgUrHm4bPRjpL1OErUb
Y/HuNFVpiq83K7MNza8zJ5WCH78fDZ++BCTg8a5vyDEeFt0czNJ09AsmzdCGjYG3
RUqOFyJq306po11nU2iXBowPm4R1rkB9HWuCNG1NzasOeoCQiNcohlfClnked4eM
12S+UcZ3J2y2FvvcilcjEa9pJWe2dZi01hFcb94HeldTrvkhMWMC+6h0cTwA3qxo
nsQwhffsdDlNOMxPLXLTNy/rTt1bdxbnQBWX5/Ukt/9U+xR+sTX77hRzm2gM+tb6
af4e4rMRinHGNdawgqF6H04MKzYeGltzg8u0GYNxxopTJbEpgiNCvPIEJA==
-----END CERTIFICATE-----