Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb090552-15dc-47c5-8d0b-44ea9767779d.roa
File:                     cb090552-15dc-47c5-8d0b-44ea9767779d.roa (raw, json)
Hash identifier:          oGC6VxsBnukg1Jz5yr2A5yIQSSDHAxtHBbNHiWjVJEM=
Subject key identifier:   EB:11:9A:66:FA:FC:E8:C8:0F:59:A3:CB:BB:E7:DC:49:9D:B0:3D:15
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6ADCB13ACE0122C4061131C13BB80CBBE11993A0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb090552-15dc-47c5-8d0b-44ea9767779d.roa
Signing time:             Fri 10 Jan 2025 00:00:00 +0000
ROA not before:           Fri 10 Jan 2025 00:00:00 +0000
ROA not after:            Fri 14 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.25.67.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:dc:b1:3a:ce:01:22:c4:06:11:31:c1:3b:b8:0c:bb:e1:19:93:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 10 00:00:00 2025 GMT
            Not After : Feb 14 23:59:59 2025 GMT
        Subject: serialNumber=33af3e841ff70c6aa243e5f92a90f0c1724e07934f012add71b1c7ed8d227aa5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ae:00:59:e5:8b:02:07:7d:fc:4a:62:df:03:
                    e1:ab:c3:d7:4e:fa:c2:58:1a:cc:8d:af:4e:07:b6:
                    c9:7c:cb:b5:fa:09:c3:f0:a7:b3:0f:60:07:1b:b9:
                    ab:0d:36:ab:e2:28:93:5d:50:84:b0:e0:16:ad:b8:
                    b7:83:65:d0:32:74:91:9e:91:14:db:7c:d7:da:e1:
                    15:82:a8:cf:42:97:9d:fd:1b:94:cd:10:c6:76:6c:
                    c9:81:12:05:c9:ac:85:4f:09:b3:43:34:e0:5c:d2:
                    d2:1e:30:41:3e:aa:5d:1c:df:1b:36:30:88:59:b9:
                    7c:ad:c8:fc:6b:84:1a:d7:58:2e:04:c8:44:63:2a:
                    8f:ed:81:78:bb:a4:cc:ac:4b:b6:e7:fd:09:97:ac:
                    de:e0:b0:29:de:17:44:3e:cf:07:28:03:91:85:22:
                    77:a3:8c:42:36:d9:be:4d:94:91:51:76:9f:1f:94:
                    ce:9e:fe:aa:55:98:21:ea:94:33:07:db:38:9a:53:
                    f8:86:d2:6a:9a:1c:ee:3c:c0:97:30:7a:b6:f3:bc:
                    3f:ce:dd:a7:36:06:91:a9:d1:f4:a6:d5:4f:d5:c4:
                    84:80:5c:22:d5:51:25:56:16:4f:81:de:8e:1f:36:
                    c5:cb:19:83:86:46:a1:3e:47:32:ce:3b:ff:44:4e:
                    7b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:11:9A:66:FA:FC:E8:C8:0F:59:A3:CB:BB:E7:DC:49:9D:B0:3D:15
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb090552-15dc-47c5-8d0b-44ea9767779d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.25.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:2f:b8:56:34:ce:82:dd:9b:a4:fa:1f:cd:d9:a4:f5:13:0a:
         97:6b:19:0a:6d:94:4a:91:f9:eb:51:84:48:2b:bb:4f:24:83:
         f3:22:9f:48:33:6f:63:1d:6e:76:b1:87:e0:18:ba:fc:88:09:
         d3:f3:a1:63:bb:eb:97:32:41:8c:53:44:4d:a3:b9:0a:e1:47:
         a6:e5:f1:f8:50:37:15:58:dc:8e:56:15:f8:34:3e:35:76:bc:
         23:56:b2:91:69:e1:d2:64:70:26:e0:d4:80:66:4d:20:6f:16:
         91:32:1d:20:29:02:ac:dc:8a:07:02:bc:ab:58:94:ec:d6:80:
         5f:59:73:45:f1:5a:d5:7f:b8:3d:d9:ed:cd:ec:bd:9c:d4:6b:
         6c:1a:b8:18:b9:6a:cf:34:67:ca:55:35:b6:14:56:bd:e7:f6:
         b6:4b:26:3c:fa:1d:24:6d:1d:35:de:2f:d7:15:d1:86:fc:0c:
         60:be:c0:8a:b2:30:7a:9a:a2:a7:b8:9c:ff:86:99:14:95:ad:
         af:7b:98:8c:52:2f:1e:07:a2:2f:ac:74:f3:47:d8:17:09:ed:
         8b:ef:b0:29:55:bd:7b:40:64:90:07:53:82:d8:e7:11:c3:80:
         ec:d1:71:63:e8:b8:b0:24:80:32:0a:f7:53:5a:c2:b5:a2:4a:
         09:f2:9c:d8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUatyxOs4BIsQGETHBO7gMu+EZk6AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEwMDAwMDAwWhcNMjUwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzM2FmM2U4NDFmZjcwYzZhYTI0M2U1ZjkyYTkwZjBjMTcy
NGUwNzkzNGYwMTJhZGQ3MWIxYzdlZDhkMjI3YWE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgrgBZ5YsCB338SmLfA+Grw9dO+sJYGsyNr04Htsl8y7X6
CcPwp7MPYAcbuasNNqviKJNdUISw4BatuLeDZdAydJGekRTbfNfa4RWCqM9Cl539
G5TNEMZ2bMmBEgXJrIVPCbNDNOBc0tIeMEE+ql0c3xs2MIhZuXytyPxrhBrXWC4E
yERjKo/tgXi7pMysS7bn/QmXrN7gsCneF0Q+zwcoA5GFInejjEI22b5NlJFRdp8f
lM6e/qpVmCHqlDMH2ziaU/iG0mqaHO48wJcwerbzvD/O3ac2BpGp0fSm1U/VxISA
XCLVUSVWFk+B3o4fNsXLGYOGRqE+RzLOO/9ETnslAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6xGaZvr86MgPWaPLu+fcSZ2wPRUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiMDkwNTUyLTE1ZGMtNDdjNS04ZDBiLTQ0ZWE5NzY3Nzc5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2GUMwDQYJKoZIhvcNAQELBQADggEBABMvuFY0zoLdm6T6H83ZpPUTCpdr
GQptlEqR+etRhEgru08kg/Min0gzb2Mdbnaxh+AYuvyICdPzoWO765cyQYxTRE2j
uQrhR6bl8fhQNxVY3I5WFfg0PjV2vCNWspFp4dJkcCbg1IBmTSBvFpEyHSApAqzc
igcCvKtYlOzWgF9Zc0XxWtV/uD3Z7c3svZzUa2wauBi5as80Z8pVNbYUVr3n9rZL
Jjz6HSRtHTXeL9cV0Yb8DGC+wIqyMHqaoqe4nP+GmRSVra97mIxSLx4Hoi+sdPNH
2BcJ7YvvsClVvXtAZJAHU4LY5xHDgOzRcWPouLAkgDIK91NawrWiSgnynNg=
-----END CERTIFICATE-----