Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6aa52e5-fe92-42c8-b7e6-b6b4305bd482.roa
File:                     e6aa52e5-fe92-42c8-b7e6-b6b4305bd482.roa (raw, json)
Hash identifier:          9yP1owLlU2ugoXPk6RAlsJ+b+4kgHeGNcoNidCsL4Ts=
Subject key identifier:   94:D8:A3:67:B6:54:A9:68:AD:3A:F3:F9:E5:11:8E:75:6E:A9:3F:4D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E649F7E52E9C92FF0E53A87065860FCADCA9114
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6aa52e5-fe92-42c8-b7e6-b6b4305bd482.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.25.67.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:64:9f:7e:52:e9:c9:2f:f0:e5:3a:87:06:58:60:fc:ad:ca:91:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=f6e359744dac5641c12ff827bb95e1247ddc08fa1aefb0b17f659166fdfe1089, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:02:ee:b1:d4:b8:83:d1:51:30:4f:39:40:e1:
                    1d:07:da:7b:3e:9d:47:61:f2:07:c9:05:c3:5a:3c:
                    96:f9:6d:82:41:6f:a4:45:a0:2f:e5:89:a3:2b:c7:
                    94:9e:33:62:8e:77:37:e9:36:e6:12:60:24:ac:f6:
                    32:73:17:01:4e:1c:11:a2:35:88:02:5d:65:c6:6a:
                    10:a5:7d:c2:3f:89:3c:c2:e4:f2:b7:f8:1a:92:40:
                    1a:1a:3b:01:3c:2c:74:0b:aa:5b:06:4e:b0:8c:4c:
                    fb:28:64:53:38:ac:69:ff:57:03:c0:af:37:22:d9:
                    35:1e:a4:f8:d1:0a:08:01:2e:e7:0e:83:02:29:67:
                    8c:47:e2:e3:6c:b7:0e:f3:6f:0f:97:2c:ed:fa:32:
                    90:3d:08:f8:5a:f0:d1:e1:0e:9f:41:70:ee:12:5b:
                    02:4e:d8:21:25:c4:30:d2:ce:76:b5:a9:3b:92:54:
                    f2:bf:e9:e1:58:35:53:39:c8:6f:1d:5f:68:4d:34:
                    78:20:b7:8b:72:7e:3a:64:48:ce:f1:c2:f5:4f:50:
                    ee:8d:e7:9d:1e:98:cb:1c:98:7c:28:8b:98:f0:12:
                    19:8a:3b:4d:34:62:c5:6c:4c:6a:b0:e9:07:ff:da:
                    0d:9b:bd:a8:23:d6:98:4b:ec:63:8b:97:27:fa:86:
                    56:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:D8:A3:67:B6:54:A9:68:AD:3A:F3:F9:E5:11:8E:75:6E:A9:3F:4D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6aa52e5-fe92-42c8-b7e6-b6b4305bd482.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.25.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:7a:fb:21:c9:18:ea:cb:1a:6c:f6:48:db:51:49:f0:ce:5a:
         a9:d9:01:48:8d:23:3c:93:a9:13:57:3d:04:19:01:c6:55:6e:
         58:22:08:77:4f:33:d2:c5:1d:cd:e8:64:09:74:dd:e3:71:0b:
         89:79:6f:f1:34:47:21:8c:de:17:bc:57:6a:3d:95:07:10:f3:
         e9:d7:0b:b0:27:ab:57:c5:98:45:7b:2a:56:90:e2:0a:73:dd:
         e4:ae:3d:9b:e0:c0:ff:8d:bd:6f:92:f8:79:f8:da:86:8b:a9:
         25:ab:51:37:f8:34:fb:94:fc:20:71:a0:63:23:28:76:f7:05:
         75:e8:dc:59:18:8e:66:71:2c:95:d1:5a:35:50:1e:02:0d:19:
         7a:12:ba:bc:42:bb:10:f6:5e:77:99:30:13:d7:f7:c1:ed:cb:
         a0:f1:b9:35:0e:4d:6b:f8:fc:e7:ff:b4:99:56:bd:20:57:57:
         c6:60:f8:33:ca:dd:f1:8d:99:d8:fd:92:87:3c:92:43:82:3a:
         d1:83:35:fc:7b:d1:10:1e:41:01:5c:71:43:d3:38:dc:08:82:
         66:b6:fa:41:4a:1f:40:16:e3:b9:69:ed:70:a5:a4:f4:bb:6b:
         b2:19:47:2a:87:f9:14:03:80:9d:49:f2:70:e4:eb:d4:bc:ac:
         8b:99:00:68
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULmSfflLpyS/w5TqHBlhg/K3KkRQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNmUzNTk3NDRkYWM1NjQxYzEyZmY4MjdiYjk1ZTEyNDdk
ZGMwOGZhMWFlZmIwYjE3ZjY1OTE2NmZkZmUxMDg5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRAu6x1LiD0VEwTzlA4R0H2ns+nUdh8gfJBcNaPJb5bYJB
b6RFoC/liaMrx5SeM2KOdzfpNuYSYCSs9jJzFwFOHBGiNYgCXWXGahClfcI/iTzC
5PK3+BqSQBoaOwE8LHQLqlsGTrCMTPsoZFM4rGn/VwPArzci2TUepPjRCggBLucO
gwIpZ4xH4uNstw7zbw+XLO36MpA9CPha8NHhDp9BcO4SWwJO2CElxDDSzna1qTuS
VPK/6eFYNVM5yG8dX2hNNHggt4tyfjpkSM7xwvVPUO6N550emMscmHwoi5jwEhmK
O000YsVsTGqw6Qf/2g2bvagj1phL7GOLlyf6hladAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlNijZ7ZUqWitOvP55RGOdW6pP00wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U2YWE1MmU1LWZlOTItNDJjOC1iN2U2LWI2YjQzMDViZDQ4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2GUMwDQYJKoZIhvcNAQELBQADggEBAC96+yHJGOrLGmz2SNtRSfDOWqnZ
AUiNIzyTqRNXPQQZAcZVblgiCHdPM9LFHc3oZAl03eNxC4l5b/E0RyGM3he8V2o9
lQcQ8+nXC7Anq1fFmEV7KlaQ4gpz3eSuPZvgwP+NvW+S+Hn42oaLqSWrUTf4NPuU
/CBxoGMjKHb3BXXo3FkYjmZxLJXRWjVQHgINGXoSurxCuxD2XneZMBPX98Hty6Dx
uTUOTWv4/Of/tJlWvSBXV8Zg+DPK3fGNmdj9koc8kkOCOtGDNfx70RAeQQFccUPT
ONwIgma2+kFKH0AW47lp7XClpPS7a7IZRyqH+RQDgJ1J8nDk69S8rIuZAGg=
-----END CERTIFICATE-----