Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa24cf99-2b7f-49fa-acfd-6cb7d41938af.roa
File:                     fa24cf99-2b7f-49fa-acfd-6cb7d41938af.roa (raw, json)
Hash identifier:          v2+abA0oJNfnLbSs89Da4xvpxQ2lORRf9rIU0n1vXls=
Subject key identifier:   44:59:2B:56:39:C8:88:E6:F4:97:6A:57:22:09:89:08:BC:A1:EC:C8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       32DF8634BAC78D22C9FF7D7F5D31135EFEA319DF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa24cf99-2b7f-49fa-acfd-6cb7d41938af.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.25.69.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:df:86:34:ba:c7:8d:22:c9:ff:7d:7f:5d:31:13:5e:fe:a3:19:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=9534b103045cb274274e2675123d64e6eaffa240c0871da30383d064a09dc1bc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:fc:3c:d9:5b:6b:9b:77:42:9e:af:e9:3f:19:
                    7e:21:2c:1f:b2:14:56:4e:52:0e:ec:d8:ab:e5:98:
                    68:7f:6b:ea:ca:fb:3b:e1:c0:b7:b1:c8:64:a4:ef:
                    60:31:fd:32:34:46:11:e9:4e:0b:d5:b6:88:c2:bc:
                    bb:e5:6e:27:f5:7e:80:15:60:d2:d2:43:c4:4a:dc:
                    6a:35:f0:3a:04:11:32:6d:49:c1:dc:b0:b2:fb:5c:
                    8f:7b:33:45:b3:06:58:cf:69:5e:80:4b:6a:c7:a3:
                    55:44:3f:a9:ff:c6:10:a5:b1:f6:6c:a2:80:8b:0d:
                    87:ae:69:65:53:85:47:35:08:f5:d5:a8:96:f2:5a:
                    63:69:b8:ab:21:12:a1:08:16:7b:72:5c:83:ea:35:
                    4b:79:84:dd:9c:76:f3:38:44:92:f4:00:b9:bd:a9:
                    53:f0:b9:d4:b9:b2:91:e3:66:89:08:b6:93:29:38:
                    f3:0e:ba:c3:2c:1b:23:66:81:85:4e:da:90:ea:8d:
                    82:35:fa:36:a2:75:ed:36:80:d9:d6:23:a3:52:65:
                    d6:08:4f:c4:c3:bc:f6:7c:32:d3:6d:44:43:b5:35:
                    b2:19:f9:7e:da:42:bf:b2:5d:93:aa:74:25:41:46:
                    e9:4b:34:f0:a7:47:08:80:e5:8b:bd:b9:e5:ae:a4:
                    71:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:59:2B:56:39:C8:88:E6:F4:97:6A:57:22:09:89:08:BC:A1:EC:C8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa24cf99-2b7f-49fa-acfd-6cb7d41938af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.25.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:ae:b8:66:7c:cf:5b:c2:76:a0:35:cf:dd:98:58:38:b6:b8:
         b9:b0:e6:ad:8e:1f:80:3c:51:5d:8b:7a:71:4f:1d:57:de:52:
         86:19:31:07:57:1e:47:19:c6:99:69:19:cb:cd:57:ee:bf:9a:
         0a:ac:b7:2f:83:c9:92:72:c6:d5:c1:05:6b:a0:ab:ce:22:42:
         fa:6b:4c:f5:49:ab:84:97:91:ef:e2:93:c2:30:9e:40:17:55:
         d6:83:e8:d9:be:00:44:a0:46:d2:9f:9c:33:60:c8:51:90:2d:
         bf:8b:fd:1c:1c:d8:bb:be:b7:ae:72:d0:92:ae:43:da:a2:f4:
         68:b2:25:34:34:5e:70:ba:9e:7a:e0:b2:7e:d9:72:d6:82:12:
         5d:62:6a:ad:86:55:dd:3e:ba:6a:74:df:51:61:37:fa:c2:1a:
         c5:6a:09:16:87:67:9e:1d:fe:a7:f9:78:9d:f7:52:8d:71:49:
         e0:82:97:ad:fd:21:09:26:b3:27:e9:d3:c5:20:bf:75:a9:6d:
         57:d5:0e:bb:33:e5:dd:b9:5d:cd:47:94:83:b7:3e:b3:18:0d:
         f5:c4:04:e1:1d:ce:50:31:1d:f4:58:a2:f9:cc:0a:42:ce:58:
         d4:b5:56:de:e2:06:c7:26:6a:df:75:eb:23:6f:6b:f5:28:11:
         63:c8:84:6e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMt+GNLrHjSLJ/31/XTETXv6jGd8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NTM0YjEwMzA0NWNiMjc0Mjc0ZTI2NzUxMjNkNjRlNmVh
ZmZhMjQwYzA4NzFkYTMwMzgzZDA2NGEwOWRjMWJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCj/DzZW2ubd0Ker+k/GX4hLB+yFFZOUg7s2KvlmGh/a+rK
+zvhwLexyGSk72Ax/TI0RhHpTgvVtojCvLvlbif1foAVYNLSQ8RK3Go18DoEETJt
ScHcsLL7XI97M0WzBljPaV6AS2rHo1VEP6n/xhClsfZsooCLDYeuaWVThUc1CPXV
qJbyWmNpuKshEqEIFntyXIPqNUt5hN2cdvM4RJL0ALm9qVPwudS5spHjZokItpMp
OPMOusMsGyNmgYVO2pDqjYI1+jaide02gNnWI6NSZdYIT8TDvPZ8MtNtREO1NbIZ
+X7aQr+yXZOqdCVBRulLNPCnRwiA5Yu9ueWupHE/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURFkrVjnIiOb0l2pXIgmJCLyh7MgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZhMjRjZjk5LTJiN2YtNDlmYS1hY2ZkLTZjYjdkNDE5MzhhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2GUUwDQYJKoZIhvcNAQELBQADggEBALeuuGZ8z1vCdqA1z92YWDi2uLmw
5q2OH4A8UV2LenFPHVfeUoYZMQdXHkcZxplpGcvNV+6/mgqsty+DyZJyxtXBBWug
q84iQvprTPVJq4SXke/ik8IwnkAXVdaD6Nm+AESgRtKfnDNgyFGQLb+L/Rwc2Lu+
t65y0JKuQ9qi9GiyJTQ0XnC6nnrgsn7ZctaCEl1iaq2GVd0+ump031FhN/rCGsVq
CRaHZ54d/qf5eJ33Uo1xSeCCl639IQkmsyfp08Ugv3WpbVfVDrsz5d25Xc1HlIO3
PrMYDfXEBOEdzlAxHfRYovnMCkLOWNS1Vt7iBscmat916yNva/UoEWPIhG4=
-----END CERTIFICATE-----