Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1d2ee9a7-c5cc-48b0-a3bc-ff5b760f7ed8.roa
File:                     1d2ee9a7-c5cc-48b0-a3bc-ff5b760f7ed8.roa (raw, json)
Hash identifier:          q6C5omsBusIJrZBHbGH/FM0jKcy0fpAmBPRKpWBiGEM=
Subject key identifier:   41:98:0F:8D:54:BD:58:2A:2F:93:4E:E8:3F:A9:41:CA:D6:E2:71:28
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D1DBDCE2CB44E8ECE2682B3880087DB6F83B779
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1d2ee9a7-c5cc-48b0-a3bc-ff5b760f7ed8.roa
Signing time:             Fri 10 Jan 2025 00:00:00 +0000
ROA not before:           Fri 10 Jan 2025 00:00:00 +0000
ROA not after:            Fri 14 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        117.18.100.0/23 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:1d:bd:ce:2c:b4:4e:8e:ce:26:82:b3:88:00:87:db:6f:83:b7:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 10 00:00:00 2025 GMT
            Not After : Feb 14 23:59:59 2025 GMT
        Subject: serialNumber=3505dbe2b707232c0ef75be5b725700a7238f883db4f8055f0409d97cdb66819, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:4b:e1:eb:62:26:a0:14:68:1d:0e:69:c6:08:
                    f7:b3:4b:b1:cf:af:d8:eb:bf:6b:cb:c2:bd:e1:43:
                    61:fa:ed:ae:34:63:6f:ac:d9:8f:33:5d:fd:0c:54:
                    a7:e2:84:fd:ff:9f:b4:69:51:65:5c:19:30:b6:cb:
                    ab:f3:7c:af:0d:1e:02:df:8c:02:e3:32:01:1c:2a:
                    da:20:8e:34:3e:00:41:18:3f:44:bc:4c:e3:96:7e:
                    a9:36:35:a9:65:8f:dd:f3:61:21:6e:85:c0:56:09:
                    cc:4a:63:bc:16:89:87:a4:41:9c:3a:14:d6:a7:5b:
                    56:4f:ef:e1:57:39:6c:a5:63:4a:22:d0:31:f2:8e:
                    46:5a:6e:cd:71:91:55:26:28:72:bd:58:1f:bb:89:
                    f7:f2:ac:8d:70:16:8c:d9:20:d5:a3:76:79:55:03:
                    69:6b:37:a7:b9:3b:08:e7:18:ca:65:cf:e5:bf:05:
                    c2:4e:58:34:cd:82:e2:57:5d:31:93:92:78:e8:93:
                    b0:ca:cd:97:d3:57:ff:7c:07:97:56:a0:ad:79:ac:
                    21:99:c6:b4:b3:3c:ef:80:b6:a4:50:2b:09:d0:d3:
                    8f:8f:d4:52:8f:f1:46:7e:4e:e4:46:3d:7e:2b:42:
                    60:67:b1:27:06:ec:06:6f:cc:f8:45:c4:d5:3b:b8:
                    ea:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:98:0F:8D:54:BD:58:2A:2F:93:4E:E8:3F:A9:41:CA:D6:E2:71:28
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1d2ee9a7-c5cc-48b0-a3bc-ff5b760f7ed8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.18.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b3:3b:e6:66:46:43:fc:c4:75:c2:53:29:7a:93:03:dc:5f:59:
         9d:7e:34:fc:1a:14:70:78:22:14:56:52:02:21:9e:e5:57:c2:
         e4:be:fa:5d:09:26:a8:29:c0:15:83:28:08:59:d8:20:af:06:
         66:b3:7a:59:b8:76:96:a2:a7:0e:f9:d5:55:33:d4:0d:60:2a:
         36:cf:c7:4c:2d:23:e5:a1:9c:73:d4:e0:d7:64:af:7c:fa:cc:
         80:01:b4:90:69:37:97:2d:96:71:5e:da:bf:95:49:eb:ec:4d:
         66:fa:5a:ca:9c:1f:c1:8d:e7:26:fb:58:d3:d3:08:7b:23:9c:
         52:81:e8:e4:1c:5c:53:24:35:1c:05:e0:62:a0:83:ec:d3:2f:
         59:66:c5:b5:2a:b2:a8:a5:e3:11:2c:79:b2:c2:e9:d8:b1:83:
         ff:83:76:f3:8f:be:bc:ac:8f:b5:7b:9c:92:f9:6c:87:37:e0:
         12:f8:3d:1b:e5:3e:b4:65:87:a6:c8:ff:e1:71:04:6f:fd:9e:
         2b:80:c6:d8:00:91:7f:d1:2b:d0:6f:38:92:68:99:16:9c:05:
         78:39:3a:d4:78:33:71:55:c4:6d:58:d5:1d:15:a5:95:03:7a:
         9e:d6:e3:4b:96:9c:a2:51:34:b8:b5:98:76:2b:d2:bd:2c:c5:
         31:21:32:ca
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbR29ziy0To7OJoKziACH22+Dt3kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEwMDAwMDAwWhcNMjUwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTA1ZGJlMmI3MDcyMzJjMGVmNzViZTViNzI1NzAwYTcy
MzhmODgzZGI0ZjgwNTVmMDQwOWQ5N2NkYjY2ODE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1S+HrYiagFGgdDmnGCPezS7HPr9jrv2vLwr3hQ2H67a40
Y2+s2Y8zXf0MVKfihP3/n7RpUWVcGTC2y6vzfK8NHgLfjALjMgEcKtogjjQ+AEEY
P0S8TOOWfqk2Nallj93zYSFuhcBWCcxKY7wWiYekQZw6FNanW1ZP7+FXOWylY0oi
0DHyjkZabs1xkVUmKHK9WB+7iffyrI1wFozZINWjdnlVA2lrN6e5OwjnGMplz+W/
BcJOWDTNguJXXTGTknjok7DKzZfTV/98B5dWoK15rCGZxrSzPO+AtqRQKwnQ04+P
1FKP8UZ+TuRGPX4rQmBnsScG7AZvzPhFxNU7uOpFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQZgPjVS9WCovk07oP6lBytbicSgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFkMmVlOWE3LWM1Y2MtNDhiMC1hM2JjLWZmNWI3NjBmN2VkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAF1EmQwDQYJKoZIhvcNAQELBQADggEBALM75mZGQ/zEdcJTKXqTA9xfWZ1+
NPwaFHB4IhRWUgIhnuVXwuS++l0JJqgpwBWDKAhZ2CCvBmazelm4dpaipw751VUz
1A1gKjbPx0wtI+WhnHPU4Ndkr3z6zIABtJBpN5ctlnFe2r+VSevsTWb6WsqcH8GN
5yb7WNPTCHsjnFKB6OQcXFMkNRwF4GKgg+zTL1lmxbUqsqil4xEsebLC6dixg/+D
dvOPvrysj7V7nJL5bIc34BL4PRvlPrRlh6bI/+FxBG/9niuAxtgAkX/RK9BvOJJo
mRacBXg5OtR4M3FVxG1Y1R0VpZUDep7W40uWnKJRNLi1mHYr0r0sxTEhMso=
-----END CERTIFICATE-----