Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/602e9fe1-e0a7-48ef-8061-c272bb5defb8.roa
File:                     602e9fe1-e0a7-48ef-8061-c272bb5defb8.roa (raw, json)
Hash identifier:          w/qDjrpiXISVr8xvETWfOzdgC0cnmxjTYAqUJUElxd8=
Subject key identifier:   73:F7:11:53:1F:79:4E:CB:CB:34:DA:1B:DD:90:ED:C5:13:BF:7C:9A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       26F58E6CF0586DE699CFCCBE19611ADA317B29A2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/602e9fe1-e0a7-48ef-8061-c272bb5defb8.roa
Signing time:             Fri 27 Dec 2024 00:00:00 +0000
ROA not before:           Fri 27 Dec 2024 00:00:00 +0000
ROA not after:            Fri 31 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.25.65.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:f5:8e:6c:f0:58:6d:e6:99:cf:cc:be:19:61:1a:da:31:7b:29:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec 27 00:00:00 2024 GMT
            Not After : Jan 31 23:59:59 2025 GMT
        Subject: serialNumber=21f50e94ca16bbc6219317358b334a0ba7ab6b92ed35d57edaa2cb92c8a9ea94, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:fe:85:25:79:58:1f:12:df:0e:98:e0:50:79:
                    fd:c4:ab:c4:3a:34:9e:38:58:aa:76:55:6a:02:bb:
                    61:61:b0:6d:c2:d1:ad:c1:76:93:54:84:36:ab:13:
                    4d:03:2d:de:d5:08:74:68:cf:0a:a2:00:60:3c:42:
                    63:38:4d:ad:30:28:2a:64:75:97:25:5f:8a:1f:55:
                    28:f3:d2:ae:1f:a1:43:52:6b:1e:0d:7f:a3:ea:e2:
                    e2:12:d6:a4:19:00:09:d9:00:1d:37:0f:98:b8:91:
                    d4:99:86:31:4e:f6:c5:b2:61:0e:67:e5:2e:1e:f8:
                    fe:d2:31:98:8b:70:68:38:6e:e0:41:1a:02:45:aa:
                    5d:fa:ac:14:00:af:93:da:fc:a7:7f:69:89:02:7a:
                    42:eb:b3:41:c1:51:6d:89:67:db:52:3e:de:52:c8:
                    0c:b4:fc:ec:bb:8e:91:58:78:1c:6f:5f:8c:ec:79:
                    f6:7f:91:6b:d7:70:d6:4e:e5:d9:2d:b8:92:1c:8f:
                    52:27:63:01:ec:46:a2:c6:3a:8e:0d:04:ad:1a:4f:
                    fb:eb:fb:19:91:13:f3:d3:2c:7a:66:03:79:af:7e:
                    a5:6b:92:dd:91:11:f9:c1:cc:61:7d:40:84:c5:e8:
                    75:02:62:1f:9d:81:95:99:ff:6e:6f:01:5b:1d:fe:
                    61:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:F7:11:53:1F:79:4E:CB:CB:34:DA:1B:DD:90:ED:C5:13:BF:7C:9A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/602e9fe1-e0a7-48ef-8061-c272bb5defb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.25.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:1c:59:b9:f8:23:3e:e6:59:8e:dd:ed:5b:d7:c6:e1:b5:65:
         35:aa:96:f4:d6:43:9a:ea:33:b0:b1:4a:67:9f:15:f5:f2:af:
         05:79:25:69:98:a4:99:31:1c:b5:b9:91:e7:da:a5:40:c5:2c:
         6d:9e:c1:46:fb:51:a8:05:28:dd:38:b0:aa:2e:ef:1f:87:1b:
         ee:73:fa:9e:7a:d5:ff:8a:cc:bc:be:4f:09:14:4d:8d:ae:15:
         7e:ec:9e:b3:49:ac:8a:dc:44:fd:2f:c7:b6:c5:cb:8f:50:15:
         63:31:8e:b1:60:14:95:ff:26:a5:6d:a3:9f:a7:83:bc:30:b2:
         d4:1b:52:b1:a9:a3:0d:57:f4:1f:f8:fc:cd:65:bd:3d:ce:01:
         78:a9:7d:d1:6e:f5:8d:95:35:f9:db:56:c9:a6:43:1e:98:b9:
         7c:57:ce:0c:96:69:7e:73:d7:ff:82:b7:9c:0a:9f:a1:19:b9:
         18:56:5c:09:00:93:eb:09:1d:dc:f1:63:f2:d1:1a:95:d6:a5:
         6d:61:03:92:8a:92:b6:17:29:38:db:40:04:25:58:76:99:f3:
         a5:d7:44:1f:26:d4:39:4b:17:71:93:43:84:78:42:28:96:e7:
         c7:ad:b1:82:2a:cf:a6:65:b3:bb:4c:0b:0f:c4:05:1b:62:62:
         a9:dc:39:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJvWObPBYbeaZz8y+GWEa2jF7KaIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjI3MDAwMDAwWhcNMjUwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMWY1MGU5NGNhMTZiYmM2MjE5MzE3MzU4YjMzNGEwYmE3
YWI2YjkyZWQzNWQ1N2VkYWEyY2I5MmM4YTllYTk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDV/oUleVgfEt8OmOBQef3Eq8Q6NJ44WKp2VWoCu2FhsG3C
0a3BdpNUhDarE00DLd7VCHRozwqiAGA8QmM4Ta0wKCpkdZclX4ofVSjz0q4foUNS
ax4Nf6Pq4uIS1qQZAAnZAB03D5i4kdSZhjFO9sWyYQ5n5S4e+P7SMZiLcGg4buBB
GgJFql36rBQAr5Pa/Kd/aYkCekLrs0HBUW2JZ9tSPt5SyAy0/Oy7jpFYeBxvX4zs
efZ/kWvXcNZO5dktuJIcj1InYwHsRqLGOo4NBK0aT/vr+xmRE/PTLHpmA3mvfqVr
kt2REfnBzGF9QITF6HUCYh+dgZWZ/25vAVsd/mFZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUc/cRUx95TsvLNNob3ZDtxRO/fJowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwMmU5ZmUxLWUwYTctNDhlZi04MDYxLWMyNzJiYjVkZWZiOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2GUEwDQYJKoZIhvcNAQELBQADggEBALgcWbn4Iz7mWY7d7VvXxuG1ZTWq
lvTWQ5rqM7CxSmefFfXyrwV5JWmYpJkxHLW5kefapUDFLG2ewUb7UagFKN04sKou
7x+HG+5z+p561f+KzLy+TwkUTY2uFX7snrNJrIrcRP0vx7bFy49QFWMxjrFgFJX/
JqVto5+ng7wwstQbUrGpow1X9B/4/M1lvT3OAXipfdFu9Y2VNfnbVsmmQx6YuXxX
zgyWaX5z1/+Ct5wKn6EZuRhWXAkAk+sJHdzxY/LRGpXWpW1hA5KKkrYXKTjbQAQl
WHaZ86XXRB8m1DlLF3GTQ4R4QiiW58etsYIqz6Zls7tMCw/EBRtiYqncOWo=
-----END CERTIFICATE-----