Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/015c4df6-0407-467d-85b0-6a619a1341a2.roa
File:                     015c4df6-0407-467d-85b0-6a619a1341a2.roa (raw, json)
Hash identifier:          vTijbR4PG0L9GMTlysYkzm/wzNMHToS/vHJhlDuueVo=
Subject key identifier:   4E:91:EF:FE:39:15:86:37:4E:2B:6B:BF:4A:04:05:0B:3A:AB:D1:B0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       702B0E6EF841DDD729746CC18348D66FBD0AF401
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/015c4df6-0407-467d-85b0-6a619a1341a2.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.25.69.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:2b:0e:6e:f8:41:dd:d7:29:74:6c:c1:83:48:d6:6f:bd:0a:f4:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=32c4ae5ea0592fd88ef7ff8d55a6421c958defb1b1cff698cc858448b2d48b91, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:0c:f5:9e:63:82:47:62:e5:f0:99:f8:69:a7:
                    b5:75:91:8d:27:18:9c:6f:a6:1c:b9:d2:8d:92:73:
                    84:0a:16:6f:4f:70:72:a2:90:61:b2:ea:ea:8b:4f:
                    f6:9c:ea:b3:a8:b5:3e:52:3e:49:fe:d5:34:ba:d2:
                    c9:91:79:b2:50:03:6d:d4:db:ec:fe:7e:b4:65:50:
                    2b:f9:bc:e1:5b:25:c6:9c:9f:30:77:1b:e5:aa:d9:
                    c2:58:d1:11:96:17:50:0c:ae:55:2a:0c:34:d3:6b:
                    f5:fc:a9:71:da:c5:a2:4e:c3:89:26:1c:db:63:8c:
                    48:37:2c:81:9d:bb:5d:5a:00:27:e6:b1:54:a0:11:
                    a4:70:8e:6f:0c:b5:8e:61:3e:af:bd:8b:41:9a:9c:
                    2a:ad:0e:b6:b4:69:53:a1:60:88:22:85:dc:bb:3e:
                    d7:56:0e:03:c2:29:a8:80:c9:f6:af:29:66:41:cd:
                    d8:3a:62:4d:c5:2c:db:89:af:ce:6e:38:51:7c:5e:
                    c3:4c:46:f3:61:95:49:d8:b1:0e:98:f7:bd:8c:02:
                    3e:a6:3b:01:6d:32:94:54:6e:45:a7:95:be:50:8d:
                    21:8a:6d:62:ad:f1:8c:4c:56:38:66:5a:d9:56:42:
                    47:9b:17:47:d7:e3:03:0f:c5:59:4b:81:2c:57:83:
                    67:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:91:EF:FE:39:15:86:37:4E:2B:6B:BF:4A:04:05:0B:3A:AB:D1:B0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/015c4df6-0407-467d-85b0-6a619a1341a2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.25.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:f5:a4:87:92:07:e0:44:de:b9:be:17:9b:25:df:0e:5c:2a:
         21:be:ea:aa:f6:13:de:78:53:00:c6:ee:1f:b9:9f:e3:8b:11:
         b3:9a:a9:6b:fa:51:d7:3f:d0:f4:9a:c9:ed:38:73:5e:e2:29:
         f3:1f:bd:15:43:9d:fb:77:43:4c:05:04:e8:dc:3a:e0:f7:c7:
         68:4f:fa:a1:b3:76:56:fe:bd:d7:09:83:51:97:6f:8b:bc:4c:
         77:c6:23:36:b1:f4:0a:d4:be:d6:3a:28:ec:ff:f3:0b:96:49:
         8d:11:2b:a2:44:b1:a5:8e:d6:f9:6b:44:26:23:60:48:1c:53:
         83:df:d9:24:33:12:59:aa:1c:82:90:c0:ff:84:c4:cf:7d:ff:
         f2:97:dd:ca:ce:5b:eb:ec:51:8d:37:ef:76:e9:8d:60:ff:24:
         9e:85:8f:7e:7d:47:ca:2f:06:6a:66:6a:7f:82:5c:86:04:e7:
         ff:ee:34:18:ea:b9:0e:89:a7:d7:58:0e:63:bc:26:80:6e:60:
         41:f2:d6:2d:5d:ad:00:d1:10:38:09:31:73:b9:b5:d4:5b:a4:
         b8:f4:a2:c2:fa:32:db:5e:8f:f9:e8:53:70:01:07:ae:bb:83:
         91:9e:c0:78:74:1c:a7:7b:e6:90:03:3a:78:6d:25:61:ed:20:
         d2:a3:4e:e5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcCsObvhB3dcpdGzBg0jWb70K9AEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTA3MDAwMDAwWhcNMjUwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMmM0YWU1ZWEwNTkyZmQ4OGVmN2ZmOGQ1NWE2NDIxYzk1
OGRlZmIxYjFjZmY2OThjYzg1ODQ0OGIyZDQ4YjkxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcDPWeY4JHYuXwmfhpp7V1kY0nGJxvphy50o2Sc4QKFm9P
cHKikGGy6uqLT/ac6rOotT5SPkn+1TS60smRebJQA23U2+z+frRlUCv5vOFbJcac
nzB3G+Wq2cJY0RGWF1AMrlUqDDTTa/X8qXHaxaJOw4kmHNtjjEg3LIGdu11aACfm
sVSgEaRwjm8MtY5hPq+9i0GanCqtDra0aVOhYIgihdy7PtdWDgPCKaiAyfavKWZB
zdg6Yk3FLNuJr85uOFF8XsNMRvNhlUnYsQ6Y972MAj6mOwFtMpRUbkWnlb5QjSGK
bWKt8YxMVjhmWtlWQkebF0fX4wMPxVlLgSxXg2dpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTpHv/jkVhjdOK2u/SgQFCzqr0bAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAxNWM0ZGY2LTA0MDctNDY3ZC04NWIwLTZhNjE5YTEzNDFhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2GUUwDQYJKoZIhvcNAQELBQADggEBAIH1pIeSB+BE3rm+F5sl3w5cKiG+
6qr2E954UwDG7h+5n+OLEbOaqWv6Udc/0PSaye04c17iKfMfvRVDnft3Q0wFBOjc
OuD3x2hP+qGzdlb+vdcJg1GXb4u8THfGIzax9ArUvtY6KOz/8wuWSY0RK6JEsaWO
1vlrRCYjYEgcU4Pf2SQzElmqHIKQwP+ExM99//KX3crOW+vsUY0373bpjWD/JJ6F
j359R8ovBmpman+CXIYE5//uNBjquQ6Jp9dYDmO8JoBuYEHy1i1drQDREDgJMXO5
tdRbpLj0osL6Mttej/noU3ABB667g5GewHh0HKd75pADOnhtJWHtINKjTuU=
-----END CERTIFICATE-----