Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98d85fb9-ae48-454d-90e1-7f6d3a27fa9c.roa
File:                     98d85fb9-ae48-454d-90e1-7f6d3a27fa9c.roa (raw, json)
Hash identifier:          DDFpR9eN566n6Y5L5MlnABZ62nNY6+V/wP3g0lOOiFE=
Subject key identifier:   27:84:34:AD:B8:1B:23:13:FE:12:32:83:8C:04:5A:50:19:63:2D:68
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       30137F2CEC1F10C3610BEE2E0E74A62F61B27B5D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98d85fb9-ae48-454d-90e1-7f6d3a27fa9c.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.115.0.0/16 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:13:7f:2c:ec:1f:10:c3:61:0b:ee:2e:0e:74:a6:2f:61:b2:7b:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: serialNumber=798d3cc1879cabbc28e3ffc186df5503906c8253a340b6ed5580151ec434a135, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c5:ba:f6:86:a3:6a:e3:b2:15:14:5e:9e:3f:
                    60:4c:1f:72:d1:12:b1:13:b2:29:48:78:6c:8b:10:
                    06:a4:08:9d:9a:61:7b:39:e9:7d:98:4e:9b:20:c0:
                    82:1b:ec:1e:bd:9d:b5:92:4c:bf:4a:fb:1b:b4:68:
                    3a:fd:e0:50:5f:ea:65:58:13:0e:a3:3c:f7:4a:45:
                    8b:81:a6:68:9a:2d:21:17:7c:c7:79:a4:6c:84:01:
                    3d:bd:28:84:a1:e6:29:3c:02:c0:ad:fc:b5:f7:9b:
                    b3:0b:e6:bb:42:0d:f2:32:af:c3:3d:2a:c7:83:3f:
                    4c:42:1c:ed:fa:19:39:11:75:ab:92:13:da:d6:26:
                    c1:76:13:8b:55:74:2f:e5:a1:63:01:5c:47:6b:fa:
                    e6:f6:f2:6d:b3:11:b0:b0:eb:8e:d8:27:d1:1a:29:
                    7f:db:00:1c:99:fb:c4:91:fc:5b:1d:48:05:c7:87:
                    5d:34:e7:61:25:a5:c8:05:bc:1e:02:78:3c:37:57:
                    9a:d8:2c:d4:db:60:f6:2d:4e:0f:0c:6d:63:d6:1c:
                    0b:77:61:e3:9c:97:c9:1c:f9:e8:66:72:95:17:92:
                    28:2b:05:28:61:aa:5a:46:57:8a:f3:ea:a8:94:d2:
                    e0:4f:66:d5:d5:71:99:03:ad:2f:56:16:62:f0:00:
                    c8:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:84:34:AD:B8:1B:23:13:FE:12:32:83:8C:04:5A:50:19:63:2D:68
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98d85fb9-ae48-454d-90e1-7f6d3a27fa9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.115.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         50:59:01:da:61:3c:ef:de:a5:8e:6d:ad:59:47:b2:24:21:4b:
         9e:d3:98:ab:86:99:af:dc:81:c6:7b:96:ec:65:db:73:02:02:
         5c:de:5a:48:78:96:f0:0e:d1:a2:30:a5:64:7a:73:d0:8b:66:
         34:b2:ac:2c:1e:78:6c:0f:3f:0e:05:63:38:dd:70:04:4c:47:
         04:93:5a:d9:43:e8:21:e8:ff:be:7b:ce:fc:b7:b0:32:64:ee:
         09:6b:91:7d:15:dc:38:1b:2c:92:f8:d2:8b:36:bc:44:73:e9:
         0f:bf:41:cc:ec:d5:7d:2f:01:d5:9f:60:cd:52:7d:2e:3a:fc:
         1c:91:99:ae:05:95:8b:39:8b:c6:00:4e:05:3a:c6:46:7e:1c:
         30:3d:55:fc:40:1d:4a:c3:14:c3:44:b9:93:59:2a:ae:9d:47:
         7a:38:58:63:1b:fa:82:4e:93:5b:b0:12:37:c4:2e:c1:60:f0:
         df:5a:1e:c0:36:fe:e7:de:93:e5:f6:da:d7:13:a6:63:e9:93:
         3f:67:d9:b2:7e:93:cd:c6:8b:3a:cd:54:a5:a5:b9:16:54:0e:
         8c:bd:4b:d7:83:5d:12:5d:32:ad:db:2e:cd:d6:3e:12:00:f6:
         58:9e:5d:11:29:ac:45:c2:ea:45:dc:3c:b2:25:a3:5c:f7:c8:
         91:8c:87:74
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMBN/LOwfEMNhC+4uDnSmL2Gye10wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3OThkM2NjMTg3OWNhYmJjMjhlM2ZmYzE4NmRmNTUwMzkw
NmM4MjUzYTM0MGI2ZWQ1NTgwMTUxZWM0MzRhMTM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtxbr2hqNq47IVFF6eP2BMH3LRErETsilIeGyLEAakCJ2a
YXs56X2YTpsgwIIb7B69nbWSTL9K+xu0aDr94FBf6mVYEw6jPPdKRYuBpmiaLSEX
fMd5pGyEAT29KISh5ik8AsCt/LX3m7ML5rtCDfIyr8M9KseDP0xCHO36GTkRdauS
E9rWJsF2E4tVdC/loWMBXEdr+ub28m2zEbCw647YJ9EaKX/bAByZ+8SR/FsdSAXH
h10052ElpcgFvB4CeDw3V5rYLNTbYPYtTg8MbWPWHAt3YeOcl8kc+ehmcpUXkigr
BShhqlpGV4rz6qiU0uBPZtXVcZkDrS9WFmLwAMi5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJ4Q0rbgbIxP+EjKDjARaUBljLWgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4ZDg1ZmI5LWFlNDgtNDU0ZC05MGUxLTdmNmQzYTI3ZmE5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2czANBgkqhkiG9w0BAQsFAAOCAQEAUFkB2mE8796ljm2tWUeyJCFLntOY
q4aZr9yBxnuW7GXbcwICXN5aSHiW8A7RojClZHpz0ItmNLKsLB54bA8/DgVjON1w
BExHBJNa2UPoIej/vnvO/LewMmTuCWuRfRXcOBsskvjSiza8RHPpD79BzOzVfS8B
1Z9gzVJ9Ljr8HJGZrgWVizmLxgBOBTrGRn4cMD1V/EAdSsMUw0S5k1kqrp1HejhY
Yxv6gk6TW7ASN8QuwWDw31oewDb+596T5fba1xOmY+mTP2fZsn6TzcaLOs1UpaW5
FlQOjL1L14NdEl0yrdsuzdY+EgD2WJ5dESmsRcLqRdw8siWjXPfIkYyHdA==
-----END CERTIFICATE-----