Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0259572e-0857-462b-9bcb-26ae7478baea.roa
File:                     0259572e-0857-462b-9bcb-26ae7478baea.roa (raw, json)
Hash identifier:          za+kFbs/WeSIIwdjEVpx0naF0PnpaqHK1sp3GG+Bo6E=
Subject key identifier:   7C:35:F1:46:A3:16:48:4C:A3:38:03:0E:D2:AF:64:A2:47:28:85:44
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       79D191C6A7B09AE6E0DB058FD4FCFDEDC9E1B9BA
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0259572e-0857-462b-9bcb-26ae7478baea.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:d1:91:c6:a7:b0:9a:e6:e0:db:05:8f:d4:fc:fd:ed:c9:e1:b9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=1dae52540dc3af3a9fdb251545c81cf861cd5d61e5940475ac2b04926e68095a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c9:b5:8e:f6:a6:2a:33:a7:56:bb:ec:71:39:
                    26:f4:9c:69:4b:7f:f7:4f:5d:63:bd:c9:10:8b:b2:
                    00:31:0d:38:96:b3:10:3f:8a:34:1f:d5:fb:04:e3:
                    a8:f3:03:94:2f:8d:1f:89:70:30:54:0f:7e:f5:22:
                    95:c8:a0:b5:9c:2a:a3:03:8e:fe:bf:c2:6d:29:8a:
                    23:e6:69:28:62:07:6a:83:59:81:ed:4a:41:a3:33:
                    9e:5b:3c:a9:18:05:5c:c9:02:12:5a:71:1c:cf:f0:
                    d6:7c:09:74:3e:12:34:07:9d:ad:01:91:86:75:82:
                    39:d4:04:68:a4:79:63:7e:e8:9d:24:31:5d:dc:1b:
                    7f:b0:f0:fa:1e:8f:a7:eb:cd:b4:3c:ca:da:72:fc:
                    84:c5:99:46:31:ef:da:5a:04:52:09:d6:f1:de:3b:
                    e5:f6:9f:57:04:98:44:cb:c9:44:30:9b:7c:bb:6f:
                    d7:f2:15:35:74:0e:dd:36:dd:96:0a:a2:35:8a:d1:
                    64:8c:03:2a:14:4a:98:fc:74:c1:69:a5:da:f1:5a:
                    bd:4c:f6:de:f3:41:e3:98:27:a3:9a:e4:58:7e:32:
                    6f:01:a4:ba:27:82:dd:3c:26:00:e7:2b:c5:2b:c7:
                    de:b0:d9:4e:74:2f:6b:f9:11:f9:b6:e0:db:4a:f6:
                    22:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:35:F1:46:A3:16:48:4C:A3:38:03:0E:D2:AF:64:A2:47:28:85:44
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0259572e-0857-462b-9bcb-26ae7478baea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:24:91:5a:e8:1d:d2:e1:11:57:e7:84:be:fc:2a:d2:6b:1b:
         d5:f1:9c:3f:c7:13:97:5e:9a:ce:7a:54:db:ad:e9:83:e8:e7:
         4f:58:0f:5e:86:f6:07:9b:00:2f:37:a4:2a:db:9c:9e:3a:ee:
         73:c1:eb:8f:a2:c3:b6:06:2f:22:20:c1:fa:a2:c0:5f:4e:5d:
         e7:28:44:4a:57:f7:66:b6:49:2c:2a:34:6f:fd:6c:d4:b2:36:
         48:69:51:95:95:fb:f5:75:df:45:80:20:c8:14:8a:51:42:56:
         17:61:39:5e:99:0b:f9:be:ca:f2:29:e2:76:bd:da:ac:ea:d3:
         15:33:f9:17:00:49:2c:db:b5:a6:2c:3e:b4:84:35:7e:fe:19:
         f7:bb:48:15:21:c2:6b:b2:46:5c:6d:4e:22:88:22:42:75:b3:
         f4:23:ec:8d:d2:bb:6a:0a:d2:36:1c:d7:b7:a0:66:e8:89:bc:
         a0:b0:f2:ab:72:ad:37:55:67:5e:ba:24:67:ff:90:57:e3:d0:
         dc:71:ad:5c:ae:33:4c:03:93:09:4f:bc:b4:e9:10:b0:95:b3:
         8a:93:2d:50:80:3c:5c:c0:5a:fc:6f:d8:cd:63:ae:33:0b:7c:
         0a:39:bb:73:a2:a4:75:c8:66:7b:8c:9c:fc:9d:6f:b9:26:d3:
         84:06:9e:4f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUedGRxqewmubg2wWP1Pz97cnhubowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZGFlNTI1NDBkYzNhZjNhOWZkYjI1MTU0NWM4MWNmODYx
Y2Q1ZDYxZTU5NDA0NzVhYzJiMDQ5MjZlNjgwOTVhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqybWO9qYqM6dWu+xxOSb0nGlLf/dPXWO9yRCLsgAxDTiW
sxA/ijQf1fsE46jzA5QvjR+JcDBUD371IpXIoLWcKqMDjv6/wm0piiPmaShiB2qD
WYHtSkGjM55bPKkYBVzJAhJacRzP8NZ8CXQ+EjQHna0BkYZ1gjnUBGikeWN+6J0k
MV3cG3+w8Poej6frzbQ8ytpy/ITFmUYx79paBFIJ1vHeO+X2n1cEmETLyUQwm3y7
b9fyFTV0Dt023ZYKojWK0WSMAyoUSpj8dMFppdrxWr1M9t7zQeOYJ6Oa5Fh+Mm8B
pLongt08JgDnK8Urx96w2U50L2v5Efm24NtK9iKpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfDXxRqMWSEyjOAMO0q9kokcohUQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzAyNTk1NzJlLTA4NTctNDYyYi05YmNiLTI2YWU3NDc4YmFlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHokkVroHdLhEVfnhL78KtJrG9Xx
nD/HE5dems56VNut6YPo509YD16G9gebAC83pCrbnJ467nPB64+iw7YGLyIgwfqi
wF9OXecoREpX92a2SSwqNG/9bNSyNkhpUZWV+/V130WAIMgUilFCVhdhOV6ZC/m+
yvIp4na92qzq0xUz+RcASSzbtaYsPrSENX7+Gfe7SBUhwmuyRlxtTiKIIkJ1s/Qj
7I3Su2oK0jYc17egZuiJvKCw8qtyrTdVZ166JGf/kFfj0NxxrVyuM0wDkwlPvLTp
ELCVs4qTLVCAPFzAWvxv2M1jrjMLfAo5u3OipHXIZnuMnPydb7km04QGnk8=
-----END CERTIFICATE-----