Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06a54895-11c6-46c3-b575-6286deab2db3.roa
File:                     06a54895-11c6-46c3-b575-6286deab2db3.roa (raw, json)
Hash identifier:          8NaRqNaO7EmjiyokU+KRFPjNqRJinM5H4jvEyzCgDeU=
Subject key identifier:   25:A0:CB:3B:36:8D:A1:34:BD:B5:F1:1F:95:C9:B3:03:54:C9:01:B0
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       692B3A80124C5D3193ACD13FE1D74673CE6780DD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06a54895-11c6-46c3-b575-6286deab2db3.roa
Signing time:             Sun 23 Jun 2024 00:00:00 +0000
ROA not before:           Sun 23 Jun 2024 00:00:00 +0000
ROA not after:            Sun 28 Jul 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:2b:3a:80:12:4c:5d:31:93:ac:d1:3f:e1:d7:46:73:ce:67:80:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 23 00:00:00 2024 GMT
            Not After : Jul 28 23:59:59 2024 GMT
        Subject: serialNumber=395c71e90e2fbf4b4a091d9ddde4a301161827f0747056a77355f5aee38d93a5, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:78:04:f0:59:4e:95:67:0f:d6:b2:bd:cb:7e:
                    6e:c0:a1:76:41:cf:3b:42:df:3a:e4:83:8d:b8:3b:
                    c8:ab:cc:b3:a1:17:b4:aa:6e:4b:df:84:31:fc:de:
                    e2:d4:8d:28:f1:1a:aa:cb:4a:31:5c:1a:57:e4:19:
                    f9:dd:c2:6d:c1:5e:8c:f7:b3:63:74:c9:f0:ba:a1:
                    e7:d5:0e:81:40:8f:8b:07:c9:11:75:a2:cc:05:45:
                    11:12:73:ca:6c:d1:a1:2e:89:f6:7c:74:a5:6d:4e:
                    5d:59:8b:0a:5b:00:93:5b:58:72:c5:ee:8b:a7:e5:
                    18:54:08:e9:6e:7b:40:d6:06:bb:14:10:28:18:25:
                    8e:ba:74:55:d9:d2:a0:12:f5:cb:a4:97:a5:e5:29:
                    47:9b:92:f2:30:75:20:28:79:7d:9b:54:49:88:93:
                    3d:09:8a:e0:64:44:a5:72:b6:7a:12:1e:be:7b:76:
                    b2:ef:80:28:d7:b1:bf:b2:b9:c5:36:83:ac:6e:ed:
                    99:0e:b6:ca:aa:bb:27:0a:cf:3a:bf:d1:fd:8b:f2:
                    96:ca:c9:bc:a8:5f:69:2d:9a:b5:af:6a:0e:d4:ba:
                    a4:cc:76:ec:be:55:5d:6d:46:1d:7b:8e:3c:1c:70:
                    35:12:b3:8f:9c:91:43:a2:10:71:6c:ff:05:2c:ec:
                    ff:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A0:CB:3B:36:8D:A1:34:BD:B5:F1:1F:95:C9:B3:03:54:C9:01:B0
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06a54895-11c6-46c3-b575-6286deab2db3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:4c:83:c3:70:24:05:a3:c0:fe:5e:0b:63:91:e1:e9:ca:c9:
         12:ec:2d:f1:e0:5d:9b:f7:98:e7:d2:76:6c:77:70:8d:5e:a8:
         c9:c2:ca:88:5d:a0:ed:8f:d5:a3:ec:ff:a9:51:20:5d:b9:21:
         ed:fb:36:b3:29:c6:5f:9e:b3:0b:8f:70:ff:83:43:c4:28:41:
         36:55:0c:7c:d9:a2:04:56:c8:d9:11:a3:c4:fc:f3:eb:e3:1d:
         7d:b4:ba:13:1c:cb:a7:ea:1b:09:77:1d:40:00:e3:76:b0:a1:
         d7:a0:4b:dc:46:64:38:d1:9b:9c:bc:8f:c3:99:ba:3e:24:3b:
         ef:83:ab:88:67:c2:fa:fd:e4:c5:64:bc:a4:db:e2:a2:80:08:
         94:fe:15:98:8e:4e:1b:31:d8:54:26:a7:2f:bc:85:82:33:a6:
         e9:24:89:ae:e5:e2:dd:4f:81:93:d5:c3:e0:bf:aa:f9:15:ed:
         4f:5e:4f:18:8c:8b:0a:58:2f:5f:78:ec:96:91:9e:6e:24:f7:
         e0:55:19:cf:c4:4b:c6:45:25:c2:ca:ab:9c:bf:79:b7:bd:b5:
         68:1a:12:ae:48:7f:34:f2:aa:a9:8b:61:a6:98:22:eb:51:11:
         37:a4:3e:84:51:d6:0b:7f:39:a4:4b:3c:b8:03:e1:d4:6e:d8:
         65:9d:dc:28
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaSs6gBJMXTGTrNE/4ddGc85ngN0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjIzMDAwMDAwWhcNMjQwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzOTVjNzFlOTBlMmZiZjRiNGEwOTFkOWRkZGU0YTMwMTE2
MTgyN2YwNzQ3MDU2YTc3MzU1ZjVhZWUzOGQ5M2E1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHeATwWU6VZw/Wsr3Lfm7AoXZBzztC3zrkg424O8irzLOh
F7SqbkvfhDH83uLUjSjxGqrLSjFcGlfkGfndwm3BXoz3s2N0yfC6oefVDoFAj4sH
yRF1oswFRRESc8ps0aEuifZ8dKVtTl1ZiwpbAJNbWHLF7oun5RhUCOlue0DWBrsU
ECgYJY66dFXZ0qAS9cukl6XlKUebkvIwdSAoeX2bVEmIkz0JiuBkRKVytnoSHr57
drLvgCjXsb+yucU2g6xu7ZkOtsqquycKzzq/0f2L8pbKybyoX2ktmrWvag7UuqTM
duy+VV1tRh17jjwccDUSs4+ckUOiEHFs/wUs7P/xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJaDLOzaNoTS9tfEflcmzA1TJAbAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzA2YTU0ODk1LTExYzYtNDZjMy1iNTc1LTYyODZkZWFiMmRiMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHNMg8NwJAWjwP5eC2OR4enKyRLs
LfHgXZv3mOfSdmx3cI1eqMnCyohdoO2P1aPs/6lRIF25Ie37NrMpxl+eswuPcP+D
Q8QoQTZVDHzZogRWyNkRo8T88+vjHX20uhMcy6fqGwl3HUAA43awodegS9xGZDjR
m5y8j8OZuj4kO++Dq4hnwvr95MVkvKTb4qKACJT+FZiOThsx2FQmpy+8hYIzpukk
ia7l4t1PgZPVw+C/qvkV7U9eTxiMiwpYL1947JaRnm4k9+BVGc/ES8ZFJcLKq5y/
ebe9tWgaEq5IfzTyqqmLYaaYIutRETekPoRR1gt/OaRLPLgD4dRu2GWd3Cg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:26:50 2025 by rpki-client