Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0d067c81-6fc6-4ee1-b561-9ad1d197719d.roa
File:                     0d067c81-6fc6-4ee1-b561-9ad1d197719d.roa (raw, json)
Hash identifier:          m3kEUtdr2AgYcdylzHt0TwV/tW34rhEtJ1c9L4UgDs4=
Subject key identifier:   EF:BB:62:54:7E:6A:E1:20:3C:86:20:EE:22:93:CD:96:BC:78:EF:40
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       3026548E29C2C7A3717262E430DF858A2F1DF2E5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0d067c81-6fc6-4ee1-b561-9ad1d197719d.roa
Signing time:             Mon 03 Mar 2025 02:18:23 +0000
ROA not before:           Mon 03 Mar 2025 02:18:23 +0000
ROA not after:            Mon 07 Apr 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:26:54:8e:29:c2:c7:a3:71:72:62:e4:30:df:85:8a:2f:1d:f2:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Mar  3 02:18:23 2025 GMT
            Not After : Apr  7 23:59:59 2025 GMT
        Subject: serialNumber=e9098debd3e39780ceff026cf7d4fbcc18531dd18a0f25fc09b8ecb40a3972a8, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5e:1f:58:71:a4:8d:54:28:7c:35:a7:ba:1f:
                    a7:e4:52:34:67:89:02:38:e2:6e:a0:6d:f5:93:39:
                    32:74:5c:78:f3:54:89:0e:cc:f1:b9:3e:1c:dd:2e:
                    6a:f8:6d:bb:5b:03:21:6e:81:1e:18:eb:03:d2:f3:
                    a8:fa:b8:39:9a:2e:cf:1d:c5:6a:30:68:e7:08:d1:
                    cf:5a:0b:f2:34:c6:89:33:32:de:94:e0:f3:33:63:
                    10:10:f1:43:f3:d6:af:3e:ed:5e:49:94:44:f7:3e:
                    db:d8:d2:ae:d6:d0:0b:be:e1:8a:08:87:39:a0:09:
                    73:ef:6a:50:ee:49:08:38:67:27:09:45:7f:fe:8d:
                    44:09:06:d4:94:bb:9d:b8:8f:73:cf:df:ee:89:09:
                    19:4d:45:94:49:e9:8c:3c:2e:c0:3b:5e:33:55:44:
                    37:e2:47:e0:23:1e:d2:d1:46:14:7b:ea:7b:61:f8:
                    72:cb:a5:d1:60:ea:8d:fe:82:f9:58:ec:17:ab:5f:
                    5d:dc:89:b2:69:14:63:c1:31:5f:41:98:a0:46:60:
                    89:15:8d:41:b6:22:d4:03:56:f4:5f:ee:66:84:c2:
                    2a:48:a1:cd:8a:fa:ee:64:b2:b2:d1:e3:77:84:e4:
                    e4:07:b0:4e:e4:39:44:a0:44:38:62:b5:58:2b:50:
                    79:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:BB:62:54:7E:6A:E1:20:3C:86:20:EE:22:93:CD:96:BC:78:EF:40
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0d067c81-6fc6-4ee1-b561-9ad1d197719d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:b6:13:95:63:f9:69:78:62:5f:43:61:d3:af:0c:e5:a8:0f:
         91:0f:37:ca:41:63:7d:57:b7:33:85:3f:41:1c:57:6d:dc:17:
         01:8e:83:42:63:1f:96:14:37:4b:c5:4e:16:2e:90:8c:00:fa:
         bf:19:fc:06:4c:74:8d:8d:90:b9:1a:e1:a5:31:f5:4d:a7:0b:
         ec:be:12:12:8d:31:08:72:03:ca:a7:41:06:6b:89:88:32:d0:
         99:b0:64:51:e5:55:04:53:1d:54:7c:17:57:33:ef:74:4c:46:
         c9:93:d1:be:83:a0:dd:a8:f4:b1:89:5d:bb:b0:9c:aa:db:54:
         1e:86:de:66:c1:90:f1:f0:f9:8f:18:e7:c3:d5:53:ed:31:92:
         68:a2:fb:18:7f:5a:12:0b:18:65:dc:dc:b5:d4:68:e0:73:3e:
         e5:52:57:c0:89:83:22:c7:57:2c:74:f8:ae:2b:8e:a1:d5:7e:
         9c:cf:b1:2e:2f:2e:8e:05:cf:63:57:18:31:74:04:14:3f:f8:
         20:6c:0f:08:f4:6a:b1:b2:82:ba:48:1c:ca:66:df:21:75:5f:
         fb:26:80:5f:43:c6:1b:dd:6d:59:a4:5c:90:79:1e:c6:45:33:
         c6:45:ff:3a:7e:14:a8:55:6c:2a:33:48:22:3c:36:1e:9e:cb:
         db:63:95:87
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMCZUjinCx6NxcmLkMN+Fii8d8uUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzAzMDIxODIzWhcNMjUwNDA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOTA5OGRlYmQzZTM5NzgwY2VmZjAyNmNmN2Q0ZmJjYzE4
NTMxZGQxOGEwZjI1ZmMwOWI4ZWNiNDBhMzk3MmE4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFXh9YcaSNVCh8Nae6H6fkUjRniQI44m6gbfWTOTJ0XHjz
VIkOzPG5PhzdLmr4bbtbAyFugR4Y6wPS86j6uDmaLs8dxWowaOcI0c9aC/I0xokz
Mt6U4PMzYxAQ8UPz1q8+7V5JlET3PtvY0q7W0Au+4YoIhzmgCXPvalDuSQg4ZycJ
RX/+jUQJBtSUu524j3PP3+6JCRlNRZRJ6Yw8LsA7XjNVRDfiR+AjHtLRRhR76nth
+HLLpdFg6o3+gvlY7BerX13cibJpFGPBMV9BmKBGYIkVjUG2ItQDVvRf7maEwipI
oc2K+u5ksrLR43eE5OQHsE7kOUSgRDhitVgrUHm/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU77tiVH5q4SA8hiDuIpPNlrx470AwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBkMDY3YzgxLTZmYzYtNGVlMS1iNTYxLTlhZDFkMTk3NzE5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABC2E5Vj+Wl4Yl9DYdOvDOWoD5EP
N8pBY31XtzOFP0EcV23cFwGOg0JjH5YUN0vFThYukIwA+r8Z/AZMdI2NkLka4aUx
9U2nC+y+EhKNMQhyA8qnQQZriYgy0JmwZFHlVQRTHVR8F1cz73RMRsmT0b6DoN2o
9LGJXbuwnKrbVB6G3mbBkPHw+Y8Y58PVU+0xkmii+xh/WhILGGXc3LXUaOBzPuVS
V8CJgyLHVyx0+K4rjqHVfpzPsS4vLo4Fz2NXGDF0BBQ/+CBsDwj0arGygrpIHMpm
3yF1X/smgF9DxhvdbVmkXJB5HsZFM8ZF/zp+FKhVbCozSCI8Nh6ey9tjlYc=
-----END CERTIFICATE-----