Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dc1cce7-f4bc-4cd6-ad7e-7d2bcb384282.roa
File:                     0dc1cce7-f4bc-4cd6-ad7e-7d2bcb384282.roa (raw, json)
Hash identifier:          LONzM4evzGwVhS2HtOLVwiW/9EJ4KZEBz6vvqfHF22s=
Subject key identifier:   9F:DF:5E:24:BE:71:C6:A2:AA:3A:89:A3:38:92:66:98:40:8D:92:46
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5DCDD56AC0028467D70B45C1D819EC86BB812B55
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dc1cce7-f4bc-4cd6-ad7e-7d2bcb384282.roa
Signing time:             Wed 09 Aug 2023 00:00:00 +0000
ROA not before:           Wed 09 Aug 2023 00:00:00 +0000
ROA not after:            Wed 13 Sep 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:cd:d5:6a:c0:02:84:67:d7:0b:45:c1:d8:19:ec:86:bb:81:2b:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug  9 00:00:00 2023 GMT
            Not After : Sep 13 23:59:59 2023 GMT
        Subject: serialNumber=4fe6403dc3263b805294d6e67f5d4c9bfb667ea6a8afc8517758cbd70590d0d8, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:97:7b:ef:3c:16:97:23:64:82:0f:27:5b:06:
                    c9:29:fb:cc:63:f6:b6:f5:31:59:7a:1b:ab:19:a9:
                    a6:77:a4:70:97:83:29:31:6d:e5:3e:fb:f2:36:80:
                    ce:c0:99:af:c6:9b:1c:e4:a9:72:f7:8f:f7:b9:18:
                    8b:31:13:d9:3f:58:26:53:fd:7d:df:1c:34:0d:ce:
                    3f:72:c6:73:9d:51:fd:28:7f:38:7a:67:d8:c0:64:
                    a7:91:16:70:2b:27:fb:f1:67:e1:65:17:3f:81:5c:
                    4f:c2:a8:2b:a4:aa:55:6a:9c:51:19:a6:21:94:ee:
                    29:17:01:9c:43:f7:10:19:a6:bd:30:18:e9:1f:c7:
                    ea:c5:aa:08:90:fe:a6:90:0b:7a:a3:a8:9a:62:29:
                    6c:78:18:01:e4:1f:3c:f6:09:0e:67:9b:1b:d5:f1:
                    8a:70:35:35:14:7e:9b:59:f7:15:94:46:b8:0c:60:
                    57:13:e3:95:f8:3d:54:61:32:9a:ce:ac:b8:0f:37:
                    af:e6:42:2b:1c:21:05:43:a4:07:40:14:4f:61:fd:
                    8f:59:30:e4:27:55:ed:4c:99:5a:ad:6b:b2:0f:29:
                    21:d2:55:2d:0e:09:30:61:ab:a2:44:66:93:bb:00:
                    64:f2:ce:2c:1b:c2:3e:d6:e6:d9:42:52:ac:1b:b9:
                    9d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:DF:5E:24:BE:71:C6:A2:AA:3A:89:A3:38:92:66:98:40:8D:92:46
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dc1cce7-f4bc-4cd6-ad7e-7d2bcb384282.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:6c:da:c8:f8:8a:b0:84:c8:98:2c:2e:b1:7c:4b:f4:65:20:
         9f:4c:c3:60:aa:ca:7f:b7:ff:8c:5a:1c:68:06:01:d6:f6:bc:
         d4:92:24:25:ee:d6:c9:eb:f7:5a:e2:7c:c1:61:a3:3c:c7:ac:
         f5:c6:34:5e:a9:95:fb:44:45:7b:e5:e1:c1:db:d8:1e:6e:0a:
         ca:dc:f7:0e:d6:91:ca:a3:f5:cd:65:55:77:f7:7c:11:fd:dc:
         0f:3b:de:c8:4b:cb:ea:b8:21:a7:62:03:72:d0:5a:1c:31:c5:
         39:08:f2:d9:62:ad:f2:1c:dd:9c:fb:b3:12:ad:c7:d3:a6:8f:
         81:d0:fe:85:08:62:44:ef:8f:da:38:4f:f0:ef:b2:ad:f3:19:
         81:50:90:6c:e4:db:46:00:58:db:c9:71:3c:3a:72:70:04:25:
         92:ba:5a:cb:0a:6b:75:9b:80:a3:8e:45:2f:8a:88:51:f3:d7:
         9d:83:9c:c0:43:fb:c5:fd:47:ca:3f:2e:29:79:f7:72:bd:68:
         24:03:c9:a7:03:4a:30:44:eb:bc:65:f5:6e:d1:7a:25:52:97:
         54:f0:f3:ea:52:af:56:e4:52:67:d2:33:48:da:ad:98:31:1a:
         6a:78:b2:97:31:e2:0b:2d:0c:79:e6:64:04:d6:c2:38:aa:cd:
         56:ae:6d:6e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXc3VasAChGfXC0XB2BnshruBK1UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODA5MDAwMDAwWhcNMjMwOTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZmU2NDAzZGMzMjYzYjgwNTI5NGQ2ZTY3ZjVkNGM5YmZi
NjY3ZWE2YThhZmM4NTE3NzU4Y2JkNzA1OTBkMGQ4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNl3vvPBaXI2SCDydbBskp+8xj9rb1MVl6G6sZqaZ3pHCX
gykxbeU++/I2gM7Ama/GmxzkqXL3j/e5GIsxE9k/WCZT/X3fHDQNzj9yxnOdUf0o
fzh6Z9jAZKeRFnArJ/vxZ+FlFz+BXE/CqCukqlVqnFEZpiGU7ikXAZxD9xAZpr0w
GOkfx+rFqgiQ/qaQC3qjqJpiKWx4GAHkHzz2CQ5nmxvV8YpwNTUUfptZ9xWURrgM
YFcT45X4PVRhMprOrLgPN6/mQiscIQVDpAdAFE9h/Y9ZMOQnVe1MmVqta7IPKSHS
VS0OCTBhq6JEZpO7AGTyziwbwj7W5tlCUqwbuZ1zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUn99eJL5xxqKqOomjOJJmmECNkkYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBkYzFjY2U3LWY0YmMtNGNkNi1hZDdlLTdkMmJjYjM4NDI4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIls2sj4irCEyJgsLrF8S/RlIJ9M
w2Cqyn+3/4xaHGgGAdb2vNSSJCXu1snr91rifMFhozzHrPXGNF6plftERXvl4cHb
2B5uCsrc9w7Wkcqj9c1lVXf3fBH93A873shLy+q4IadiA3LQWhwxxTkI8tlirfIc
3Zz7sxKtx9Omj4HQ/oUIYkTvj9o4T/Dvsq3zGYFQkGzk20YAWNvJcTw6cnAEJZK6
WssKa3WbgKOORS+KiFHz152DnMBD+8X9R8o/Lil593K9aCQDyacDSjBE67xl9W7R
eiVSl1Tw8+pSr1bkUmfSM0jarZgxGmp4spcx4gstDHnmZATWwjiqzVaubW4=
-----END CERTIFICATE-----