Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dcd3f70-df9e-4689-b785-029ca3ac1ff7.roa
File:                     0dcd3f70-df9e-4689-b785-029ca3ac1ff7.roa (raw, json)
Hash identifier:          rVMJlNjotYgNf1xmPuzysskeBECaM6gNRjbztR9PKII=
Subject key identifier:   CD:06:0E:E6:8F:BA:53:82:8A:7E:EB:16:99:23:A1:14:D4:00:29:16
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       65BFDF80A4BFCE3086F6237000C894608683B3AF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dcd3f70-df9e-4689-b785-029ca3ac1ff7.roa
Signing time:             Mon 01 Jul 2024 00:00:00 +0000
ROA not before:           Mon 01 Jul 2024 00:00:00 +0000
ROA not after:            Mon 05 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:bf:df:80:a4:bf:ce:30:86:f6:23:70:00:c8:94:60:86:83:b3:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  1 00:00:00 2024 GMT
            Not After : Aug  5 23:59:59 2024 GMT
        Subject: serialNumber=ef48391bca4a50daaed86ed44921cd2cc6eec3716591224189863947f27925f7, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:df:2f:cd:c5:7c:5d:f0:78:3a:06:7d:cb:8f:
                    4c:26:71:78:bc:d1:0e:a0:4a:58:e5:a3:87:4e:18:
                    72:1f:e5:7a:e2:6d:fe:9a:1a:32:15:3e:cb:66:91:
                    88:22:99:93:59:f8:35:bd:5c:d5:48:35:58:21:a2:
                    16:c3:fc:e3:aa:f7:12:0f:12:de:6e:b0:0b:33:ca:
                    7b:24:12:04:1e:d5:1b:43:83:84:93:4f:46:bd:97:
                    61:8e:14:b2:fa:d9:22:1f:5e:89:da:f9:14:85:cd:
                    23:24:ca:8e:bf:b8:da:5e:9e:5b:2f:bd:da:2b:03:
                    78:2e:ea:4e:d1:46:37:ba:ff:bd:44:06:68:fa:1a:
                    cf:0c:1a:b0:43:32:97:93:a3:c7:30:c1:58:36:7b:
                    74:c4:6b:fa:7b:da:28:41:1f:28:36:d5:89:63:38:
                    ab:d0:7f:85:cd:e3:00:00:d2:c2:f8:81:87:f5:11:
                    0d:8d:c1:5e:80:48:75:7a:5e:54:0b:5b:d6:f4:29:
                    af:5d:b9:f2:47:94:4d:d1:bc:5b:54:8a:8e:d7:93:
                    fb:82:ac:f1:c7:69:f0:f7:5c:18:95:3e:76:1d:a9:
                    9f:7b:08:c8:38:5f:44:01:e2:7e:5d:96:2d:43:9b:
                    df:c9:a5:66:2c:8e:8b:c7:2e:42:69:cc:67:14:84:
                    96:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:06:0E:E6:8F:BA:53:82:8A:7E:EB:16:99:23:A1:14:D4:00:29:16
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0dcd3f70-df9e-4689-b785-029ca3ac1ff7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:f4:b4:45:c5:f9:34:6c:f4:82:e8:a9:6a:6e:9a:ec:6e:50:
         17:cf:c3:de:10:94:db:a9:e3:8c:a3:33:e8:d9:15:86:40:37:
         3a:94:45:71:a0:41:52:a3:4f:2c:26:b5:9d:a1:0f:e9:d9:35:
         d8:c9:dd:36:29:d7:22:fa:1b:3a:f6:34:45:c9:87:e5:d4:12:
         fb:f1:99:c1:33:71:90:b9:ae:63:d1:ed:b8:98:ab:42:6d:c1:
         08:d5:50:c5:68:4b:e2:25:65:92:23:21:70:3f:1a:b5:c9:65:
         f4:d7:12:14:e7:b2:44:38:8e:8b:f9:cb:7d:9d:c1:a3:c6:ae:
         48:59:a9:4f:69:9f:57:81:21:88:f2:c8:af:10:1f:19:f7:b5:
         a9:e1:f5:9c:59:80:1a:f1:bf:c5:3e:20:dd:5d:e6:e7:95:b8:
         97:e0:b4:ad:a5:74:f6:69:be:03:60:06:b0:e0:3c:90:67:bd:
         e2:ac:5a:62:9b:cc:91:96:4f:fd:64:7e:5a:64:f0:02:d6:dd:
         c2:46:a0:ca:09:84:84:ee:78:25:b8:8b:43:5b:72:62:2f:5d:
         05:f9:d9:02:33:f0:c9:20:ce:43:8b:ae:4d:0b:f4:9d:82:df:
         14:11:ca:33:5f:6b:58:d6:d9:99:6c:08:9c:53:08:b0:22:4e:
         ba:63:08:ef
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZb/fgKS/zjCG9iNwAMiUYIaDs68wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzAxMDAwMDAwWhcNMjQwODA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjQ4MzkxYmNhNGE1MGRhYWVkODZlZDQ0OTIxY2QyY2M2
ZWVjMzcxNjU5MTIyNDE4OTg2Mzk0N2YyNzkyNWY3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDd3y/NxXxd8Hg6Bn3Lj0wmcXi80Q6gSljlo4dOGHIf5Xri
bf6aGjIVPstmkYgimZNZ+DW9XNVINVghohbD/OOq9xIPEt5usAszynskEgQe1RtD
g4STT0a9l2GOFLL62SIfXona+RSFzSMkyo6/uNpenlsvvdorA3gu6k7RRje6/71E
Bmj6Gs8MGrBDMpeTo8cwwVg2e3TEa/p72ihBHyg21YljOKvQf4XN4wAA0sL4gYf1
EQ2NwV6ASHV6XlQLW9b0Ka9dufJHlE3RvFtUio7Xk/uCrPHHafD3XBiVPnYdqZ97
CMg4X0QB4n5dli1Dm9/JpWYsjovHLkJpzGcUhJbDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzQYO5o+6U4KKfusWmSOhFNQAKRYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBkY2QzZjcwLWRmOWUtNDY4OS1iNzg1LTAyOWNhM2FjMWZmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADH0tEXF+TRs9ILoqWpumuxuUBfP
w94QlNup44yjM+jZFYZANzqURXGgQVKjTywmtZ2hD+nZNdjJ3TYp1yL6Gzr2NEXJ
h+XUEvvxmcEzcZC5rmPR7biYq0JtwQjVUMVoS+IlZZIjIXA/GrXJZfTXEhTnskQ4
jov5y32dwaPGrkhZqU9pn1eBIYjyyK8QHxn3tanh9ZxZgBrxv8U+IN1d5ueVuJfg
tK2ldPZpvgNgBrDgPJBnveKsWmKbzJGWT/1kflpk8ALW3cJGoMoJhITueCW4i0Nb
cmIvXQX52QIz8MkgzkOLrk0L9J2C3xQRyjNfa1jW2ZlsCJxTCLAiTrpjCO8=
-----END CERTIFICATE-----