Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/19205763-dc37-435c-a013-21c30ab907ba.roa
File:                     19205763-dc37-435c-a013-21c30ab907ba.roa (raw, json)
Hash identifier:          lIDFYRS3dTAxClSMdIOYX5QTh/uaRjDKO0RHJy65yYA=
Subject key identifier:   44:F5:C4:F3:9F:3F:F9:93:AF:4C:99:61:34:B7:73:5A:00:1F:47:0F
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2B52F15553D7CABEAC9E0CF8B14FFA147C8C8596
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/19205763-dc37-435c-a013-21c30ab907ba.roa
Signing time:             Sat 07 Oct 2023 00:00:00 +0000
ROA not before:           Sat 07 Oct 2023 00:00:00 +0000
ROA not after:            Sat 11 Nov 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:52:f1:55:53:d7:ca:be:ac:9e:0c:f8:b1:4f:fa:14:7c:8c:85:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct  7 00:00:00 2023 GMT
            Not After : Nov 11 23:59:59 2023 GMT
        Subject: serialNumber=9ae8a60ed39347d773e4bcb67099f60714708a56b5c845b52a8d5e82d3637f10, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:db:cb:7f:96:5a:23:d6:d5:1a:5f:cb:63:bb:
                    c8:91:28:b9:a4:5c:c5:e5:1b:cb:1a:01:88:86:31:
                    3e:02:44:b6:bf:6c:35:86:4c:50:3f:cf:47:50:7b:
                    99:cc:58:45:36:15:11:20:d6:d2:55:f8:7e:f9:00:
                    0c:3e:22:c8:ca:75:d4:d6:6a:72:46:eb:70:3b:80:
                    7a:e6:b8:07:36:7b:38:8c:95:25:17:d6:5e:a1:6a:
                    f4:ba:a5:c2:e6:89:8c:53:fb:69:2d:2f:61:de:4f:
                    0e:b5:1b:0b:45:d4:9c:f6:2b:3a:e1:7b:c6:89:75:
                    95:04:b3:ba:6c:3f:a7:c6:9e:53:4a:fc:c6:11:e5:
                    09:3e:d3:99:e6:08:92:1d:da:76:55:f5:51:55:87:
                    fe:2e:2d:34:e0:d5:1f:d9:54:b6:4d:3e:7f:6b:e1:
                    86:13:6c:6a:d3:4a:a1:0f:18:d8:ed:7e:f6:59:ff:
                    d0:1d:87:45:97:ec:fa:36:1c:55:99:7b:88:a9:aa:
                    e3:c2:d9:97:eb:e5:94:99:f8:79:8c:7a:60:77:6e:
                    ce:7f:95:30:9a:bd:ff:6f:3a:a2:03:0a:c7:58:cb:
                    ac:29:91:95:86:d6:56:8d:3e:e2:56:c0:cb:6a:6f:
                    44:f1:d4:99:f2:1b:3a:c8:8e:60:f7:04:5c:89:90:
                    10:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:F5:C4:F3:9F:3F:F9:93:AF:4C:99:61:34:B7:73:5A:00:1F:47:0F
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/19205763-dc37-435c-a013-21c30ab907ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:70:4c:67:0f:f0:c7:03:70:fc:35:45:ed:7b:2f:72:0c:1c:
         c4:b5:22:21:2f:5f:c1:dc:b1:6a:57:0a:55:6d:2b:c0:c4:4c:
         54:58:47:f1:fb:fd:57:43:9d:c0:fe:5e:ad:a6:05:68:24:cd:
         99:a5:a7:b4:12:e6:e8:07:25:3e:5d:60:e4:cf:38:59:a3:c8:
         b7:34:de:1f:bc:43:c0:8f:ab:db:dc:f0:21:0d:84:04:da:37:
         ad:9f:f4:d0:42:95:4f:64:75:93:b5:0c:fd:9a:f2:8e:81:e7:
         47:6b:a0:d3:47:d3:e5:5c:74:e5:66:83:b6:74:0c:27:d4:6a:
         3b:5f:f6:63:4c:20:99:33:26:16:5a:b2:bc:fa:7a:fb:84:4a:
         8e:ff:77:6c:b8:95:d0:cb:0a:40:cb:fd:6b:68:3f:63:27:66:
         0c:78:c5:6f:9c:4d:d0:12:95:68:cc:ac:48:31:35:02:76:1e:
         19:f7:dc:7a:6d:e5:66:d7:05:3b:e3:09:a4:cb:57:35:0b:c8:
         0a:38:86:c1:6e:95:56:03:9c:74:3a:96:ab:5a:59:b9:6c:29:
         2b:3a:bb:9c:6f:82:98:08:84:0f:35:9e:f9:d6:8c:9e:8f:8a:
         44:c8:e2:de:cc:39:3d:54:61:89:75:4f:7a:76:40:5b:b5:cb:
         3c:ef:27:e9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK1LxVVPXyr6sngz4sU/6FHyMhZYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDA3MDAwMDAwWhcNMjMxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YWU4YTYwZWQzOTM0N2Q3NzNlNGJjYjY3MDk5ZjYwNzE0
NzA4YTU2YjVjODQ1YjUyYThkNWU4MmQzNjM3ZjEwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDk28t/lloj1tUaX8tju8iRKLmkXMXlG8saAYiGMT4CRLa/
bDWGTFA/z0dQe5nMWEU2FREg1tJV+H75AAw+IsjKddTWanJG63A7gHrmuAc2eziM
lSUX1l6havS6pcLmiYxT+2ktL2HeTw61GwtF1Jz2Kzrhe8aJdZUEs7psP6fGnlNK
/MYR5Qk+05nmCJId2nZV9VFVh/4uLTTg1R/ZVLZNPn9r4YYTbGrTSqEPGNjtfvZZ
/9Adh0WX7Po2HFWZe4ipquPC2Zfr5ZSZ+HmMemB3bs5/lTCavf9vOqIDCsdYy6wp
kZWG1laNPuJWwMtqb0Tx1JnyGzrIjmD3BFyJkBA3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURPXE858/+ZOvTJlhNLdzWgAfRw8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE5MjA1NzYzLWRjMzctNDM1Yy1hMDEzLTIxYzMwYWI5MDdiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKRwTGcP8McDcPw1Re17L3IMHMS1
IiEvX8HcsWpXClVtK8DETFRYR/H7/VdDncD+Xq2mBWgkzZmlp7QS5ugHJT5dYOTP
OFmjyLc03h+8Q8CPq9vc8CENhATaN62f9NBClU9kdZO1DP2a8o6B50droNNH0+Vc
dOVmg7Z0DCfUajtf9mNMIJkzJhZasrz6evuESo7/d2y4ldDLCkDL/WtoP2MnZgx4
xW+cTdASlWjMrEgxNQJ2Hhn33Hpt5WbXBTvjCaTLVzULyAo4hsFulVYDnHQ6lqta
WblsKSs6u5xvgpgIhA81nvnWjJ6PikTI4t7MOT1UYYl1T3p2QFu1yzzvJ+k=
-----END CERTIFICATE-----