Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/23a9e5bf-7b4b-42ab-8dc8-1c03d1c0a090.roa
File:                     23a9e5bf-7b4b-42ab-8dc8-1c03d1c0a090.roa (raw, json)
Hash identifier:          9yEHc73FUaVu6GSQOaojM5aCD8zlNRyXCFvW19t1PTU=
Subject key identifier:   A7:E3:7F:DF:1C:AE:04:67:B7:D0:46:86:7C:B8:C8:75:7B:29:F1:F6
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       7D53986384688FA3B0788D8C47A32D88931C0755
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/23a9e5bf-7b4b-42ab-8dc8-1c03d1c0a090.roa
Signing time:             Tue 07 Nov 2023 00:00:00 +0000
ROA not before:           Tue 07 Nov 2023 00:00:00 +0000
ROA not after:            Tue 12 Dec 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:53:98:63:84:68:8f:a3:b0:78:8d:8c:47:a3:2d:88:93:1c:07:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov  7 00:00:00 2023 GMT
            Not After : Dec 12 23:59:59 2023 GMT
        Subject: serialNumber=2f3990bc069b0d7d22b47aeefbea1d0cf025be220625e4220d3528e1e8c71e5f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:40:17:a7:8f:9d:25:e3:88:eb:c0:ae:c8:7a:
                    e4:d4:5e:01:3a:e5:3f:2b:28:cc:1d:21:29:1b:26:
                    02:bb:cb:f0:1f:93:c5:68:6d:37:d0:e8:d8:13:82:
                    56:7a:87:8b:92:93:1a:4b:36:9a:e3:d0:27:79:cb:
                    9d:6d:f6:65:e5:9b:02:d3:75:65:a3:51:07:c0:eb:
                    26:11:bc:6e:cc:bc:1c:27:c4:f5:80:22:1c:f5:da:
                    38:c9:01:d3:21:77:f2:6f:04:1c:5d:9d:9a:51:ec:
                    6c:96:18:a1:e5:45:b1:1e:02:3d:a8:c1:34:0d:1a:
                    92:19:24:62:0a:87:59:3a:44:4a:2c:7f:30:d5:03:
                    5f:8e:ed:da:d6:39:39:62:e2:92:3c:96:ca:fa:0f:
                    b1:d8:17:65:73:44:bb:15:4f:ee:d2:a5:73:16:35:
                    d0:23:2d:8c:12:7b:a9:58:d3:62:d2:6a:94:95:a8:
                    da:41:ec:d8:d4:72:bc:a0:21:50:7f:9e:9e:08:55:
                    de:9d:d1:41:4d:46:da:58:e1:d7:d3:2d:bd:37:06:
                    4b:fa:d9:0f:c0:c7:24:4d:54:ec:a1:0c:46:ef:aa:
                    de:cf:db:cc:8a:c3:bc:f5:f2:d5:13:60:07:12:83:
                    0a:17:ca:26:af:8a:75:8e:fd:94:98:35:5c:df:1d:
                    22:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:E3:7F:DF:1C:AE:04:67:B7:D0:46:86:7C:B8:C8:75:7B:29:F1:F6
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/23a9e5bf-7b4b-42ab-8dc8-1c03d1c0a090.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:ce:2a:14:45:a3:d1:a4:a6:1c:0d:f8:98:55:79:58:ab:af:
         30:15:77:44:cb:ed:c7:43:21:03:eb:6b:78:b2:5e:d5:51:77:
         8e:1c:21:0c:9a:2f:2e:ef:c4:3b:00:f9:2c:4f:65:dc:4c:c2:
         50:74:d6:f6:77:82:b4:92:b5:a6:70:7e:15:e6:15:f8:60:3a:
         1e:63:c8:ba:ce:09:f4:ee:03:64:b9:4a:ab:4d:46:db:32:51:
         3d:0d:68:22:4a:6d:7f:ea:a0:ec:66:9d:90:23:06:5d:14:3f:
         98:72:64:db:cc:b4:8a:6a:63:50:be:42:e3:fc:65:87:e0:78:
         7b:ca:46:77:a6:33:ae:cb:81:95:d7:d7:61:2f:bb:70:2b:ad:
         39:7c:34:97:25:c7:5e:44:99:5f:2d:94:21:9b:d9:be:55:0b:
         14:96:16:0c:dc:f0:86:1e:9a:85:a9:9b:9d:98:e9:11:93:ee:
         f9:bd:09:b6:6b:cd:1a:e1:9f:f2:ea:fa:47:85:79:42:7b:f8:
         21:0f:53:b7:3d:d0:a6:2a:c7:17:c3:b4:76:1c:33:88:8e:6d:
         23:17:e1:57:16:65:93:e6:8d:20:23:84:b8:05:f8:da:67:fa:
         4f:68:b3:95:c1:0f:26:bd:ac:c1:ff:f1:26:25:b1:55:7b:27:
         32:0c:15:ad
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfVOYY4Roj6OweI2MR6MtiJMcB1UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTA3MDAwMDAwWhcNMjMxMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZjM5OTBiYzA2OWIwZDdkMjJiNDdhZWVmYmVhMWQwY2Yw
MjViZTIyMDYyNWU0MjIwZDM1MjhlMWU4YzcxZTVmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+QBenj50l44jrwK7IeuTUXgE65T8rKMwdISkbJgK7y/Af
k8VobTfQ6NgTglZ6h4uSkxpLNprj0Cd5y51t9mXlmwLTdWWjUQfA6yYRvG7MvBwn
xPWAIhz12jjJAdMhd/JvBBxdnZpR7GyWGKHlRbEeAj2owTQNGpIZJGIKh1k6REos
fzDVA1+O7drWOTli4pI8lsr6D7HYF2VzRLsVT+7SpXMWNdAjLYwSe6lY02LSapSV
qNpB7NjUcrygIVB/np4IVd6d0UFNRtpY4dfTLb03Bkv62Q/AxyRNVOyhDEbvqt7P
28yKw7z18tUTYAcSgwoXyiavinWO/ZSYNVzfHSI5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUp+N/3xyuBGe30EaGfLjIdXsp8fYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzIzYTllNWJmLTdiNGItNDJhYi04ZGM4LTFjMDNkMWMwYTA5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJTOKhRFo9GkphwN+JhVeVirrzAV
d0TL7cdDIQPra3iyXtVRd44cIQyaLy7vxDsA+SxPZdxMwlB01vZ3grSStaZwfhXm
FfhgOh5jyLrOCfTuA2S5SqtNRtsyUT0NaCJKbX/qoOxmnZAjBl0UP5hyZNvMtIpq
Y1C+QuP8ZYfgeHvKRnemM67LgZXX12Evu3ArrTl8NJclx15EmV8tlCGb2b5VCxSW
Fgzc8IYemoWpm52Y6RGT7vm9CbZrzRrhn/Lq+keFeUJ7+CEPU7c90KYqxxfDtHYc
M4iObSMX4VcWZZPmjSAjhLgF+Npn+k9os5XBDya9rMH/8SYlsVV7JzIMFa0=
-----END CERTIFICATE-----