Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/359a3a43-ebf7-4a0a-9af4-39ef086fca07.roa
File:                     359a3a43-ebf7-4a0a-9af4-39ef086fca07.roa (raw, json)
Hash identifier:          vW0Gfs6FwtAhM84OEsC84wHt3WvlPz2yt6Wne0x32Lk=
Subject key identifier:   A8:92:8F:79:ED:5A:37:BC:5A:2A:F5:0B:A8:0E:16:C4:D0:6D:83:BC
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2340D64A743CA417929BA5CBE140721404E7A297
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/359a3a43-ebf7-4a0a-9af4-39ef086fca07.roa
Signing time:             Sat 16 Mar 2024 00:00:00 +0000
ROA not before:           Sat 16 Mar 2024 00:00:00 +0000
ROA not after:            Sat 20 Apr 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:40:d6:4a:74:3c:a4:17:92:9b:a5:cb:e1:40:72:14:04:e7:a2:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Mar 16 00:00:00 2024 GMT
            Not After : Apr 20 23:59:59 2024 GMT
        Subject: serialNumber=b6fb83f39ee1499e09a4ceac320d3f75904c72e5153654fe73ffdfc853902fde, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a1:b9:28:4b:61:9b:b7:df:7f:96:f0:61:80:
                    d4:80:8e:09:fd:a0:47:05:fa:ad:cc:bc:21:9e:b4:
                    fb:cd:38:24:d6:d6:a5:e4:04:ba:2a:c0:b8:99:b8:
                    19:f8:f3:38:1f:a5:30:23:34:a7:7d:48:8d:f5:7e:
                    f1:41:da:e0:de:9d:39:ac:a0:c6:59:d0:1f:13:7b:
                    12:3b:b9:75:d4:41:cc:b7:ff:53:49:56:dd:49:ac:
                    f2:c4:4f:ef:8b:8d:d9:ad:59:47:f3:b0:59:47:2d:
                    4f:86:d3:cb:04:9a:df:37:1c:b6:11:b3:53:c8:76:
                    2c:45:09:6e:a1:01:f0:b9:52:81:5c:89:f9:e2:d6:
                    c8:da:40:36:31:7f:c5:94:3f:72:72:7b:f6:68:62:
                    05:ab:0b:60:f9:89:f2:d2:00:d0:fc:65:f4:b1:72:
                    30:21:b3:25:ee:e3:d8:d5:e5:50:38:57:84:8d:15:
                    e8:e5:24:76:db:24:7a:de:07:ea:09:46:da:e0:85:
                    0b:6f:cd:c5:61:03:74:da:25:78:46:44:b9:55:b9:
                    14:f8:da:8b:19:5e:78:da:86:42:b1:18:3a:28:22:
                    f7:6c:88:7b:f8:8c:a2:dc:10:fc:73:83:83:cb:02:
                    d7:99:54:6c:13:6d:ef:95:c5:84:96:1b:42:40:95:
                    19:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:92:8F:79:ED:5A:37:BC:5A:2A:F5:0B:A8:0E:16:C4:D0:6D:83:BC
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/359a3a43-ebf7-4a0a-9af4-39ef086fca07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:d5:9d:09:f6:9c:23:3b:db:0d:76:01:61:ed:94:70:f8:3c:
         d6:43:3a:37:2e:00:1e:ca:3f:a8:60:da:b3:b8:40:f1:c2:72:
         d6:88:ac:95:22:20:72:0e:76:2d:ea:4a:14:0f:b5:1f:9c:a7:
         4b:7f:6f:e0:a0:5e:12:9c:e7:7c:ef:06:d6:f6:23:01:f5:23:
         d5:d1:10:24:eb:04:51:b9:f9:d8:fd:19:29:fa:f8:54:8d:76:
         f2:d3:49:86:a8:12:7e:9f:5c:af:0f:38:dd:a5:cc:bd:2f:6c:
         b6:88:3a:f4:6f:de:c4:8e:24:3e:2f:af:39:48:b0:02:4d:80:
         90:bb:f0:87:12:ac:f8:2e:04:ad:10:34:eb:01:ff:6a:47:fb:
         65:5c:7a:24:d8:d4:15:5f:6b:6d:3e:03:33:57:a8:e9:46:f9:
         d4:51:97:b2:28:a8:9e:da:e9:d5:6b:3d:10:5e:94:44:4f:80:
         7c:ad:b6:61:73:e0:00:47:2d:de:8b:4a:13:15:b8:96:f2:1d:
         56:b1:75:b8:e4:e2:4e:ac:17:78:70:c0:f5:92:fd:e9:61:d7:
         da:40:36:6b:96:1a:1a:fe:f4:40:9e:ac:cf:a5:17:98:54:00:
         d6:9d:f5:73:7b:24:d9:72:27:de:8a:03:aa:cc:d2:48:3c:a6:
         c3:1e:c4:61
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI0DWSnQ8pBeSm6XL4UByFATnopcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzE2MDAwMDAwWhcNMjQwNDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNmZiODNmMzllZTE0OTllMDlhNGNlYWMzMjBkM2Y3NTkw
NGM3MmU1MTUzNjU0ZmU3M2ZmZGZjODUzOTAyZmRlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxobkoS2Gbt99/lvBhgNSAjgn9oEcF+q3MvCGetPvNOCTW
1qXkBLoqwLiZuBn48zgfpTAjNKd9SI31fvFB2uDenTmsoMZZ0B8TexI7uXXUQcy3
/1NJVt1JrPLET++LjdmtWUfzsFlHLU+G08sEmt83HLYRs1PIdixFCW6hAfC5UoFc
ifni1sjaQDYxf8WUP3Jye/ZoYgWrC2D5ifLSAND8ZfSxcjAhsyXu49jV5VA4V4SN
FejlJHbbJHreB+oJRtrghQtvzcVhA3TaJXhGRLlVuRT42osZXnjahkKxGDooIvds
iHv4jKLcEPxzg4PLAteZVGwTbe+VxYSWG0JAlRnHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqJKPee1aN7xaKvULqA4WxNBtg7wwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzM1OWEzYTQzLWViZjctNGEwYS05YWY0LTM5ZWYwODZmY2EwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACnVnQn2nCM72w12AWHtlHD4PNZD
OjcuAB7KP6hg2rO4QPHCctaIrJUiIHIOdi3qShQPtR+cp0t/b+CgXhKc53zvBtb2
IwH1I9XRECTrBFG5+dj9GSn6+FSNdvLTSYaoEn6fXK8PON2lzL0vbLaIOvRv3sSO
JD4vrzlIsAJNgJC78IcSrPguBK0QNOsB/2pH+2VceiTY1BVfa20+AzNXqOlG+dRR
l7IoqJ7a6dVrPRBelERPgHyttmFz4ABHLd6LShMVuJbyHVaxdbjk4k6sF3hwwPWS
/elh19pANmuWGhr+9ECerM+lF5hUANad9XN7JNlyJ96KA6rM0kg8psMexGE=
-----END CERTIFICATE-----