Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b175608-80c3-4e1e-9e37-aaf08983ca12.roa
File:                     3b175608-80c3-4e1e-9e37-aaf08983ca12.roa (raw, json)
Hash identifier:          OK5ZRdkM3dRCssPgFVDwil/KpH/EpmRLtU7Vq+1mdJo=
Subject key identifier:   0A:97:84:72:CF:31:A8:8B:84:BA:36:EC:38:48:BD:4C:44:AC:8A:11
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5E6B88B04F3F7ADB6A25BC745E02B7BA18189E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b175608-80c3-4e1e-9e37-aaf08983ca12.roa
Signing time:             Tue 23 Jan 2024 00:00:00 +0000
ROA not before:           Tue 23 Jan 2024 00:00:00 +0000
ROA not after:            Tue 27 Feb 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:6b:88:b0:4f:3f:7a:db:6a:25:bc:74:5e:02:b7:ba:18:18:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jan 23 00:00:00 2024 GMT
            Not After : Feb 27 23:59:59 2024 GMT
        Subject: serialNumber=6640fb1c733cd0fbfd52fb9d6ccac42fd2fd32bf8a8f64cf3e5ccdd4c313fb10, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:46:3e:bc:bf:7b:5c:a9:56:78:85:b2:0c:55:
                    1c:8a:59:94:96:f1:2b:08:8e:4a:42:7f:bf:98:91:
                    03:a4:9c:f9:04:35:6e:3f:fc:a9:73:c5:03:a9:fb:
                    8f:f5:a7:9b:1b:cf:b8:88:e1:81:db:5e:b6:5b:eb:
                    85:73:13:99:ad:f7:16:ca:89:f4:e1:42:8f:ab:ef:
                    5d:13:ef:6c:4d:3b:d9:e4:2c:4b:f5:4d:5a:2b:c7:
                    d6:a0:1b:33:54:3c:51:ae:d5:22:e4:00:91:5f:e4:
                    cd:4a:aa:b2:f5:fc:bf:57:c2:85:0f:06:9f:63:99:
                    e5:0f:ee:59:b3:df:22:26:f0:70:c9:e6:34:ae:a3:
                    5f:01:51:11:e4:72:e7:df:e8:6f:6f:b5:61:12:1a:
                    32:88:42:5e:e1:80:52:a7:15:5c:e1:52:50:f5:99:
                    f5:92:0a:3f:6d:5f:47:fa:f0:26:c6:b7:7a:87:22:
                    2f:24:32:2e:8d:32:b1:a7:f8:8f:19:02:a0:30:d5:
                    c3:6a:38:77:cf:2e:74:97:df:9b:a4:34:58:18:79:
                    59:00:b0:10:f9:db:ef:a0:85:06:07:40:a6:0a:50:
                    0a:69:02:bd:53:a4:e8:cb:59:02:73:b2:0d:8c:2e:
                    93:8e:e4:d2:48:9d:66:d1:97:94:11:d8:68:db:c7:
                    e4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:97:84:72:CF:31:A8:8B:84:BA:36:EC:38:48:BD:4C:44:AC:8A:11
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b175608-80c3-4e1e-9e37-aaf08983ca12.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:9b:9f:c3:9c:d6:65:e9:da:73:78:89:ec:7b:26:69:40:b9:
         01:9c:4d:1f:06:f2:da:9d:38:65:d1:56:95:0d:11:70:6d:0a:
         a4:80:57:8a:45:a6:e2:93:9b:60:21:0f:2c:31:d1:17:99:88:
         fd:6b:b8:9f:41:58:34:70:b6:88:04:9a:c7:7e:4b:bb:5b:e5:
         e5:4e:77:86:01:77:2b:66:19:21:d7:92:2d:de:31:13:c8:c9:
         ee:d0:28:00:4f:22:55:31:10:7e:56:0d:6c:bf:a6:95:7d:ea:
         47:f3:81:18:cc:98:1b:1e:29:28:7f:c3:da:f3:3b:24:d2:4d:
         15:90:af:89:ff:9d:5f:15:8b:d1:01:ee:17:33:63:d9:cc:e4:
         cc:99:e2:d3:7a:11:73:1f:12:76:89:a9:50:8c:53:53:90:16:
         35:df:38:c8:82:18:7e:7a:98:bb:22:6a:6b:28:cd:52:e1:9f:
         e0:e1:e5:5a:00:15:09:58:57:c8:7e:8e:95:23:99:79:a9:e2:
         bb:b7:41:88:c7:6b:60:c1:c1:17:ff:5f:4a:ea:eb:50:8b:2e:
         b8:30:0b:47:51:a2:80:40:68:76:0b:f0:94:5a:17:ee:31:94:
         c7:9f:2a:7e:1f:1c:27:cd:d6:cc:3a:53:ce:89:88:da:59:ff:
         fe:19:84:d6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITXmuIsE8/ettqJbx0XgK3uhgYnjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjY2MmNlMTRlOTA1ZTE4ZWJjYjc1MjJm
OTJiMzY4NGJjNDg2NWI0ZDAeFw0yNDAxMjMwMDAwMDBaFw0yNDAyMjcyMzU5NTla
MHoxSTBHBgNVBAUTQDY2NDBmYjFjNzMzY2QwZmJmZDUyZmI5ZDZjY2FjNDJmZDJm
ZDMyYmY4YThmNjRjZjNlNWNjZGQ0YzMxM2ZiMTAxLTArBgNVBAMTJGMwY2UyM2Vh
LTQzZmMtNGJlNC1iZWVlLWMwMTQ3ODEyMmEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVGPry/e1ypVniFsgxVHIpZlJbxKwiOSkJ/v5iRA6Sc+QQ1
bj/8qXPFA6n7j/WnmxvPuIjhgdtetlvrhXMTma33FsqJ9OFCj6vvXRPvbE072eQs
S/VNWivH1qAbM1Q8Ua7VIuQAkV/kzUqqsvX8v1fChQ8Gn2OZ5Q/uWbPfIibwcMnm
NK6jXwFREeRy59/ob2+1YRIaMohCXuGAUqcVXOFSUPWZ9ZIKP21fR/rwJsa3eoci
LyQyLo0ysaf4jxkCoDDVw2o4d88udJffm6Q0WBh5WQCwEPnb76CFBgdApgpQCmkC
vVOk6MtZAnOyDYwuk47k0kidZtGXlBHYaNvH5AcCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQKl4RyzzGoi4S6Nuw4SL1MRKyKETAfBgNVHSMEGDAWgBRVqN1F2UQT+dGS
9Sxjzoz7xhSWuDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzE0MzNlYmZmLWRm
ZDYtNGM1Yy1iN2ZmLTk5Yzg1MTM5ZDRhOC8yNzhhYWI4NzhmMjY2MmNlMTRlOTA1
ZTE4ZWJjYjc1MjJmOTJiMzY4NGJjNDg2NWI0ZC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8xNmYxZmZlZS03NDYxLTQ2NzQtYmIwNS1mZGRl
ZmE5YTAyYzYvM2IxNzU2MDgtODBjMy00ZTFlLTllMzctYWFmMDg5ODNjYTEyLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUt
ZmRkZWZhOWEwMmM2L0ptTE9GT2tGNFk2OHQxSXZrck5vUzhTR1cwMC5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEAE5ufw5zWZenac3iJ7HsmaUC5AZxN
Hwby2p04ZdFWlQ0RcG0KpIBXikWm4pObYCEPLDHRF5mI/Wu4n0FYNHC2iASax35L
u1vl5U53hgF3K2YZIdeSLd4xE8jJ7tAoAE8iVTEQflYNbL+mlX3qR/OBGMyYGx4p
KH/D2vM7JNJNFZCvif+dXxWL0QHuFzNj2czkzJni03oRcx8SdompUIxTU5AWNd84
yIIYfnqYuyJqayjNUuGf4OHlWgAVCVhXyH6OlSOZeaniu7dBiMdrYMHBF/9fSurr
UIsuuDALR1GigEBodgvwlFoX7jGUx58qfh8cJ83WzDpTzomI2ln//hmE1g==
-----END CERTIFICATE-----