Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3fb2b63f-87d4-4762-acc8-76f772c681fa.roa
File:                     3fb2b63f-87d4-4762-acc8-76f772c681fa.roa (raw, json)
Hash identifier:          EslAnr15z15xem2J8hOcLfbbnBBlOTE+j7wTpXht/sY=
Subject key identifier:   A4:82:5D:81:1E:0B:93:41:A6:9D:E3:17:9E:9B:9A:9B:8E:A6:26:89
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       17D0FACB67985721924CABA69D7E981FD0496F0A
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3fb2b63f-87d4-4762-acc8-76f772c681fa.roa
Signing time:             Tue 30 Jan 2024 00:00:00 +0000
ROA not before:           Tue 30 Jan 2024 00:00:00 +0000
ROA not after:            Tue 05 Mar 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:d0:fa:cb:67:98:57:21:92:4c:ab:a6:9d:7e:98:1f:d0:49:6f:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jan 30 00:00:00 2024 GMT
            Not After : Mar  5 23:59:59 2024 GMT
        Subject: serialNumber=4ab8e356f57a38cfef513342f317aa4d17ce80fd7d9cd9afc4f1170a07c1d4c7, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d5:8f:ed:93:5a:17:90:f0:28:87:27:0e:86:
                    6e:8a:7c:5b:b6:f7:eb:f6:07:04:18:11:60:01:35:
                    e5:6d:43:35:5e:ea:c6:e1:33:74:90:fc:69:aa:ce:
                    93:36:57:a2:95:49:55:d0:55:42:4e:c5:f2:fd:96:
                    11:7d:90:cd:55:58:b5:de:0e:c7:cd:ab:1c:89:37:
                    2d:09:89:ff:9c:5c:eb:3c:74:e7:73:6a:c6:20:0a:
                    33:a2:1d:4c:56:d7:1c:ac:e0:27:ad:30:d7:83:ae:
                    c4:21:62:06:6d:ab:ad:9f:b0:bb:c9:4b:56:f3:10:
                    5f:d8:e8:98:42:af:1c:bb:7b:05:d7:6e:64:03:28:
                    2d:77:60:cb:88:d5:c4:59:d1:db:63:aa:00:ad:ff:
                    2f:0d:a7:aa:fc:26:85:e0:f2:b6:00:db:1e:13:ec:
                    58:83:ec:50:64:e1:7a:ca:c2:f0:c5:21:7f:9e:a5:
                    9d:6e:18:2a:d0:11:0c:b1:e0:c5:02:72:a1:d9:da:
                    6d:8b:f5:c0:81:51:5b:58:f9:be:60:8b:25:57:3d:
                    92:d2:80:1a:4f:60:a7:47:cd:c9:22:5e:8e:54:8f:
                    c5:50:cf:9c:ae:f0:04:c5:5d:eb:14:77:fe:40:5c:
                    8f:68:cd:b8:8f:78:12:91:cd:eb:34:f5:65:31:e9:
                    42:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:82:5D:81:1E:0B:93:41:A6:9D:E3:17:9E:9B:9A:9B:8E:A6:26:89
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3fb2b63f-87d4-4762-acc8-76f772c681fa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:d9:04:8b:70:2b:5a:b8:ef:0f:18:ff:42:21:d4:b9:58:9a:
         6c:76:74:91:bb:fa:a8:51:ee:1c:8a:40:3d:60:b0:19:f2:08:
         1c:10:d4:d0:48:e5:75:58:d5:56:a3:83:ab:66:8e:c0:b5:eb:
         13:2d:0d:9b:13:57:52:71:db:fe:02:ae:87:a8:3f:04:cc:3d:
         41:b9:08:ed:57:6e:93:19:ef:02:3c:19:60:fd:1a:cb:38:ad:
         86:d8:c3:1a:f0:44:25:3d:72:04:63:d6:c3:17:1e:29:fb:4e:
         ff:33:d1:4e:f0:90:92:6d:7f:e8:2a:92:40:80:60:ba:fa:6c:
         97:52:71:3d:58:af:06:57:73:fc:1e:8e:cf:63:d7:d1:f9:9d:
         91:8c:f7:b9:07:57:73:bd:87:3a:3e:55:f2:cc:ac:1b:76:68:
         a0:ff:64:7f:93:e0:42:10:8a:a2:83:ae:9c:df:5f:0a:e0:c5:
         39:61:ed:75:1f:90:86:f0:ef:68:b7:ee:c9:c6:08:89:60:c3:
         db:79:03:a1:59:83:0e:c9:6c:20:c8:64:c8:12:4b:47:57:1a:
         e1:d2:8d:34:ca:bd:09:b4:cf:a7:a6:20:5b:d8:d6:94:28:3e:
         39:06:f1:c7:97:27:e8:18:a2:b9:3c:bd:bd:39:3e:53:50:cc:
         7d:70:b4:41
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUF9D6y2eYVyGSTKumnX6YH9BJbwowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTMwMDAwMDAwWhcNMjQwMzA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YWI4ZTM1NmY1N2EzOGNmZWY1MTMzNDJmMzE3YWE0ZDE3
Y2U4MGZkN2Q5Y2Q5YWZjNGYxMTcwYTA3YzFkNGM3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz1Y/tk1oXkPAohycOhm6KfFu29+v2BwQYEWABNeVtQzVe
6sbhM3SQ/GmqzpM2V6KVSVXQVUJOxfL9lhF9kM1VWLXeDsfNqxyJNy0Jif+cXOs8
dOdzasYgCjOiHUxW1xys4CetMNeDrsQhYgZtq62fsLvJS1bzEF/Y6JhCrxy7ewXX
bmQDKC13YMuI1cRZ0dtjqgCt/y8Np6r8JoXg8rYA2x4T7FiD7FBk4XrKwvDFIX+e
pZ1uGCrQEQyx4MUCcqHZ2m2L9cCBUVtY+b5giyVXPZLSgBpPYKdHzckiXo5Uj8VQ
z5yu8ATFXesUd/5AXI9ozbiPeBKRzes09WUx6UJPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpIJdgR4Lk0GmneMXnpuam46mJokwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNmYjJiNjNmLTg3ZDQtNDc2Mi1hY2M4LTc2Zjc3MmM2ODFmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABzZBItwK1q47w8Y/0Ih1LlYmmx2
dJG7+qhR7hyKQD1gsBnyCBwQ1NBI5XVY1Vajg6tmjsC16xMtDZsTV1Jx2/4Croeo
PwTMPUG5CO1XbpMZ7wI8GWD9Gss4rYbYwxrwRCU9cgRj1sMXHin7Tv8z0U7wkJJt
f+gqkkCAYLr6bJdScT1YrwZXc/wejs9j19H5nZGM97kHV3O9hzo+VfLMrBt2aKD/
ZH+T4EIQiqKDrpzfXwrgxTlh7XUfkIbw72i37snGCIlgw9t5A6FZgw7JbCDIZMgS
S0dXGuHSjTTKvQm0z6emIFvY1pQoPjkG8ceXJ+gYork8vb05PlNQzH1wtEE=
-----END CERTIFICATE-----