Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/523f4d62-2d48-4994-9317-249f6442b747.roa
File:                     523f4d62-2d48-4994-9317-249f6442b747.roa (raw, json)
Hash identifier:          Q89duinY91nQOFILeICSIk/6y9Sew7NUclwNfm1BNOI=
Subject key identifier:   D8:22:C6:F2:5C:67:A0:71:55:14:04:CA:DF:4B:6E:93:76:EA:23:D1
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       1F14F0D5AEB18AF96705AD327F15851400C7F73E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/523f4d62-2d48-4994-9317-249f6442b747.roa
Signing time:             Tue 16 Apr 2024 00:00:00 +0000
ROA not before:           Tue 16 Apr 2024 00:00:00 +0000
ROA not after:            Tue 21 May 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:14:f0:d5:ae:b1:8a:f9:67:05:ad:32:7f:15:85:14:00:c7:f7:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 16 00:00:00 2024 GMT
            Not After : May 21 23:59:59 2024 GMT
        Subject: serialNumber=83acc9a6d72659c5a97368586d5526a20927cdf3655346432f2811d800d69182, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:31:46:75:f9:d9:2b:a5:06:1e:47:74:6e:3f:
                    77:ca:c9:78:75:30:a5:85:64:0c:75:bc:95:ec:5e:
                    68:ee:d8:f0:c3:ad:74:06:d4:79:b0:a2:5f:15:62:
                    2c:95:30:18:94:42:ac:e8:2d:d7:b1:70:54:90:61:
                    26:d4:c7:fb:38:96:dd:79:16:da:4c:ee:bb:4b:d4:
                    7d:dd:92:6c:b5:c1:4c:10:0e:91:39:92:01:50:17:
                    c9:f1:6c:45:7e:61:ed:77:f2:6b:43:5f:60:dc:ca:
                    e2:58:0a:34:21:e6:d5:68:b2:2f:55:5d:a9:ec:86:
                    10:9b:f9:30:38:b3:8e:26:08:dc:7d:fb:e2:bf:e1:
                    62:30:4a:29:76:53:71:f7:ef:34:2f:2b:34:00:4c:
                    fe:f2:65:5a:5a:86:a6:76:2f:f8:4b:28:59:bd:a3:
                    bb:c4:47:e9:e5:66:27:84:ac:ec:e3:cd:6a:13:30:
                    ec:e7:11:33:1d:e1:7e:dd:81:ca:55:c3:81:d8:a9:
                    0e:0b:4f:9e:79:aa:ec:e5:0e:cf:ac:06:f7:97:0f:
                    08:23:24:af:42:5f:bc:6e:8b:80:9c:68:6e:e5:1e:
                    13:11:87:f1:aa:8b:14:0f:cf:74:a3:5d:00:a1:d3:
                    7c:53:aa:e3:82:31:47:5e:c3:20:a4:61:c7:5c:84:
                    9c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:22:C6:F2:5C:67:A0:71:55:14:04:CA:DF:4B:6E:93:76:EA:23:D1
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/523f4d62-2d48-4994-9317-249f6442b747.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:b6:ab:b4:7e:0d:cf:b2:1b:d5:e1:29:05:ca:87:94:79:f8:
         4d:62:d4:60:2d:3d:72:d5:c7:19:20:eb:d8:19:47:27:38:20:
         63:3e:54:81:57:f0:ed:da:1e:b3:04:14:0d:ca:d0:67:bc:e6:
         a0:3d:a3:72:0c:e8:1c:bb:28:f2:89:46:df:3e:8d:96:db:bd:
         a4:5a:e7:72:af:5b:1f:94:8a:f0:a7:f0:c9:e9:02:2b:15:41:
         68:95:7f:b5:8c:c0:eb:9f:eb:4a:d4:1c:1c:be:fc:f1:1c:30:
         e2:4b:99:c3:bd:21:86:2a:04:a1:d5:7e:00:67:e3:1d:37:85:
         9d:08:c5:fb:51:44:8e:c1:9c:9b:d6:ed:06:68:d1:e8:d4:e3:
         21:84:1a:ce:fb:be:38:97:dd:ac:f4:96:67:39:65:47:e8:d6:
         88:7f:86:df:22:9d:53:f9:ee:40:a7:70:19:ce:8e:40:3f:79:
         0c:a7:8e:75:83:57:24:35:3b:37:49:24:51:dc:af:c1:eb:1c:
         ad:8e:92:5f:e1:68:6d:57:f8:50:76:a8:56:c5:32:cb:12:97:
         bb:8c:35:ab:a2:af:34:68:cb:45:69:09:5e:ab:8e:e5:f8:d7:
         64:d2:9d:a2:ad:6e:1b:30:ec:08:de:fd:d4:49:22:8b:9d:28:
         74:2a:ea:ff
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHxTw1a6xivlnBa0yfxWFFADH9z4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNDE2MDAwMDAwWhcNMjQwNTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4M2FjYzlhNmQ3MjY1OWM1YTk3MzY4NTg2ZDU1MjZhMjA5
MjdjZGYzNjU1MzQ2NDMyZjI4MTFkODAwZDY5MTgyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHMUZ1+dkrpQYeR3RuP3fKyXh1MKWFZAx1vJXsXmju2PDD
rXQG1Hmwol8VYiyVMBiUQqzoLdexcFSQYSbUx/s4lt15FtpM7rtL1H3dkmy1wUwQ
DpE5kgFQF8nxbEV+Ye138mtDX2DcyuJYCjQh5tVosi9VXanshhCb+TA4s44mCNx9
++K/4WIwSil2U3H37zQvKzQATP7yZVpahqZ2L/hLKFm9o7vER+nlZieErOzjzWoT
MOznETMd4X7dgcpVw4HYqQ4LT555quzlDs+sBveXDwgjJK9CX7xui4CcaG7lHhMR
h/GqixQPz3SjXQCh03xTquOCMUdewyCkYcdchJwRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2CLG8lxnoHFVFATK30tuk3bqI9EwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzUyM2Y0ZDYyLTJkNDgtNDk5NC05MzE3LTI0OWY2NDQyYjc0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABC2q7R+Dc+yG9XhKQXKh5R5+E1i
1GAtPXLVxxkg69gZRyc4IGM+VIFX8O3aHrMEFA3K0Ge85qA9o3IM6By7KPKJRt8+
jZbbvaRa53KvWx+UivCn8MnpAisVQWiVf7WMwOuf60rUHBy+/PEcMOJLmcO9IYYq
BKHVfgBn4x03hZ0IxftRRI7BnJvW7QZo0ejU4yGEGs77vjiX3az0lmc5ZUfo1oh/
ht8inVP57kCncBnOjkA/eQynjnWDVyQ1OzdJJFHcr8HrHK2Okl/haG1X+FB2qFbF
MssSl7uMNauirzRoy0VpCV6rjuX412TSnaKtbhsw7Aje/dRJIoudKHQq6v8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:57 2025 by rpki-client