Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a49d674-ff7f-4211-bfac-64f0e143ffac.roa
File:                     5a49d674-ff7f-4211-bfac-64f0e143ffac.roa (raw, json)
Hash identifier:          lOnkby0mH5seLt9UsZ0teO7Jczv/Aa7jdXJpfQDPwMQ=
Subject key identifier:   D3:BC:89:5C:8A:13:70:AE:53:0E:AD:DF:5C:3F:40:74:8A:E9:3D:65
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       72E6BAEF59587EE30C87EDA560593C834E7AD966
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a49d674-ff7f-4211-bfac-64f0e143ffac.roa
Signing time:             Thu 13 Jul 2023 00:00:00 +0000
ROA not before:           Thu 13 Jul 2023 00:00:00 +0000
ROA not after:            Thu 17 Aug 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:e6:ba:ef:59:58:7e:e3:0c:87:ed:a5:60:59:3c:83:4e:7a:d9:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 13 00:00:00 2023 GMT
            Not After : Aug 17 23:59:59 2023 GMT
        Subject: serialNumber=75b170553bdd171990875a9416483aee40271c32175ed4dbc0b099a9a53e00cf, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:3c:24:6e:d0:46:b7:87:cc:e8:69:72:b9:c1:
                    a4:64:27:ce:f4:67:45:62:93:58:3b:d0:02:f5:84:
                    84:03:bc:96:0f:19:90:47:d1:44:77:79:2b:35:e3:
                    65:76:2a:f4:f7:39:b9:16:32:38:e9:e1:e7:f6:8f:
                    c8:f9:28:9d:89:33:31:c7:56:77:ab:cf:56:f9:75:
                    f7:de:81:85:90:ef:46:67:87:2a:bc:05:25:b2:51:
                    01:e2:69:4d:82:28:74:3c:f5:72:d6:31:b5:b4:dd:
                    1f:44:51:27:47:c3:26:21:db:5d:1f:4f:0a:18:2a:
                    a7:51:82:40:11:f5:9a:f1:9f:39:6f:89:9f:7c:08:
                    c6:89:ec:1b:f7:8f:19:7b:4a:59:10:2d:25:ae:9f:
                    a5:db:03:f3:54:02:26:f5:94:e0:d5:2a:ad:3c:59:
                    d6:93:13:44:04:75:fe:f4:12:17:df:cc:87:7b:65:
                    5e:40:3e:9e:e0:b0:90:9f:46:f3:03:6e:01:8b:53:
                    1e:82:06:00:a0:e5:c8:d6:82:6d:c9:af:8e:0c:af:
                    e5:26:69:29:b2:18:7f:e0:e8:91:bd:b9:96:89:ba:
                    c3:39:17:06:13:24:b8:bd:7f:24:4b:74:08:dd:b4:
                    09:e7:f8:26:26:28:5e:2b:4d:bc:e2:4b:74:fc:ba:
                    47:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:BC:89:5C:8A:13:70:AE:53:0E:AD:DF:5C:3F:40:74:8A:E9:3D:65
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a49d674-ff7f-4211-bfac-64f0e143ffac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:23:08:0e:84:e4:9f:ac:05:a1:ce:ba:e5:0e:9c:66:a5:5c:
         26:79:5a:b2:4c:d1:c7:b4:fd:4b:18:93:c9:72:0c:63:8f:1c:
         28:f7:c1:aa:38:6e:f0:27:45:3c:6b:47:86:b7:cb:67:69:56:
         88:7a:aa:33:89:98:aa:6e:9d:28:2b:d2:75:04:aa:05:94:df:
         e2:33:d6:99:15:15:b4:00:7f:2b:24:b5:42:dd:53:d2:bb:0c:
         62:42:a7:3e:84:34:7c:b0:a1:a6:9f:43:39:6b:c9:72:4c:82:
         2e:d9:84:f3:22:db:af:a3:f3:81:1f:24:da:e4:ad:3a:2a:61:
         dc:df:78:0d:c7:78:b6:90:21:02:36:dd:e5:54:a0:aa:af:cd:
         7f:a4:39:41:6e:b0:6d:ba:d6:7d:cc:17:ff:39:75:ba:b6:9e:
         42:a1:c0:02:37:f1:38:25:06:6b:61:c0:b6:34:35:d7:db:57:
         11:3c:2e:6f:57:06:4c:59:76:3f:bb:96:22:39:5c:6e:7c:bf:
         2e:94:eb:44:5a:c3:ce:0f:32:28:15:98:3c:dc:09:b9:f8:6c:
         4a:18:d6:3d:ce:27:09:5f:6d:d4:5f:0c:62:c3:db:88:24:c7:
         41:c0:2a:16:c4:42:95:60:74:51:09:1f:12:85:88:a4:f6:cc:
         de:c2:7b:92
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcua671lYfuMMh+2lYFk8g0562WYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzEzMDAwMDAwWhcNMjMwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NWIxNzA1NTNiZGQxNzE5OTA4NzVhOTQxNjQ4M2FlZTQw
MjcxYzMyMTc1ZWQ0ZGJjMGIwOTlhOWE1M2UwMGNmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkPCRu0Ea3h8zoaXK5waRkJ870Z0Vik1g70AL1hIQDvJYP
GZBH0UR3eSs142V2KvT3ObkWMjjp4ef2j8j5KJ2JMzHHVnerz1b5dffegYWQ70Zn
hyq8BSWyUQHiaU2CKHQ89XLWMbW03R9EUSdHwyYh210fTwoYKqdRgkAR9Zrxnzlv
iZ98CMaJ7Bv3jxl7SlkQLSWun6XbA/NUAib1lODVKq08WdaTE0QEdf70EhffzId7
ZV5APp7gsJCfRvMDbgGLUx6CBgCg5cjWgm3Jr44Mr+UmaSmyGH/g6JG9uZaJusM5
FwYTJLi9fyRLdAjdtAnn+CYmKF4rTbziS3T8ukddAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU07yJXIoTcK5TDq3fXD9AdIrpPWUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzVhNDlkNjc0LWZmN2YtNDIxMS1iZmFjLTY0ZjBlMTQzZmZhYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAC0jCA6E5J+sBaHOuuUOnGalXCZ5
WrJM0ce0/UsYk8lyDGOPHCj3wao4bvAnRTxrR4a3y2dpVoh6qjOJmKpunSgr0nUE
qgWU3+Iz1pkVFbQAfysktULdU9K7DGJCpz6ENHywoaafQzlryXJMgi7ZhPMi26+j
84EfJNrkrToqYdzfeA3HeLaQIQI23eVUoKqvzX+kOUFusG261n3MF/85dbq2nkKh
wAI38TglBmthwLY0NdfbVxE8Lm9XBkxZdj+7liI5XG58vy6U60Raw84PMigVmDzc
Cbn4bEoY1j3OJwlfbdRfDGLD24gkx0HAKhbEQpVgdFEJHxKFiKT2zN7Ce5I=
-----END CERTIFICATE-----