Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a5f4094-1830-4901-bebb-80eace6b3246.roa
File:                     5a5f4094-1830-4901-bebb-80eace6b3246.roa (raw, json)
Hash identifier:          dNh7WS+RlUBkDXGEs2pNnnRWjnOsvnFCUDcYTV2xi+g=
Subject key identifier:   E0:71:11:74:19:96:52:A4:D7:8A:82:15:10:1E:81:CB:19:56:10:5C
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5B3D11CD6CE84DD76003BF0FAE9A7394C65E4791
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a5f4094-1830-4901-bebb-80eace6b3246.roa
Signing time:             Wed 06 Nov 2024 00:00:00 +0000
ROA not before:           Wed 06 Nov 2024 00:00:00 +0000
ROA not after:            Wed 11 Dec 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:3d:11:cd:6c:e8:4d:d7:60:03:bf:0f:ae:9a:73:94:c6:5e:47:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov  6 00:00:00 2024 GMT
            Not After : Dec 11 23:59:59 2024 GMT
        Subject: serialNumber=755fd15f57fd77a666ba8fb65456d3e1a0baf319dbbcfb561fb3397573ff6d35, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:58:ef:7b:5e:8e:97:6a:f8:37:55:91:97:d0:
                    46:93:f7:4c:31:87:99:ca:58:00:eb:13:f2:af:c3:
                    61:88:33:22:5d:1a:26:d5:92:0b:81:cd:56:ab:05:
                    28:7d:7f:25:b5:f3:f3:36:e3:cf:0a:81:40:24:ff:
                    61:28:25:99:be:05:b0:57:72:b2:1c:47:11:ad:fd:
                    52:bc:0a:73:f1:07:6f:ad:84:84:1e:21:43:33:21:
                    e4:bd:23:1d:1e:38:c2:e9:99:57:b6:44:c9:84:99:
                    72:f0:0e:74:f4:30:4d:4b:a5:53:c2:9d:89:36:bd:
                    84:f0:d7:fd:3b:76:1e:7e:da:81:03:4c:8b:47:55:
                    d3:46:13:b5:32:41:03:51:9c:3b:13:91:2e:f3:ba:
                    a3:b8:b4:9e:24:96:80:69:b0:be:fb:3f:f2:64:5b:
                    98:46:26:86:22:e2:d0:a5:38:e5:c3:37:db:4b:9b:
                    b0:7b:eb:24:23:a2:cf:d9:93:8c:dd:b7:09:39:b7:
                    d8:8c:cd:12:a7:f4:39:5a:5a:b7:3d:a1:5e:98:42:
                    6d:5d:71:40:9b:14:b2:48:c0:38:31:68:4d:fd:6e:
                    dc:5b:d4:f4:78:db:ef:37:3d:b0:e7:51:01:26:12:
                    e6:ee:78:a0:82:fa:80:9e:03:3c:b8:3c:ad:c9:94:
                    b3:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:71:11:74:19:96:52:A4:D7:8A:82:15:10:1E:81:CB:19:56:10:5C
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a5f4094-1830-4901-bebb-80eace6b3246.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:b5:24:ff:d1:74:c0:23:b8:4f:a3:75:a8:25:aa:eb:5f:ba:
         19:e0:40:5e:ca:ca:59:4c:32:df:b4:d3:8b:7e:01:e0:6f:61:
         51:95:78:51:4a:ff:41:10:13:ac:5c:19:55:5b:24:62:9a:26:
         b8:dc:70:a8:13:75:3f:ce:5e:e7:a8:74:55:e6:ac:a4:8b:46:
         f5:60:2c:15:28:45:d9:1d:e1:4e:30:3a:9b:3d:bd:24:c2:c8:
         22:b4:02:09:4a:1b:fc:5d:cc:2e:04:ea:c0:2a:6b:bb:33:a5:
         6a:e4:84:5a:98:23:d9:99:b1:f7:63:14:4a:cd:93:cc:9f:d2:
         8e:59:fd:a7:8a:79:ef:84:56:c6:99:33:c5:f0:55:7b:34:d8:
         7a:25:da:80:5e:22:4e:69:15:94:67:78:59:74:f6:9d:bb:db:
         51:d2:09:a5:35:cd:c8:28:d7:27:1e:c6:26:72:8a:df:74:6b:
         60:ac:c9:1c:ff:2f:a1:88:a4:e0:c3:62:12:6a:00:47:ae:d0:
         57:60:c7:84:26:ac:e5:8e:9e:1f:3e:20:5e:88:27:01:59:db:
         13:c1:bd:87:f3:0d:5e:63:fe:c2:e8:65:59:94:ec:d7:a1:37:
         a6:23:a9:b7:0d:3b:9f:75:b8:e6:4e:9f:4f:ee:23:fb:f6:40:
         a7:38:0e:47
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWz0RzWzoTddgA78PrppzlMZeR5EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTA2MDAwMDAwWhcNMjQxMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NTVmZDE1ZjU3ZmQ3N2E2NjZiYThmYjY1NDU2ZDNlMWEw
YmFmMzE5ZGJiY2ZiNTYxZmIzMzk3NTczZmY2ZDM1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQWO97Xo6Xavg3VZGX0EaT90wxh5nKWADrE/Kvw2GIMyJd
GibVkguBzVarBSh9fyW18/M2488KgUAk/2EoJZm+BbBXcrIcRxGt/VK8CnPxB2+t
hIQeIUMzIeS9Ix0eOMLpmVe2RMmEmXLwDnT0ME1LpVPCnYk2vYTw1/07dh5+2oED
TItHVdNGE7UyQQNRnDsTkS7zuqO4tJ4kloBpsL77P/JkW5hGJoYi4tClOOXDN9tL
m7B76yQjos/Zk4zdtwk5t9iMzRKn9DlaWrc9oV6YQm1dcUCbFLJIwDgxaE39btxb
1PR42+83PbDnUQEmEubueKCC+oCeAzy4PK3JlLO1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4HERdBmWUqTXioIVEB6ByxlWEFwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzVhNWY0MDk0LTE4MzAtNDkwMS1iZWJiLTgwZWFjZTZiMzI0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEC1JP/RdMAjuE+jdaglqutfuhng
QF7KyllMMt+004t+AeBvYVGVeFFK/0EQE6xcGVVbJGKaJrjccKgTdT/OXueodFXm
rKSLRvVgLBUoRdkd4U4wOps9vSTCyCK0AglKG/xdzC4E6sAqa7szpWrkhFqYI9mZ
sfdjFErNk8yf0o5Z/aeKee+EVsaZM8XwVXs02Hol2oBeIk5pFZRneFl09p2721HS
CaU1zcgo1ycexiZyit90a2CsyRz/L6GIpODDYhJqAEeu0Fdgx4QmrOWOnh8+IF6I
JwFZ2xPBvYfzDV5j/sLoZVmU7NehN6YjqbcNO591uOZOn0/uI/v2QKc4Dkc=
-----END CERTIFICATE-----