Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6282b897-2750-49e6-ae8c-8176c7ad71a5.roa
File:                     6282b897-2750-49e6-ae8c-8176c7ad71a5.roa (raw, json)
Hash identifier:          rCDv4y/z2O2g42gL+SdCIXHLAsD6fRLd0r5ELg01Yc0=
Subject key identifier:   C7:C4:90:19:16:C9:03:88:A0:C1:42:78:85:FE:70:E4:AC:AE:06:8F
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       3D2B44F33940D50E0AB05CA4A15BBD5B9BE3BE96
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6282b897-2750-49e6-ae8c-8176c7ad71a5.roa
Signing time:             Sun 21 Jan 2024 00:00:00 +0000
ROA not before:           Sun 21 Jan 2024 00:00:00 +0000
ROA not after:            Sun 25 Feb 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:2b:44:f3:39:40:d5:0e:0a:b0:5c:a4:a1:5b:bd:5b:9b:e3:be:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jan 21 00:00:00 2024 GMT
            Not After : Feb 25 23:59:59 2024 GMT
        Subject: serialNumber=b9bf54aa8925095a95623639805e52cd9dd89acc25510d2cf3f38f317109128c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:fb:d4:c8:56:ea:15:98:47:e9:ae:f7:b9:fa:
                    be:b9:7d:e1:97:dd:2a:59:4a:e7:52:30:d9:92:5e:
                    d2:95:6d:aa:fe:7b:45:d7:e2:4e:50:75:54:1d:45:
                    8b:e2:02:ff:98:1f:a5:dd:66:0e:ae:03:77:55:9a:
                    92:cd:e7:78:cb:e0:a8:3e:85:8b:d2:9e:b9:cb:5e:
                    90:40:6f:66:70:2c:25:51:fc:11:44:2a:f6:d4:2b:
                    62:a7:fc:4e:34:96:f6:f4:f5:51:72:77:79:7f:00:
                    40:f1:88:84:8b:51:55:92:75:07:9d:c8:07:39:37:
                    76:dd:d5:57:4c:97:3b:07:67:2f:49:2a:aa:aa:40:
                    38:bc:e9:8d:26:74:8b:73:e3:b6:38:86:84:d4:97:
                    74:13:af:f2:12:c7:0d:93:41:7c:8c:1a:31:c3:3a:
                    a5:4d:e2:69:64:02:63:4e:d8:ce:2d:68:40:f7:3c:
                    62:cf:c3:b6:00:c7:27:a0:ff:58:b3:7f:35:87:55:
                    df:d5:08:e4:ed:da:46:ed:3f:67:b1:52:ed:f8:6b:
                    31:4b:20:bb:07:9c:a9:e3:ff:78:51:a6:6d:b1:32:
                    c5:4c:2f:ed:5e:31:0b:a3:5c:87:84:cf:71:1c:72:
                    e3:ab:e6:c8:4c:77:e4:bb:94:af:66:ec:32:91:75:
                    44:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:C4:90:19:16:C9:03:88:A0:C1:42:78:85:FE:70:E4:AC:AE:06:8F
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6282b897-2750-49e6-ae8c-8176c7ad71a5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:df:0a:bb:ee:bb:33:eb:ea:00:93:41:e8:4a:40:e1:bc:69:
         a1:65:c0:ce:50:d8:d6:b8:f5:04:5c:fa:9f:f4:52:47:0d:cc:
         6e:20:9d:fa:fa:cf:37:fa:a4:f3:3f:f8:9c:ee:36:81:95:14:
         6a:4a:88:4c:d8:66:b7:71:f5:77:eb:2d:23:9f:7e:b9:36:89:
         31:7f:d0:32:5e:18:a2:ee:1e:30:0f:89:7c:e0:b6:58:a0:cc:
         42:8b:d0:57:d5:19:ea:b2:f6:3b:41:d7:c5:17:c7:1f:f1:84:
         77:aa:ad:bd:26:66:6b:fd:e3:95:bd:05:57:8c:65:1b:a9:e8:
         39:38:44:cf:d8:dd:7f:9d:ae:15:67:29:b0:54:e5:6a:d1:c6:
         d2:80:c8:65:d6:93:57:c5:3b:f0:4e:e0:29:34:d3:95:cf:42:
         72:a9:0f:2e:56:92:29:58:77:49:c3:19:95:4f:de:f8:1d:3a:
         5a:17:10:81:75:5a:ee:7d:84:87:f0:b0:d9:3e:e6:ff:6f:95:
         20:56:27:62:4a:97:38:6c:21:89:98:d6:86:f7:3a:7d:11:1d:
         3b:e3:8d:5c:00:13:16:93:a2:3a:e2:23:da:4d:cf:be:49:e8:
         af:1a:fb:5a:b4:62:6d:63:7c:db:58:9e:19:e0:da:7a:22:ad:
         fe:8e:9c:4d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPStE8zlA1Q4KsFykoVu9W5vjvpYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTIxMDAwMDAwWhcNMjQwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOWJmNTRhYTg5MjUwOTVhOTU2MjM2Mzk4MDVlNTJjZDlk
ZDg5YWNjMjU1MTBkMmNmM2YzOGYzMTcxMDkxMjhjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY+9TIVuoVmEfprve5+r65feGX3SpZSudSMNmSXtKVbar+
e0XX4k5QdVQdRYviAv+YH6XdZg6uA3dVmpLN53jL4Kg+hYvSnrnLXpBAb2ZwLCVR
/BFEKvbUK2Kn/E40lvb09VFyd3l/AEDxiISLUVWSdQedyAc5N3bd1VdMlzsHZy9J
KqqqQDi86Y0mdItz47Y4hoTUl3QTr/ISxw2TQXyMGjHDOqVN4mlkAmNO2M4taED3
PGLPw7YAxyeg/1izfzWHVd/VCOTt2kbtP2exUu34azFLILsHnKnj/3hRpm2xMsVM
L+1eMQujXIeEz3EccuOr5shMd+S7lK9m7DKRdUQ3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUx8SQGRbJA4igwUJ4hf5w5KyuBo8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzYyODJiODk3LTI3NTAtNDllNi1hZThjLTgxNzZjN2FkNzFhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAI3fCrvuuzPr6gCTQehKQOG8aaFl
wM5Q2Na49QRc+p/0UkcNzG4gnfr6zzf6pPM/+JzuNoGVFGpKiEzYZrdx9XfrLSOf
frk2iTF/0DJeGKLuHjAPiXzgtligzEKL0FfVGeqy9jtB18UXxx/xhHeqrb0mZmv9
45W9BVeMZRup6Dk4RM/Y3X+drhVnKbBU5WrRxtKAyGXWk1fFO/BO4Ck005XPQnKp
Dy5WkilYd0nDGZVP3vgdOloXEIF1Wu59hIfwsNk+5v9vlSBWJ2JKlzhsIYmY1ob3
On0RHTvjjVwAExaTojriI9pNz75J6K8a+1q0Ym1jfNtYnhng2noirf6OnE0=
-----END CERTIFICATE-----