Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d5f1285-52ce-4593-ae59-22c30b81dab2.roa
File:                     8d5f1285-52ce-4593-ae59-22c30b81dab2.roa (raw, json)
Hash identifier:          D37Y4+N0LCE/IRw4xRx3evJwe79FzRywyuCz/iJ58B8=
Subject key identifier:   05:6C:63:5B:52:57:48:24:DA:D5:63:59:5B:3E:14:1B:1A:2C:90:19
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2B11B6C6ED22220605D490222BB00A51AB4B3DFB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d5f1285-52ce-4593-ae59-22c30b81dab2.roa
Signing time:             Fri 05 Jul 2024 00:00:00 +0000
ROA not before:           Fri 05 Jul 2024 00:00:00 +0000
ROA not after:            Fri 09 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:11:b6:c6:ed:22:22:06:05:d4:90:22:2b:b0:0a:51:ab:4b:3d:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  5 00:00:00 2024 GMT
            Not After : Aug  9 23:59:59 2024 GMT
        Subject: serialNumber=111c7210f49969cac8682fb1831c4b131de92122f5cdd1c9c30655a49ec4ab53, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:c9:67:bd:e7:27:f8:e1:cc:bc:a2:0e:38:1d:
                    5f:79:5d:1d:78:8a:e2:4d:68:f7:0b:7c:68:65:78:
                    4a:88:5e:43:29:2a:fa:d7:69:49:a1:f3:0f:78:0f:
                    61:7d:df:c1:40:eb:df:21:64:dc:2b:8e:e0:3c:f9:
                    e4:ce:8e:54:5e:b8:b6:ca:62:81:04:1e:a6:1c:38:
                    84:47:d9:09:47:45:4b:8f:71:b1:11:4d:2d:77:e1:
                    d3:f3:be:0e:bd:c6:af:7a:88:43:8d:e7:ab:59:e5:
                    8d:12:50:8f:4f:25:f0:30:d1:e9:39:ae:81:57:75:
                    79:e6:f3:47:ce:71:c1:6f:00:57:91:53:19:2c:e2:
                    91:94:07:1f:f1:3e:51:c2:64:b5:5e:95:f9:c8:95:
                    97:37:83:06:ab:a2:39:87:df:d3:dc:e2:45:46:16:
                    18:88:1c:9a:2a:20:4e:39:d6:4e:25:bb:67:ca:5d:
                    0d:95:e0:d6:76:bc:f1:5d:8d:4b:6d:f9:05:7f:65:
                    ae:f6:d3:00:3a:c6:df:84:be:5e:37:88:2d:1d:11:
                    b3:e3:48:72:82:e6:3d:fd:fe:18:6a:5f:9a:80:c7:
                    87:7d:21:21:96:ef:6b:ed:57:95:cf:71:0d:bd:b0:
                    b1:90:45:d1:91:d9:ac:97:bb:76:af:cf:9c:e9:6f:
                    2b:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:6C:63:5B:52:57:48:24:DA:D5:63:59:5B:3E:14:1B:1A:2C:90:19
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d5f1285-52ce-4593-ae59-22c30b81dab2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:51:c9:cf:81:82:af:f1:12:41:e8:3b:f9:dc:2a:ea:98:ef:
         d3:1e:db:95:a2:62:90:bd:db:32:7d:2a:d5:79:2a:80:4b:83:
         16:ba:f0:77:16:65:dc:a3:67:9f:4e:04:f3:1d:dc:b4:04:b0:
         a1:8d:fc:8d:bc:73:c2:fd:dc:ea:9f:36:90:57:d1:ce:30:6d:
         58:81:85:d1:af:d1:45:65:e1:5c:f8:04:d6:55:fc:b8:96:c6:
         2a:ec:e2:d9:9a:6a:b1:1e:5b:c3:8a:7a:7a:fe:32:2f:4f:03:
         66:1a:9c:d7:70:8c:ae:9b:d6:5a:86:03:73:8e:f2:94:04:9f:
         e3:6f:c2:f0:3f:d7:fc:4b:13:f8:45:40:73:2e:38:e2:ba:99:
         d5:34:39:94:72:20:c2:66:de:fa:f0:96:c6:81:1b:b2:08:32:
         2e:bf:4c:b6:5e:ae:cb:ff:1a:e2:04:9d:2f:c8:8d:2a:e7:3b:
         90:1d:2a:ce:c5:19:1d:61:f8:12:20:a6:15:2f:b1:b4:39:4d:
         9d:e4:c3:b0:2f:04:f9:4d:da:46:85:22:99:21:41:8d:cf:f2:
         d9:62:8e:b4:1c:09:65:10:0f:51:0a:4f:3a:d2:cc:f8:50:5d:
         8c:ee:47:31:48:8b:c6:15:1f:96:28:aa:24:46:70:fa:a6:a1:
         8d:21:8b:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKxG2xu0iIgYF1JAiK7AKUatLPfswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzA1MDAwMDAwWhcNMjQwODA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMTFjNzIxMGY0OTk2OWNhYzg2ODJmYjE4MzFjNGIxMzFk
ZTkyMTIyZjVjZGQxYzljMzA2NTVhNDllYzRhYjUzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmyWe95yf44cy8og44HV95XR14iuJNaPcLfGhleEqIXkMp
KvrXaUmh8w94D2F938FA698hZNwrjuA8+eTOjlReuLbKYoEEHqYcOIRH2QlHRUuP
cbERTS134dPzvg69xq96iEON56tZ5Y0SUI9PJfAw0ek5roFXdXnm80fOccFvAFeR
Uxks4pGUBx/xPlHCZLVelfnIlZc3gwarojmH39Pc4kVGFhiIHJoqIE451k4lu2fK
XQ2V4NZ2vPFdjUtt+QV/Za720wA6xt+Evl43iC0dEbPjSHKC5j39/hhqX5qAx4d9
ISGW72vtV5XPcQ29sLGQRdGR2ayXu3avz5zpbyuHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBWxjW1JXSCTa1WNZWz4UGxoskBkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhkNWYxMjg1LTUyY2UtNDU5My1hZTU5LTIyYzMwYjgxZGFiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAZRyc+Bgq/xEkHoO/ncKuqY79Me
25WiYpC92zJ9KtV5KoBLgxa68HcWZdyjZ59OBPMd3LQEsKGN/I28c8L93OqfNpBX
0c4wbViBhdGv0UVl4Vz4BNZV/LiWxirs4tmaarEeW8OKenr+Mi9PA2YanNdwjK6b
1lqGA3OO8pQEn+NvwvA/1/xLE/hFQHMuOOK6mdU0OZRyIMJm3vrwlsaBG7IIMi6/
TLZersv/GuIEnS/IjSrnO5AdKs7FGR1h+BIgphUvsbQ5TZ3kw7AvBPlN2kaFIpkh
QY3P8tlijrQcCWUQD1EKTzrSzPhQXYzuRzFIi8YVH5YoqiRGcPqmoY0hi54=
-----END CERTIFICATE-----