Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a2fb8e69-900c-4c2b-b756-8006b6e819d0.roa
File:                     a2fb8e69-900c-4c2b-b756-8006b6e819d0.roa (raw, json)
Hash identifier:          akWEcJiw1jQGjaD1AlkCoi5F6ANAr0TuSuUay/dN3Vo=
Subject key identifier:   E9:67:EC:68:53:34:73:E5:31:0B:FE:D6:F2:79:70:C8:CF:95:25:0C
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       3DE505E5DFBEA347321DDBBEBB74ECA8798243B7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a2fb8e69-900c-4c2b-b756-8006b6e819d0.roa
Signing time:             Sun 14 Jul 2024 00:00:00 +0000
ROA not before:           Sun 14 Jul 2024 00:00:00 +0000
ROA not after:            Sun 18 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:e5:05:e5:df:be:a3:47:32:1d:db:be:bb:74:ec:a8:79:82:43:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 14 00:00:00 2024 GMT
            Not After : Aug 18 23:59:59 2024 GMT
        Subject: serialNumber=2648ebe7abaf3780051ed39b0a9028c00645d3398d1293ad663fa0d801bfb8d0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0f:16:d6:89:e6:76:3e:ab:bb:05:41:45:8b:
                    2e:1e:67:2a:6f:a3:c9:61:85:25:0d:93:ce:63:a0:
                    07:ee:e0:ec:66:95:32:61:9a:7c:f9:cd:25:99:d0:
                    e4:75:fd:35:1f:3a:45:e7:3f:cb:9b:50:29:78:98:
                    ae:2a:9c:aa:0c:4a:ef:f3:f9:fe:47:2d:de:d4:6f:
                    48:54:60:68:04:ad:92:09:cc:af:dc:22:14:ee:f4:
                    d5:31:e1:ea:9b:af:a5:5d:7d:29:88:94:2a:bb:ff:
                    52:3c:38:31:93:02:08:a8:3d:63:a3:21:b5:25:37:
                    21:ea:92:dc:e2:91:7c:5c:5a:12:6e:b0:24:68:78:
                    0d:41:1c:11:a4:eb:c3:71:fd:29:f0:47:58:0a:0d:
                    69:b7:e8:4c:15:5e:d5:d0:5a:0c:2c:22:23:b4:2f:
                    0d:b6:2f:20:86:2b:df:6f:75:a0:60:11:fd:ee:a0:
                    af:6b:e5:f1:04:d9:f3:ba:f9:84:82:a1:d2:15:6f:
                    3d:4e:37:a6:3b:f1:25:64:68:a4:54:51:bc:e9:2a:
                    e4:be:3d:ec:2c:ed:63:dc:ea:8c:bb:a0:9c:40:73:
                    96:0c:0f:56:42:a0:b5:9e:44:b5:63:82:c8:12:f9:
                    d6:7a:0b:38:79:23:de:ce:33:c9:89:53:66:3e:b6:
                    3e:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:67:EC:68:53:34:73:E5:31:0B:FE:D6:F2:79:70:C8:CF:95:25:0C
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a2fb8e69-900c-4c2b-b756-8006b6e819d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:ca:71:dc:fb:dc:01:8a:b3:91:7c:41:9d:65:b0:8c:99:fc:
         79:f0:1f:39:c3:8c:a2:c2:f0:b3:de:77:76:70:38:58:cf:d6:
         d1:eb:35:4b:c4:ce:93:f1:2b:72:6e:17:94:40:8c:43:46:58:
         17:cf:8f:dc:1f:10:ce:e9:e2:34:20:02:f3:cc:10:36:6d:67:
         5b:db:af:41:10:9e:0c:22:83:49:f0:9d:5f:79:65:ed:36:2a:
         a5:05:93:8a:f8:3a:fc:b9:13:8b:a7:ea:92:d1:bb:1e:50:83:
         55:f1:0b:ea:5c:56:e3:5e:d2:ac:4d:9d:c1:11:37:12:f4:1b:
         4f:bb:15:84:1e:75:32:46:70:d8:f8:7b:bd:6a:10:d3:44:58:
         a7:01:68:26:30:9b:df:61:a7:a5:a7:74:0e:29:a9:56:79:0f:
         99:88:63:2f:15:49:75:a8:e4:cb:33:56:e1:fd:c4:91:ba:45:
         69:6f:e6:ab:78:d3:1a:da:a5:91:e0:fd:37:ba:cf:66:20:57:
         30:bd:70:e6:f4:0b:f8:e6:bf:ea:74:e5:18:e7:cc:f0:97:89:
         5b:13:66:0f:03:16:6f:02:6f:09:83:57:ba:07:70:72:7f:a1:
         8f:7a:0b:42:ae:23:9e:01:24:de:33:86:3b:21:b7:9e:99:61:
         1d:15:8c:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPeUF5d++o0cyHdu+u3TsqHmCQ7cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzE0MDAwMDAwWhcNMjQwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNjQ4ZWJlN2FiYWYzNzgwMDUxZWQzOWIwYTkwMjhjMDA2
NDVkMzM5OGQxMjkzYWQ2NjNmYTBkODAxYmZiOGQwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBDxbWieZ2Pqu7BUFFiy4eZypvo8lhhSUNk85joAfu4Oxm
lTJhmnz5zSWZ0OR1/TUfOkXnP8ubUCl4mK4qnKoMSu/z+f5HLd7Ub0hUYGgErZIJ
zK/cIhTu9NUx4eqbr6VdfSmIlCq7/1I8ODGTAgioPWOjIbUlNyHqktzikXxcWhJu
sCRoeA1BHBGk68Nx/SnwR1gKDWm36EwVXtXQWgwsIiO0Lw22LyCGK99vdaBgEf3u
oK9r5fEE2fO6+YSCodIVbz1ON6Y78SVkaKRUUbzpKuS+Pews7WPc6oy7oJxAc5YM
D1ZCoLWeRLVjgsgS+dZ6Czh5I97OM8mJU2Y+tj7VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6WfsaFM0c+UxC/7W8nlwyM+VJQwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2EyZmI4ZTY5LTkwMGMtNGMyYi1iNzU2LTgwMDZiNmU4MTlkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAF7Kcdz73AGKs5F8QZ1lsIyZ/Hnw
HznDjKLC8LPed3ZwOFjP1tHrNUvEzpPxK3JuF5RAjENGWBfPj9wfEM7p4jQgAvPM
EDZtZ1vbr0EQngwig0nwnV95Ze02KqUFk4r4Ovy5E4un6pLRux5Qg1XxC+pcVuNe
0qxNncERNxL0G0+7FYQedTJGcNj4e71qENNEWKcBaCYwm99hp6WndA4pqVZ5D5mI
Yy8VSXWo5MszVuH9xJG6RWlv5qt40xrapZHg/Te6z2YgVzC9cOb0C/jmv+p05Rjn
zPCXiVsTZg8DFm8CbwmDV7oHcHJ/oY96C0KuI54BJN4zhjsht56ZYR0VjKQ=
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:47:28 2025 by rpki-client