Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a5761ce6-7a8c-4acb-a18c-54d92068f494.roa
File:                     a5761ce6-7a8c-4acb-a18c-54d92068f494.roa (raw, json)
Hash identifier:          e4+dNPPeYMxbMW4gs9W2AD9OWph2hAcHuL85lKHbH10=
Subject key identifier:   82:8A:77:78:F7:DF:2D:B2:09:68:9D:24:5C:0D:1B:F3:10:B3:60:30
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       04703324F58E41C0C0D1F91F6B079FAC3F05ED4F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a5761ce6-7a8c-4acb-a18c-54d92068f494.roa
Signing time:             Sat 15 Jun 2024 00:00:00 +0000
ROA not before:           Sat 15 Jun 2024 00:00:00 +0000
ROA not after:            Sat 20 Jul 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:70:33:24:f5:8e:41:c0:c0:d1:f9:1f:6b:07:9f:ac:3f:05:ed:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 15 00:00:00 2024 GMT
            Not After : Jul 20 23:59:59 2024 GMT
        Subject: serialNumber=4713cb16e438578fd9cd2d228a85dcc7d63c71504f31d36e0632558cccb2e366, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:89:bd:75:87:1a:f7:2a:04:00:00:45:b1:d4:
                    6e:3d:f5:7c:ed:e5:48:85:55:2b:d9:3e:b7:5a:cc:
                    28:4c:7d:03:fb:a6:17:69:4d:28:a4:9d:cb:05:af:
                    ee:7a:54:20:71:86:47:12:04:12:68:aa:22:fa:28:
                    d5:e2:43:55:c6:79:c4:64:56:a1:fd:9b:cb:c0:a0:
                    ae:8b:73:3b:03:1f:a8:51:79:2a:9d:55:9b:65:4b:
                    36:c8:af:f5:25:fe:53:c6:c1:de:3e:e7:63:19:19:
                    4e:25:7c:87:9d:5e:c9:e5:f3:f7:a2:b7:a1:76:f4:
                    e8:27:e1:41:67:69:cd:a8:d2:bc:c6:d7:c5:03:48:
                    26:07:52:7c:93:cc:a5:f3:ac:9a:05:41:a3:49:14:
                    b2:73:ec:a7:19:e0:9a:f4:95:81:13:73:ef:e0:15:
                    04:f0:50:ac:23:e9:b7:5e:a8:d2:ef:06:da:01:be:
                    d1:c8:30:cd:9f:49:f8:23:4e:be:4f:98:22:7d:8d:
                    9f:ec:10:d4:04:98:51:a0:97:18:c1:95:09:22:74:
                    02:66:10:90:a2:0b:ec:a3:3f:64:f0:06:3a:81:67:
                    96:4c:ce:8e:a9:70:1b:83:e1:a1:80:af:71:fb:b9:
                    c2:f2:70:2d:a7:8d:f2:29:8c:94:bd:e3:1e:92:0e:
                    12:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:8A:77:78:F7:DF:2D:B2:09:68:9D:24:5C:0D:1B:F3:10:B3:60:30
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a5761ce6-7a8c-4acb-a18c-54d92068f494.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:3c:6c:40:78:a8:77:20:db:4d:be:ff:15:d1:16:f1:14:fe:
         65:8e:d6:0e:25:c9:ac:9a:c5:8f:d2:91:d6:14:5d:72:56:ca:
         af:19:d7:3d:27:93:38:87:a9:0d:28:6a:6b:a6:0c:fe:3f:db:
         05:7a:6b:c1:48:ee:de:4f:42:ee:21:19:02:a8:43:7a:42:35:
         ec:20:cb:14:05:ea:6e:b7:75:82:cd:f0:89:4d:9e:27:9c:a3:
         2f:19:4d:4c:5d:ec:5d:19:a6:ea:23:77:7a:da:22:d3:88:6c:
         f0:8d:3f:75:1d:86:98:0d:53:fb:cb:eb:a9:22:28:4a:17:99:
         43:48:1a:1c:4e:4d:29:2c:02:71:19:54:8b:de:11:52:80:e4:
         f6:72:e1:b2:a1:50:a9:d6:f7:4e:b3:32:ed:bd:94:d8:8b:df:
         0a:d9:bf:3e:86:9a:24:34:40:80:40:88:26:d4:d3:a3:1a:81:
         bd:07:76:ea:4c:cc:ab:4d:33:2b:8d:bc:89:ba:11:78:4d:da:
         12:80:e8:23:79:b4:2a:01:49:2f:90:e2:27:84:9f:36:d9:5e:
         7f:8f:64:4e:9d:f6:74:81:36:e8:85:6a:a7:34:c1:e1:93:67:
         19:96:8d:d9:37:a5:34:ee:7c:7c:ea:f7:74:f8:3c:f0:1b:76:
         ac:af:d4:97
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBHAzJPWOQcDA0fkfawefrD8F7U8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjE1MDAwMDAwWhcNMjQwNzIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzEzY2IxNmU0Mzg1NzhmZDljZDJkMjI4YTg1ZGNjN2Q2
M2M3MTUwNGYzMWQzNmUwNjMyNTU4Y2NjYjJlMzY2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaib11hxr3KgQAAEWx1G499Xzt5UiFVSvZPrdazChMfQP7
phdpTSikncsFr+56VCBxhkcSBBJoqiL6KNXiQ1XGecRkVqH9m8vAoK6LczsDH6hR
eSqdVZtlSzbIr/Ul/lPGwd4+52MZGU4lfIedXsnl8/eit6F29Ogn4UFnac2o0rzG
18UDSCYHUnyTzKXzrJoFQaNJFLJz7KcZ4Jr0lYETc+/gFQTwUKwj6bdeqNLvBtoB
vtHIMM2fSfgjTr5PmCJ9jZ/sENQEmFGglxjBlQkidAJmEJCiC+yjP2TwBjqBZ5ZM
zo6pcBuD4aGAr3H7ucLycC2njfIpjJS94x6SDhJ9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgop3ePffLbIJaJ0kXA0b8xCzYDAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2E1NzYxY2U2LTdhOGMtNGFjYi1hMThjLTU0ZDkyMDY4ZjQ5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAG48bEB4qHcg202+/xXRFvEU/mWO
1g4lyayaxY/SkdYUXXJWyq8Z1z0nkziHqQ0oamumDP4/2wV6a8FI7t5PQu4hGQKo
Q3pCNewgyxQF6m63dYLN8IlNniecoy8ZTUxd7F0Zpuojd3raItOIbPCNP3UdhpgN
U/vL66kiKEoXmUNIGhxOTSksAnEZVIveEVKA5PZy4bKhUKnW906zMu29lNiL3wrZ
vz6GmiQ0QIBAiCbU06Magb0HdupMzKtNMyuNvIm6EXhN2hKA6CN5tCoBSS+Q4ieE
nzbZXn+PZE6d9nSBNuiFaqc0weGTZxmWjdk3pTTufHzq93T4PPAbdqyv1Jc=
-----END CERTIFICATE-----