Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa7d3d47-ad16-43bc-a6f6-a45c7255657c.roa
File:                     aa7d3d47-ad16-43bc-a6f6-a45c7255657c.roa (raw, json)
Hash identifier:          1RwTQ4sVQgdBVcQDj8Qxnkl80MlnjEnuXfpe/bLGqoc=
Subject key identifier:   C1:45:92:64:A0:18:97:EC:AD:0F:0B:AD:55:F1:F2:F7:75:57:41:47
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       09B7A1E57F11367203E854D2B7C34553CE61DA91
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa7d3d47-ad16-43bc-a6f6-a45c7255657c.roa
Signing time:             Tue 17 Dec 2024 00:00:00 +0000
ROA not before:           Tue 17 Dec 2024 00:00:00 +0000
ROA not after:            Tue 21 Jan 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:b7:a1:e5:7f:11:36:72:03:e8:54:d2:b7:c3:45:53:ce:61:da:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 17 00:00:00 2024 GMT
            Not After : Jan 21 23:59:59 2025 GMT
        Subject: serialNumber=34fca04a569786d9a0ee57ed7bd0d3c63765934bd56c8491b07fc16b60d97275, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:f3:c3:c6:64:a5:d1:8c:14:ae:df:e2:14:e6:
                    1a:d7:c1:67:6f:08:28:ca:23:59:33:d2:00:d1:b8:
                    5f:71:f3:22:5e:c6:18:21:53:56:93:04:34:db:64:
                    0a:c0:6b:00:cb:e1:07:68:a1:b0:dd:18:73:17:a1:
                    c7:a4:f1:7d:ca:f0:87:7b:48:05:f0:c8:d3:67:d4:
                    d6:c9:20:a7:7a:c7:48:64:b1:7c:5d:37:79:b0:2d:
                    a7:39:aa:0e:fd:b1:e8:7e:e0:05:08:8a:92:a6:1f:
                    34:85:bc:3d:ab:f8:c5:ad:9d:2d:93:a7:33:31:66:
                    2b:b6:b7:15:d7:3f:2f:30:7c:e2:8c:67:8b:d5:3b:
                    99:fa:27:1e:f0:df:9c:cf:3e:11:bc:f5:89:55:7c:
                    1f:6d:4b:42:23:c3:11:97:40:dd:8e:20:6a:74:2d:
                    59:80:1a:55:fc:82:af:89:e6:68:4f:fd:9f:0b:b9:
                    94:9e:2d:58:0f:ea:80:65:06:ea:df:80:d9:a5:81:
                    ee:cf:da:e9:4d:4c:91:1e:9f:78:5d:c7:7f:7c:7f:
                    7d:68:5f:00:4b:31:98:43:4b:b8:95:a2:27:d5:88:
                    d6:66:35:1e:85:a6:24:c5:40:97:01:f3:b6:e9:0a:
                    32:c2:40:af:cc:5d:35:bb:83:33:56:60:dd:be:5d:
                    2a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:45:92:64:A0:18:97:EC:AD:0F:0B:AD:55:F1:F2:F7:75:57:41:47
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa7d3d47-ad16-43bc-a6f6-a45c7255657c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:fb:db:c3:75:85:f1:40:fe:12:3a:b0:95:21:be:e1:d8:17:
         4c:59:dd:49:06:a0:aa:bc:96:3d:af:be:b8:62:86:fb:aa:02:
         ff:3b:a1:a2:61:f8:01:2f:5b:a0:c2:92:0b:9b:61:91:ad:21:
         03:f8:a8:8a:c6:db:2b:6d:c1:92:a8:0f:34:70:e0:f5:d4:47:
         40:59:63:fb:5f:0c:81:1b:ec:67:77:66:2b:41:22:af:77:d1:
         cb:84:cc:a9:dd:ee:08:15:56:03:3f:33:4c:b0:e2:fb:3f:2f:
         20:a9:df:1e:e5:a7:c6:36:78:c7:59:cb:02:bb:30:da:7e:6b:
         0a:d3:cd:fa:43:b2:a3:9f:61:8f:62:52:19:79:61:e2:10:f6:
         10:15:69:f7:58:95:0b:0d:36:9b:ec:ad:d1:cc:10:9e:bf:d2:
         9e:90:ee:f9:7d:f2:d5:0f:ff:59:2a:7a:64:82:bd:1e:0b:08:
         d1:3e:45:08:3c:29:34:f8:db:e2:3f:79:d9:e3:fa:be:c2:ab:
         c4:43:6b:9d:72:db:94:b9:9a:67:e0:f6:44:74:b5:81:55:d3:
         53:70:96:d0:d8:f0:aa:1d:e1:e7:1b:a7:72:36:9f:13:14:d3:
         50:c8:98:71:87:19:8c:a9:97:b3:f5:57:04:07:5f:93:a4:97:
         49:5a:0f:9b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCbeh5X8RNnID6FTSt8NFU85h2pEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjE3MDAwMDAwWhcNMjUwMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNGZjYTA0YTU2OTc4NmQ5YTBlZTU3ZWQ3YmQwZDNjNjM3
NjU5MzRiZDU2Yzg0OTFiMDdmYzE2YjYwZDk3Mjc1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDf88PGZKXRjBSu3+IU5hrXwWdvCCjKI1kz0gDRuF9x8yJe
xhghU1aTBDTbZArAawDL4QdoobDdGHMXocek8X3K8Id7SAXwyNNn1NbJIKd6x0hk
sXxdN3mwLac5qg79seh+4AUIipKmHzSFvD2r+MWtnS2TpzMxZiu2txXXPy8wfOKM
Z4vVO5n6Jx7w35zPPhG89YlVfB9tS0IjwxGXQN2OIGp0LVmAGlX8gq+J5mhP/Z8L
uZSeLVgP6oBlBurfgNmlge7P2ulNTJEen3hdx398f31oXwBLMZhDS7iVoifViNZm
NR6FpiTFQJcB87bpCjLCQK/MXTW7gzNWYN2+XSoBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwUWSZKAYl+ytDwutVfHy93VXQUcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FhN2QzZDQ3LWFkMTYtNDNiYy1hNmY2LWE0NWM3MjU1NjU3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA/728N1hfFA/hI6sJUhvuHYF0xZ
3UkGoKq8lj2vvrhihvuqAv87oaJh+AEvW6DCkgubYZGtIQP4qIrG2yttwZKoDzRw
4PXUR0BZY/tfDIEb7Gd3ZitBIq930cuEzKnd7ggVVgM/M0yw4vs/LyCp3x7lp8Y2
eMdZywK7MNp+awrTzfpDsqOfYY9iUhl5YeIQ9hAVafdYlQsNNpvsrdHMEJ6/0p6Q
7vl98tUP/1kqemSCvR4LCNE+RQg8KTT42+I/ednj+r7Cq8RDa51y25S5mmfg9kR0
tYFV01NwltDY8Kod4ecbp3I2nxMU01DImHGHGYypl7P1VwQHX5Okl0laD5s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:53:29 2025 by rpki-client