Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/be2e5931-59c3-4504-a6a5-2dbd52ce641c.roa
File:                     be2e5931-59c3-4504-a6a5-2dbd52ce641c.roa (raw, json)
Hash identifier:          2QZi4nveS2CdeYPyxaKPucq71UdW1aU/K5ElvqU5Ydo=
Subject key identifier:   F3:CD:38:4A:17:91:3F:7A:3A:DD:DA:B4:00:62:34:EE:E5:EC:0E:63
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       26F6B9B703B52D3431506E06705AFE842B965491
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/be2e5931-59c3-4504-a6a5-2dbd52ce641c.roa
Signing time:             Sun 18 Jun 2023 00:00:00 +0000
ROA not before:           Sun 18 Jun 2023 00:00:00 +0000
ROA not after:            Sun 23 Jul 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:f6:b9:b7:03:b5:2d:34:31:50:6e:06:70:5a:fe:84:2b:96:54:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 18 00:00:00 2023 GMT
            Not After : Jul 23 23:59:59 2023 GMT
        Subject: serialNumber=7186699d025305447ce63361cf40236946d4d24ab82d2e375918124c6de11d63, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e1:3a:c4:83:51:ae:8b:49:26:da:ba:15:fb:
                    4f:4a:4c:e9:88:f8:53:21:59:a1:74:1f:d1:39:92:
                    d1:7e:4e:0f:3b:9c:bc:1a:65:0b:bd:2d:1c:bb:51:
                    73:2b:45:4d:85:b7:47:01:ae:41:86:7f:9c:13:f5:
                    22:3b:16:ea:f5:e6:15:b4:d6:f7:0f:2a:d9:48:20:
                    64:07:84:d5:c9:b0:f3:c3:af:bf:af:23:24:de:51:
                    00:7e:cb:36:e3:3d:35:2f:44:35:21:ad:9e:28:c0:
                    82:1d:c3:3b:b0:6a:bc:01:a8:0d:43:b6:50:71:e5:
                    7c:f6:d0:53:02:bc:4e:ef:18:6f:5b:30:78:bd:9b:
                    ba:eb:c6:a1:22:c2:79:77:79:3b:3b:40:0b:8b:bc:
                    13:09:b9:29:58:f4:43:a7:b4:00:8f:4d:80:59:4b:
                    9d:14:3d:df:ab:fa:df:fe:f0:b2:b4:aa:43:30:d2:
                    2a:77:6b:b1:78:39:62:00:6f:64:f1:10:db:64:04:
                    be:3d:e8:7a:46:42:72:bb:a9:3d:ae:39:cc:a3:e9:
                    4c:db:86:56:d2:ee:f7:cb:31:aa:d4:c3:f4:ab:ef:
                    13:30:c8:a6:cb:c4:87:e6:af:77:f3:1b:a8:0d:a4:
                    ec:6a:94:b5:04:8f:41:66:9d:7c:d5:21:48:be:42:
                    25:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:CD:38:4A:17:91:3F:7A:3A:DD:DA:B4:00:62:34:EE:E5:EC:0E:63
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/be2e5931-59c3-4504-a6a5-2dbd52ce641c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:93:2d:cb:12:8c:06:4a:5b:b9:c3:0c:41:71:b7:cd:24:63:
         25:61:8a:df:5a:f6:a7:0d:81:d4:fd:b7:0f:e6:ec:bf:c2:55:
         e5:1a:da:a1:92:70:f3:5b:a1:e5:6c:5f:cc:aa:35:78:9e:81:
         00:3c:f1:88:fe:ec:1b:09:84:36:26:dd:92:88:43:b0:9d:47:
         0b:87:2b:b6:5f:90:30:3e:23:a7:67:91:b1:c6:c2:f9:1a:ea:
         13:66:8f:eb:23:61:46:21:cd:da:5c:d6:f8:d5:b7:77:d4:93:
         01:f9:12:b4:81:11:01:33:c7:73:b7:ee:98:7a:c0:69:6f:56:
         8e:f0:72:2e:74:72:15:50:d6:12:6e:9c:3c:ae:2d:fa:f2:90:
         93:2b:3f:66:58:01:8e:f6:e8:5a:7d:92:ef:55:2a:0e:0c:fb:
         fd:3d:c2:b8:b4:f2:2e:76:f1:aa:86:df:5c:a0:6f:7d:bc:48:
         1f:ce:f6:a9:dd:6e:a5:d5:87:87:63:d3:77:b1:3b:5b:76:03:
         40:fd:aa:24:5d:68:c1:f0:ff:6f:3c:61:26:e5:9e:d5:f2:90:
         e0:49:e2:54:fc:e2:f3:42:17:df:cd:96:c3:dc:f5:cc:57:62:
         2b:3a:a1:d0:1f:ff:93:16:24:cb:88:87:a1:ce:a8:69:9e:d3:
         be:dc:df:25
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJva5twO1LTQxUG4GcFr+hCuWVJEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjE4MDAwMDAwWhcNMjMwNzIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MTg2Njk5ZDAyNTMwNTQ0N2NlNjMzNjFjZjQwMjM2OTQ2
ZDRkMjRhYjgyZDJlMzc1OTE4MTI0YzZkZTExZDYzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDS4TrEg1Gui0km2roV+09KTOmI+FMhWaF0H9E5ktF+Tg87
nLwaZQu9LRy7UXMrRU2Ft0cBrkGGf5wT9SI7Fur15hW01vcPKtlIIGQHhNXJsPPD
r7+vIyTeUQB+yzbjPTUvRDUhrZ4owIIdwzuwarwBqA1DtlBx5Xz20FMCvE7vGG9b
MHi9m7rrxqEiwnl3eTs7QAuLvBMJuSlY9EOntACPTYBZS50UPd+r+t/+8LK0qkMw
0ip3a7F4OWIAb2TxENtkBL496HpGQnK7qT2uOcyj6UzbhlbS7vfLMarUw/Sr7xMw
yKbLxIfmr3fzG6gNpOxqlLUEj0FmnXzVIUi+QiVPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8804SheRP3o63dq0AGI07uXsDmMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2JlMmU1OTMxLTU5YzMtNDUwNC1hNmE1LTJkYmQ1MmNlNjQxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKGTLcsSjAZKW7nDDEFxt80kYyVh
it9a9qcNgdT9tw/m7L/CVeUa2qGScPNboeVsX8yqNXiegQA88Yj+7BsJhDYm3ZKI
Q7CdRwuHK7ZfkDA+I6dnkbHGwvka6hNmj+sjYUYhzdpc1vjVt3fUkwH5ErSBEQEz
x3O37ph6wGlvVo7wci50chVQ1hJunDyuLfrykJMrP2ZYAY726Fp9ku9VKg4M+/09
wri08i528aqG31ygb328SB/O9qndbqXVh4dj03exO1t2A0D9qiRdaMHw/288YSbl
ntXykOBJ4lT84vNCF9/NlsPc9cxXYis6odAf/5MWJMuIh6HOqGme077c3yU=
-----END CERTIFICATE-----