Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d01ff11b-009d-43cd-9d9b-d4e4e53dcead.roa
File:                     d01ff11b-009d-43cd-9d9b-d4e4e53dcead.roa (raw, json)
Hash identifier:          D71/TbH+ivQPIETPPFdLW/gSQxCrEC2MnDJojKvNvF4=
Subject key identifier:   D8:97:A3:A4:17:09:3A:39:39:8F:3F:9C:F1:D4:03:19:2F:91:FD:70
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       795F0175EEC7F85479D2ABA067A950B5CB9E40BF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d01ff11b-009d-43cd-9d9b-d4e4e53dcead.roa
Signing time:             Sun 15 Sep 2024 00:00:00 +0000
ROA not before:           Sun 15 Sep 2024 00:00:00 +0000
ROA not after:            Sun 20 Oct 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:5f:01:75:ee:c7:f8:54:79:d2:ab:a0:67:a9:50:b5:cb:9e:40:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 15 00:00:00 2024 GMT
            Not After : Oct 20 23:59:59 2024 GMT
        Subject: serialNumber=83c7a4c2522995ce55795b6b26f35543f1a5c3ecfb687bc46788cf20b02db535, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f0:22:d9:eb:ec:20:de:71:9e:cc:ea:bc:d6:
                    43:3a:cb:e4:05:22:5b:50:48:e4:2c:7c:15:55:04:
                    f5:6a:2e:2e:16:7f:63:c4:80:df:09:58:9a:29:8f:
                    52:4b:54:3d:3e:cd:e7:2a:9a:d9:a1:fe:0f:4d:e2:
                    b3:f4:9a:57:ad:70:b7:2d:4e:7c:bb:d8:5b:9b:14:
                    9e:be:46:2c:11:51:43:48:fa:2b:5b:56:b0:79:68:
                    cb:9e:da:90:70:8a:57:4c:a2:5b:a3:06:c6:c7:ad:
                    c5:f6:c5:af:84:ed:a7:2b:03:92:2a:c8:39:6c:0e:
                    7e:ed:ee:18:02:70:05:97:e2:d5:02:84:b3:f4:6b:
                    14:79:54:08:29:c0:f2:70:cc:6c:6e:0b:b2:a5:42:
                    a3:3b:bc:fa:69:7d:1c:08:26:57:c3:c7:f4:83:46:
                    8f:2e:ed:69:6f:58:46:e4:96:70:7d:a4:0e:89:f6:
                    9b:21:7e:98:48:17:c2:4d:90:f4:c8:71:7d:99:bc:
                    38:1c:cc:be:3b:db:c6:3e:ee:a9:06:92:45:ce:ff:
                    a5:0e:8e:f8:90:0b:24:26:13:15:2d:e3:f7:f7:cb:
                    2a:db:83:08:15:86:f5:d8:37:9e:6d:20:38:86:ce:
                    1c:de:12:6b:39:59:20:b8:42:e6:43:1d:da:fe:51:
                    9b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:97:A3:A4:17:09:3A:39:39:8F:3F:9C:F1:D4:03:19:2F:91:FD:70
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d01ff11b-009d-43cd-9d9b-d4e4e53dcead.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:f0:ce:22:98:c0:63:14:06:f8:65:86:91:52:b2:c2:e3:3c:
         96:dd:e0:e2:18:77:2a:95:03:b2:c7:56:53:b6:7a:e7:f2:f0:
         21:9b:52:d1:a9:bd:69:b9:5d:95:8c:37:2f:b3:92:0b:61:5c:
         52:20:bf:fb:d9:42:78:78:a9:f9:bf:0f:82:88:58:ed:0f:f5:
         b2:52:24:19:17:c0:36:a2:fd:9a:54:5e:a4:c5:a2:f5:ce:89:
         b0:f9:09:d9:5d:f9:7b:c6:97:b8:29:0d:47:30:c6:17:a7:8d:
         b1:9c:11:84:db:6d:06:2c:6b:a9:f9:c1:45:eb:30:da:8c:03:
         42:45:ef:44:bd:fd:75:9a:90:03:c9:67:e9:06:fa:76:2c:b3:
         6e:29:28:ae:41:f1:bb:f4:63:d0:aa:ed:38:b6:bc:65:07:51:
         e6:35:ed:00:82:f1:42:cd:fe:13:35:7c:d2:be:83:df:de:84:
         6c:53:72:b2:92:d6:46:91:d7:4f:67:e0:14:08:27:20:3d:f3:
         9b:8a:03:7e:38:a4:f8:63:d3:29:19:5b:67:1f:bc:23:aa:a8:
         dd:62:75:27:f4:c5:f1:5c:1a:bc:64:fb:a4:e3:23:83:74:fb:
         87:cd:a0:04:9f:4e:dd:20:19:fd:19:f8:ae:c4:b0:51:ca:c7:
         5f:44:fe:e5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeV8Bde7H+FR50qugZ6lQtcueQL8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTE1MDAwMDAwWhcNMjQxMDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4M2M3YTRjMjUyMjk5NWNlNTU3OTViNmIyNmYzNTU0M2Yx
YTVjM2VjZmI2ODdiYzQ2Nzg4Y2YyMGIwMmRiNTM1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC28CLZ6+wg3nGezOq81kM6y+QFIltQSOQsfBVVBPVqLi4W
f2PEgN8JWJopj1JLVD0+zecqmtmh/g9N4rP0mletcLctTny72FubFJ6+RiwRUUNI
+itbVrB5aMue2pBwildMolujBsbHrcX2xa+E7acrA5IqyDlsDn7t7hgCcAWX4tUC
hLP0axR5VAgpwPJwzGxuC7KlQqM7vPppfRwIJlfDx/SDRo8u7WlvWEbklnB9pA6J
9pshfphIF8JNkPTIcX2ZvDgczL4728Y+7qkGkkXO/6UOjviQCyQmExUt4/f3yyrb
gwgVhvXYN55tIDiGzhzeEms5WSC4QuZDHdr+UZv/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2JejpBcJOjk5jz+c8dQDGS+R/XAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2QwMWZmMTFiLTAwOWQtNDNjZC05ZDliLWQ0ZTRlNTNkY2VhZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALPwziKYwGMUBvhlhpFSssLjPJbd
4OIYdyqVA7LHVlO2eufy8CGbUtGpvWm5XZWMNy+zkgthXFIgv/vZQnh4qfm/D4KI
WO0P9bJSJBkXwDai/ZpUXqTFovXOibD5Cdld+XvGl7gpDUcwxhenjbGcEYTbbQYs
a6n5wUXrMNqMA0JF70S9/XWakAPJZ+kG+nYss24pKK5B8bv0Y9Cq7Ti2vGUHUeY1
7QCC8ULN/hM1fNK+g9/ehGxTcrKS1kaR109n4BQIJyA985uKA344pPhj0ykZW2cf
vCOqqN1idSf0xfFcGrxk+6TjI4N0+4fNoASfTt0gGf0Z+K7EsFHKx19E/uU=
-----END CERTIFICATE-----