Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d50f005a-547e-4e72-921b-07aa5cb0afaa.roa
File:                     d50f005a-547e-4e72-921b-07aa5cb0afaa.roa (raw, json)
Hash identifier:          Xn5PuEW6U/OMYucHaCMuhMhWeNCQkNYxsZttB7BDU/E=
Subject key identifier:   48:BF:E5:33:34:6E:40:3E:6B:B2:18:DE:25:1E:61:DB:BE:86:1D:62
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       4D17C0DE7D9ED4E693FDBA4A92D8751F135974AB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d50f005a-547e-4e72-921b-07aa5cb0afaa.roa
Signing time:             Sun 22 Dec 2024 00:00:00 +0000
ROA not before:           Sun 22 Dec 2024 00:00:00 +0000
ROA not after:            Sun 26 Jan 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:17:c0:de:7d:9e:d4:e6:93:fd:ba:4a:92:d8:75:1f:13:59:74:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 22 00:00:00 2024 GMT
            Not After : Jan 26 23:59:59 2025 GMT
        Subject: serialNumber=db0ceaae6057c584974f98641e4a7fe57fadc1f5e9447d4d606c234e4bfa43a9, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:13:cb:40:a2:98:19:cf:d6:96:79:8c:d4:4b:
                    6c:bb:dc:b1:dd:49:ae:b2:3f:a6:d0:d4:0a:2b:cf:
                    f6:9c:ce:a0:25:c5:b4:44:d8:76:b6:a5:3e:99:44:
                    d9:16:12:53:21:cd:4e:61:12:34:e0:d0:2f:f7:dd:
                    78:82:18:50:4b:b7:0e:8b:be:38:7a:22:b1:9f:f8:
                    10:43:70:a8:d3:97:fb:a4:8a:ec:29:78:45:ed:05:
                    41:3e:c7:c2:1b:1e:e6:10:75:de:89:89:51:34:2b:
                    59:af:c5:88:21:0b:68:10:6f:2c:e8:48:f3:3e:71:
                    36:70:e9:6b:f3:83:b0:94:a4:7b:48:ce:ef:70:ef:
                    29:44:a9:83:8e:20:d3:2c:53:27:71:eb:8b:d5:e4:
                    6f:aa:38:19:1b:9b:70:eb:58:e4:02:ba:93:04:cd:
                    a0:f6:5d:bd:79:8b:c5:6b:1e:64:78:5d:9d:28:fe:
                    e0:a1:6a:53:1b:9c:93:f6:0c:50:42:7e:18:9d:0e:
                    de:a6:61:82:64:11:4a:18:d3:21:8a:c6:5f:c9:77:
                    39:34:de:49:19:db:47:f0:0b:10:95:6b:e5:47:19:
                    91:18:1b:59:1e:2b:14:a9:76:27:32:21:98:35:58:
                    8e:ef:d6:58:0c:46:0e:bf:e8:28:00:3e:ec:81:d4:
                    6f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:BF:E5:33:34:6E:40:3E:6B:B2:18:DE:25:1E:61:DB:BE:86:1D:62
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d50f005a-547e-4e72-921b-07aa5cb0afaa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:c6:0c:b1:6f:78:79:74:6e:98:2d:11:1b:8a:d1:7e:6b:a0:
         01:20:d5:19:41:53:82:45:fb:b9:3b:81:57:64:b1:ec:a6:ac:
         9e:d0:18:60:d9:c0:ab:96:87:0a:9d:f8:f5:0a:fa:9f:68:72:
         eb:6a:f1:a5:6d:7e:8d:04:a7:c8:3d:44:0d:67:a9:63:76:67:
         24:67:93:15:e5:79:8c:40:39:bf:ba:2b:90:64:88:73:72:a4:
         3d:61:54:73:59:a1:52:44:b6:8e:98:68:cd:f0:a4:4a:04:9c:
         3d:70:f0:d3:99:82:d5:35:9c:ad:9f:a6:9f:ad:85:fa:bf:6a:
         2f:da:98:7b:28:27:fa:bb:92:21:ca:66:8d:86:06:7e:02:ba:
         33:1c:9e:6b:99:e2:3a:e5:1a:e5:12:f0:f3:9a:09:23:0b:5b:
         a4:6f:38:9e:66:d9:83:52:71:2e:78:3f:40:43:5e:fb:ca:fa:
         74:6c:57:93:39:35:7a:16:73:06:11:e3:c0:cf:53:9f:9f:6a:
         f8:a6:64:57:ff:a1:3b:9b:35:33:f5:f2:87:e9:2d:e8:01:4d:
         89:01:fc:49:0d:5e:dc:6f:57:b6:cb:55:35:e8:9c:34:0d:10:
         69:2a:a4:1c:1b:99:44:29:f9:c6:3d:35:e4:0b:3b:dd:79:8e:
         f6:04:c1:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTRfA3n2e1OaT/bpKkth1HxNZdKswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjIyMDAwMDAwWhcNMjUwMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjBjZWFhZTYwNTdjNTg0OTc0Zjk4NjQxZTRhN2ZlNTdm
YWRjMWY1ZTk0NDdkNGQ2MDZjMjM0ZTRiZmE0M2E5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlE8tAopgZz9aWeYzUS2y73LHdSa6yP6bQ1Aorz/aczqAl
xbRE2Ha2pT6ZRNkWElMhzU5hEjTg0C/33XiCGFBLtw6Lvjh6IrGf+BBDcKjTl/uk
iuwpeEXtBUE+x8IbHuYQdd6JiVE0K1mvxYghC2gQbyzoSPM+cTZw6Wvzg7CUpHtI
zu9w7ylEqYOOINMsUydx64vV5G+qOBkbm3DrWOQCupMEzaD2Xb15i8VrHmR4XZ0o
/uChalMbnJP2DFBCfhidDt6mYYJkEUoY0yGKxl/Jdzk03kkZ20fwCxCVa+VHGZEY
G1keKxSpdicyIZg1WI7v1lgMRg6/6CgAPuyB1G9ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSL/lMzRuQD5rshjeJR5h276GHWIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q1MGYwMDVhLTU0N2UtNGU3Mi05MjFiLTA3YWE1Y2IwYWZhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHrGDLFveHl0bpgtERuK0X5roAEg
1RlBU4JF+7k7gVdkseymrJ7QGGDZwKuWhwqd+PUK+p9ocutq8aVtfo0Ep8g9RA1n
qWN2ZyRnkxXleYxAOb+6K5BkiHNypD1hVHNZoVJEto6YaM3wpEoEnD1w8NOZgtU1
nK2fpp+thfq/ai/amHsoJ/q7kiHKZo2GBn4CujMcnmuZ4jrlGuUS8POaCSMLW6Rv
OJ5m2YNScS54P0BDXvvK+nRsV5M5NXoWcwYR48DPU5+favimZFf/oTubNTP18ofp
LegBTYkB/EkNXtxvV7bLVTXonDQNEGkqpBwbmUQp+cY9NeQLO915jvYEwd8=
-----END CERTIFICATE-----