Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d6a8fcfc-2ff8-4134-858b-91b1571d9093.roa
File:                     d6a8fcfc-2ff8-4134-858b-91b1571d9093.roa (raw, json)
Hash identifier:          kGaL89V2jCuKLPInbU0zKqRO2Lp//o8iUNtbiI+qHJc=
Subject key identifier:   7B:D9:39:BC:39:21:DD:92:78:89:64:C6:65:EB:38:24:86:84:0F:DE
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       28329A073137B19A5D8FA2C970C2A4C152614800
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d6a8fcfc-2ff8-4134-858b-91b1571d9093.roa
Signing time:             Sun 17 Sep 2023 00:00:00 +0000
ROA not before:           Sun 17 Sep 2023 00:00:00 +0000
ROA not after:            Sun 22 Oct 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:32:9a:07:31:37:b1:9a:5d:8f:a2:c9:70:c2:a4:c1:52:61:48:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 17 00:00:00 2023 GMT
            Not After : Oct 22 23:59:59 2023 GMT
        Subject: serialNumber=859253ac81f4a434b6cf40f3e591a0eb6c0f429e216cc9a8c9ae4bfc5848dcab, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:82:8b:34:da:65:6f:15:4f:76:e8:ec:44:03:
                    df:72:c2:29:63:9b:53:5d:02:1a:56:a4:c2:33:d9:
                    a4:f9:87:d3:40:f2:38:f1:cc:e5:fa:90:65:8d:5f:
                    f4:fc:43:22:af:54:86:1e:7a:a2:03:27:27:8f:e7:
                    de:f7:27:af:3b:70:37:ab:e5:96:a9:50:cb:f6:a9:
                    c4:43:52:c9:d9:eb:79:1e:d4:36:ba:1e:bb:e9:86:
                    13:ac:cd:5b:cb:8b:ee:13:4f:b4:7b:58:79:da:8a:
                    de:26:e9:0f:a0:5b:31:53:40:e9:3d:08:24:a1:89:
                    df:34:1d:21:1a:49:9f:d7:6f:e5:22:85:28:ba:28:
                    f3:93:ea:31:9e:4b:04:59:1f:5b:44:f9:79:72:39:
                    d9:42:06:86:11:53:b8:cc:16:dc:ce:c5:76:a5:77:
                    34:15:b6:46:85:e3:75:64:11:98:ca:1b:e7:fb:bf:
                    70:cd:4e:db:9e:4d:66:46:9f:cf:78:02:f2:fd:95:
                    f1:91:dd:e1:a2:43:49:f5:44:c5:44:b1:d3:0e:cc:
                    ce:89:fd:9d:a8:66:3f:50:73:0a:a6:46:c3:8f:86:
                    ce:93:42:b3:8a:3c:0d:58:5a:54:e3:53:82:f3:eb:
                    0f:76:fe:8c:72:d1:23:3a:23:64:d8:41:43:8d:13:
                    99:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:D9:39:BC:39:21:DD:92:78:89:64:C6:65:EB:38:24:86:84:0F:DE
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d6a8fcfc-2ff8-4134-858b-91b1571d9093.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:bb:72:8f:29:3e:47:33:4c:09:77:31:b4:3f:47:48:f3:ae:
         5a:a9:c0:58:04:3e:5b:e9:18:32:33:75:c4:08:fa:49:74:d4:
         2f:d4:c4:60:c2:b8:97:dd:75:96:45:57:74:93:77:44:58:fe:
         8c:fe:18:ea:54:06:1a:55:ac:e9:b5:29:98:8f:77:c3:7d:d0:
         36:45:20:c2:da:de:87:34:2e:39:29:68:07:14:07:3c:21:fe:
         e6:37:ea:56:0e:5b:b7:14:be:67:9a:5f:ab:98:4f:43:f5:3a:
         6d:14:19:4b:06:3d:5d:d0:23:b2:79:4d:e8:06:33:5d:20:57:
         93:dd:85:a9:ea:9b:21:32:f9:b7:0f:19:1d:04:6b:8f:26:35:
         87:8b:3a:f4:fd:d0:4f:1b:85:77:cb:b0:ee:b7:e5:1d:bc:15:
         9f:bd:dc:eb:d5:bf:fe:e5:08:b4:d6:13:82:3f:e1:1a:9b:5b:
         8f:e0:7b:a5:3d:9c:c2:5d:76:8e:ad:b0:10:de:9d:d0:21:50:
         0e:5e:4f:4a:26:d8:12:d9:ec:a6:60:62:17:91:cc:62:d3:10:
         7e:32:8c:f1:86:9c:ee:db:26:93:63:c8:2a:70:34:a5:c5:3b:
         be:9e:94:f2:5e:b5:d8:f2:aa:6a:de:1b:09:5b:07:28:61:88:
         d6:7e:a0:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKDKaBzE3sZpdj6LJcMKkwVJhSAAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTE3MDAwMDAwWhcNMjMxMDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NTkyNTNhYzgxZjRhNDM0YjZjZjQwZjNlNTkxYTBlYjZj
MGY0MjllMjE2Y2M5YThjOWFlNGJmYzU4NDhkY2FiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGgos02mVvFU926OxEA99ywiljm1NdAhpWpMIz2aT5h9NA
8jjxzOX6kGWNX/T8QyKvVIYeeqIDJyeP5973J687cDer5ZapUMv2qcRDUsnZ63ke
1Da6HrvphhOszVvLi+4TT7R7WHnait4m6Q+gWzFTQOk9CCShid80HSEaSZ/Xb+Ui
hSi6KPOT6jGeSwRZH1tE+XlyOdlCBoYRU7jMFtzOxXaldzQVtkaF43VkEZjKG+f7
v3DNTtueTWZGn894AvL9lfGR3eGiQ0n1RMVEsdMOzM6J/Z2oZj9QcwqmRsOPhs6T
QrOKPA1YWlTjU4Lz6w92/oxy0SM6I2TYQUONE5kTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUe9k5vDkh3ZJ4iWTGZes4JIaED94wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q2YThmY2ZjLTJmZjgtNDEzNC04NThiLTkxYjE1NzFkOTA5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA+7co8pPkczTAl3MbQ/R0jzrlqp
wFgEPlvpGDIzdcQI+kl01C/UxGDCuJfddZZFV3STd0RY/oz+GOpUBhpVrOm1KZiP
d8N90DZFIMLa3oc0LjkpaAcUBzwh/uY36lYOW7cUvmeaX6uYT0P1Om0UGUsGPV3Q
I7J5TegGM10gV5PdhanqmyEy+bcPGR0Ea48mNYeLOvT90E8bhXfLsO635R28FZ+9
3OvVv/7lCLTWE4I/4RqbW4/ge6U9nMJddo6tsBDendAhUA5eT0om2BLZ7KZgYheR
zGLTEH4yjPGGnO7bJpNjyCpwNKXFO76elPJetdjyqmreGwlbByhhiNZ+oHY=
-----END CERTIFICATE-----