Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e94dabdc-66f3-4d02-8c32-f8ca735b51d5.roa
File:                     e94dabdc-66f3-4d02-8c32-f8ca735b51d5.roa (raw, json)
Hash identifier:          xZqmXjq4cEUKOodCJN/jgs5vhdBjbrYfg9nDjPH0QR8=
Subject key identifier:   7A:1C:0F:91:3E:56:39:93:34:4B:44:AE:65:55:1C:54:8A:F4:63:86
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       71CAC8043132CCE7834B161FE2946EE7C0865E50
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e94dabdc-66f3-4d02-8c32-f8ca735b51d5.roa
Signing time:             Sat 22 Jun 2024 00:00:00 +0000
ROA not before:           Sat 22 Jun 2024 00:00:00 +0000
ROA not after:            Sat 27 Jul 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:ca:c8:04:31:32:cc:e7:83:4b:16:1f:e2:94:6e:e7:c0:86:5e:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 22 00:00:00 2024 GMT
            Not After : Jul 27 23:59:59 2024 GMT
        Subject: serialNumber=0d30452a7bd92945098d71ac4a193cc4b98076db1655bb3c9bedf4b2574ddc38, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:df:cb:ed:e8:73:c6:38:72:c8:18:90:c8:fb:
                    56:fe:df:7a:cc:b6:36:21:f5:00:d1:c0:f7:aa:bd:
                    b3:e0:df:35:90:12:d7:cd:db:43:66:b0:2b:0d:41:
                    cb:1d:4a:bd:b1:0e:83:1d:0a:18:ac:3c:25:9e:9e:
                    0e:e7:23:f6:b7:de:3c:1b:89:ec:49:f4:78:e6:46:
                    6f:97:3d:91:93:61:f2:6e:6a:ee:ca:77:b4:5f:26:
                    75:15:d9:77:53:2f:4c:f6:58:f0:f7:fc:dd:07:ab:
                    97:d2:20:b8:ee:fa:01:c6:ec:93:53:a6:11:03:70:
                    d5:0e:b7:91:c4:0b:d8:34:ac:9a:8f:5e:37:82:e0:
                    55:a3:94:04:c5:7e:fd:3d:b6:23:cd:a7:9e:b7:bc:
                    c9:73:c2:53:df:50:d8:96:9e:df:39:b5:f1:bb:88:
                    a8:cb:e9:f0:e2:13:4a:1a:ae:21:50:e6:03:f6:6d:
                    4f:fe:e3:1d:64:14:f9:6d:64:40:ec:ce:4d:06:a2:
                    37:7b:f5:b6:43:b7:58:37:d6:c6:51:ea:ef:c3:df:
                    27:7f:c3:76:f3:26:39:32:7f:9f:e4:7e:6d:30:30:
                    22:27:e4:cc:64:3c:98:03:37:84:4c:1a:05:ac:4d:
                    b8:5f:cd:35:1c:cb:b0:51:1a:8e:a3:33:2f:15:90:
                    69:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:1C:0F:91:3E:56:39:93:34:4B:44:AE:65:55:1C:54:8A:F4:63:86
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e94dabdc-66f3-4d02-8c32-f8ca735b51d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:6e:a5:c5:c8:ec:fa:5b:cd:16:8b:52:f6:d4:1b:ca:9a:22:
         b5:6b:42:55:5a:6a:4e:46:13:c3:cb:06:97:8e:e0:22:c1:8e:
         9b:e3:c1:d2:89:a1:4c:6c:e5:90:d1:90:68:fc:94:7e:e4:64:
         fa:34:86:88:31:05:0e:cc:bb:07:c9:f5:80:63:9e:15:e0:69:
         a8:ec:57:ca:43:6f:99:5f:39:fb:63:7a:e3:51:c6:5a:13:bc:
         85:e4:28:3b:da:13:cc:0f:ae:d5:6d:5b:59:7d:32:23:f0:40:
         b6:d0:bb:0b:97:f0:95:bc:4e:fa:71:84:38:de:33:53:56:14:
         3f:d3:f3:36:fb:0c:45:a9:b4:ea:05:b3:d8:33:37:e9:39:e1:
         dc:42:d0:ba:f9:d4:2d:5f:ed:fc:98:ad:d4:ff:7e:f5:db:b5:
         4b:b1:df:f7:02:09:b2:6e:b0:5f:5b:35:94:ba:41:2c:a3:bd:
         3a:3b:b3:94:e9:37:65:97:18:d2:73:63:88:2e:19:dc:50:d4:
         c5:64:97:e7:b2:82:8b:f1:30:e2:c0:26:f6:36:1a:af:e9:e6:
         6e:ff:b7:ff:81:d9:6b:5e:20:ff:39:b0:d2:25:25:76:c5:d8:
         46:0a:1f:68:cd:cb:7d:a3:d7:f2:f8:5e:24:9a:d8:7a:ac:2c:
         e1:4d:d2:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUccrIBDEyzOeDSxYf4pRu58CGXlAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjIyMDAwMDAwWhcNMjQwNzI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZDMwNDUyYTdiZDkyOTQ1MDk4ZDcxYWM0YTE5M2NjNGI5
ODA3NmRiMTY1NWJiM2M5YmVkZjRiMjU3NGRkYzM4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCe38vt6HPGOHLIGJDI+1b+33rMtjYh9QDRwPeqvbPg3zWQ
EtfN20NmsCsNQcsdSr2xDoMdChisPCWeng7nI/a33jwbiexJ9HjmRm+XPZGTYfJu
au7Kd7RfJnUV2XdTL0z2WPD3/N0Hq5fSILju+gHG7JNTphEDcNUOt5HEC9g0rJqP
XjeC4FWjlATFfv09tiPNp563vMlzwlPfUNiWnt85tfG7iKjL6fDiE0oariFQ5gP2
bU/+4x1kFPltZEDszk0Gojd79bZDt1g31sZR6u/D3yd/w3bzJjkyf5/kfm0wMCIn
5MxkPJgDN4RMGgWsTbhfzTUcy7BRGo6jMy8VkGnzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUehwPkT5WOZM0S0SuZVUcVIr0Y4YwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2U5NGRhYmRjLTY2ZjMtNGQwMi04YzMyLWY4Y2E3MzViNTFkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAFupcXI7PpbzRaLUvbUG8qaIrVr
QlVaak5GE8PLBpeO4CLBjpvjwdKJoUxs5ZDRkGj8lH7kZPo0hogxBQ7MuwfJ9YBj
nhXgaajsV8pDb5lfOftjeuNRxloTvIXkKDvaE8wPrtVtW1l9MiPwQLbQuwuX8JW8
TvpxhDjeM1NWFD/T8zb7DEWptOoFs9gzN+k54dxC0Lr51C1f7fyYrdT/fvXbtUux
3/cCCbJusF9bNZS6QSyjvTo7s5TpN2WXGNJzY4guGdxQ1MVkl+eygovxMOLAJvY2
Gq/p5m7/t/+B2WteIP85sNIlJXbF2EYKH2jNy32j1/L4XiSa2HqsLOFN0pw=
-----END CERTIFICATE-----