Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ecd4dc8a-429c-4678-a986-a4bfbc8d7cc7.roa
File:                     ecd4dc8a-429c-4678-a986-a4bfbc8d7cc7.roa (raw, json)
Hash identifier:          lCeU7lCrEAEg3cXYihSfPYjpeaQJBIn4lrUaUB8lDKo=
Subject key identifier:   CC:E7:16:08:56:3D:60:93:A2:AA:1F:F2:57:3D:CD:11:FC:F9:DC:C0
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5C3B035D0116D62A258743CC1979DD0DB1A554D1
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ecd4dc8a-429c-4678-a986-a4bfbc8d7cc7.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:3b:03:5d:01:16:d6:2a:25:87:43:cc:19:79:dd:0d:b1:a5:54:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=a7c9f07da3103ab79d888e0f605eb0c91aad490d3d8bb2527b637b34de4883d3, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ae:0b:31:5d:c3:52:3d:4f:3c:9d:96:10:e3:
                    80:5d:09:62:fb:23:cb:51:e6:7e:98:c6:89:0d:3c:
                    8b:e5:28:ed:86:b2:ae:19:44:e7:03:28:19:0b:e1:
                    2b:db:bb:84:d4:8b:b5:9f:e7:9e:45:9f:c5:8e:af:
                    8a:9a:69:38:67:72:09:66:35:e3:94:2c:dc:b2:66:
                    ae:62:f0:02:c6:89:f9:0b:4a:8f:e3:32:30:af:41:
                    97:23:a7:a4:a2:5b:48:05:1f:e0:66:90:b6:ef:c1:
                    45:1c:65:22:bf:43:5e:18:21:50:39:35:db:91:f6:
                    c8:03:1c:88:81:1d:6c:b7:4e:1b:bd:82:13:5f:9d:
                    32:07:07:74:af:e9:fe:2b:d9:81:ac:f3:99:87:48:
                    be:68:f6:17:37:7f:51:77:ab:b4:05:11:19:8b:5d:
                    a5:33:c3:e2:bf:b0:b0:04:5f:b5:2a:3c:e3:40:39:
                    f1:fc:40:11:1d:84:59:b3:6a:c6:31:5a:17:ea:64:
                    5f:82:fd:4c:e0:46:e3:f0:68:1b:94:12:7c:aa:33:
                    1f:67:18:5e:8e:b2:05:da:8f:d3:d9:6d:5e:cd:7c:
                    60:17:1f:60:b8:cd:97:05:a5:fe:a1:16:da:58:e0:
                    eb:30:8d:91:39:2e:cf:0c:b6:b9:ac:07:22:b0:cc:
                    eb:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:E7:16:08:56:3D:60:93:A2:AA:1F:F2:57:3D:CD:11:FC:F9:DC:C0
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ecd4dc8a-429c-4678-a986-a4bfbc8d7cc7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:fb:35:6d:40:6a:dc:36:d7:60:86:d9:5e:aa:a1:c1:9a:95:
         29:10:80:a7:7f:91:f8:1c:d9:e8:49:18:d9:0b:71:b8:fd:03:
         e7:71:d2:85:5b:f5:ab:d4:1a:cc:b6:4f:88:ec:bb:d8:cb:43:
         0b:6c:3a:04:32:00:a1:62:13:91:24:d4:43:8f:10:9f:23:97:
         fa:25:11:fe:62:69:cf:9a:e0:c8:b1:a9:72:cf:fb:8b:df:96:
         e2:f2:5f:ba:28:4d:f2:61:b4:f9:d2:59:28:00:c0:ef:40:ce:
         c3:dc:13:b8:05:1e:ea:11:d0:7b:71:5a:3d:ce:f4:62:0b:ca:
         ad:4f:21:a7:0c:80:17:3a:92:ea:1c:72:cb:4f:03:be:aa:2b:
         aa:2d:2a:e2:7a:e4:73:5f:8f:3c:56:90:02:5a:32:10:f5:61:
         4c:f6:10:a0:20:e9:38:9f:96:92:ef:49:ae:ad:1d:0d:bc:b8:
         a6:5f:9a:96:59:cf:3f:13:f4:6d:ff:bf:bf:1d:96:25:00:50:
         85:cc:97:15:7d:9a:9b:a5:05:4e:c3:8a:54:47:74:09:a8:ef:
         19:ca:06:52:48:65:27:4a:de:99:62:d4:d5:66:0c:a0:25:6d:
         34:16:6f:f2:e6:e2:b5:0c:e9:8e:01:54:3b:ae:ca:ca:34:26:
         df:a9:dc:91
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXDsDXQEW1iolh0PMGXndDbGlVNEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTI3MDAwMDAwWhcNMjQwNzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhN2M5ZjA3ZGEzMTAzYWI3OWQ4ODhlMGY2MDVlYjBjOTFh
YWQ0OTBkM2Q4YmIyNTI3YjYzN2IzNGRlNDg4M2QzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVrgsxXcNSPU88nZYQ44BdCWL7I8tR5n6YxokNPIvlKO2G
sq4ZROcDKBkL4Svbu4TUi7Wf555Fn8WOr4qaaThncglmNeOULNyyZq5i8ALGifkL
So/jMjCvQZcjp6SiW0gFH+BmkLbvwUUcZSK/Q14YIVA5NduR9sgDHIiBHWy3Thu9
ghNfnTIHB3Sv6f4r2YGs85mHSL5o9hc3f1F3q7QFERmLXaUzw+K/sLAEX7UqPONA
OfH8QBEdhFmzasYxWhfqZF+C/UzgRuPwaBuUEnyqMx9nGF6OsgXaj9PZbV7NfGAX
H2C4zZcFpf6hFtpY4OswjZE5Ls8MtrmsByKwzOs1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzOcWCFY9YJOiqh/yVz3NEfz53MAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2VjZDRkYzhhLTQyOWMtNDY3OC1hOTg2LWE0YmZiYzhkN2NjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABb7NW1Aatw212CG2V6qocGalSkQ
gKd/kfgc2ehJGNkLcbj9A+dx0oVb9avUGsy2T4jsu9jLQwtsOgQyAKFiE5Ek1EOP
EJ8jl/olEf5iac+a4MixqXLP+4vfluLyX7ooTfJhtPnSWSgAwO9AzsPcE7gFHuoR
0HtxWj3O9GILyq1PIacMgBc6kuoccstPA76qK6otKuJ65HNfjzxWkAJaMhD1YUz2
EKAg6TiflpLvSa6tHQ28uKZfmpZZzz8T9G3/v78dliUAUIXMlxV9mpulBU7DilRH
dAmo7xnKBlJIZSdK3pli1NVmDKAlbTQWb/Lm4rUM6Y4BVDuuyso0Jt+p3JE=
-----END CERTIFICATE-----