Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/09f42c3d-b8e5-42c7-af82-019d77bbaf69.roa
File:                     09f42c3d-b8e5-42c7-af82-019d77bbaf69.roa (raw, json)
Hash identifier:          2DprNjjpx9/SWVAkeh9j4zZtpiZMG8fQ3u7+mcPEmsA=
Subject key identifier:   AA:F5:A5:49:5F:1F:65:CA:71:24:A1:46:79:43:9D:57:05:5E:93:FA
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       3D26BE9F53665C2D28C256483042D02E54DD5E51
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/09f42c3d-b8e5-42c7-af82-019d77bbaf69.roa
Signing time:             Fri 12 Jan 2024 00:00:00 +0000
ROA not before:           Fri 12 Jan 2024 00:00:00 +0000
ROA not after:            Fri 16 Feb 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:26:be:9f:53:66:5c:2d:28:c2:56:48:30:42:d0:2e:54:dd:5e:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jan 12 00:00:00 2024 GMT
            Not After : Feb 16 23:59:59 2024 GMT
        Subject: serialNumber=ed66a5597393adb8cd0601698b4738f6558f3da8438aff6880c3057962be48b9, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0f:09:07:c9:ea:50:86:11:67:d5:07:9d:f0:
                    4d:45:d5:4c:a0:a6:de:89:dc:4d:b5:5d:cb:ae:0d:
                    7b:82:de:2c:c8:b8:9f:e1:ac:7d:6a:eb:cf:3e:af:
                    57:3e:ea:1a:20:36:49:98:1c:6f:95:31:b9:ba:c3:
                    8f:94:0a:89:49:4d:70:29:6e:45:15:b8:d6:44:0b:
                    9c:d9:14:8b:ac:9e:15:26:bd:a7:3b:74:e7:7f:96:
                    dc:8e:f8:90:f9:72:d1:2f:d4:e0:9d:4f:02:5f:7d:
                    c4:af:bc:a4:36:a0:7b:b3:1a:70:c7:c0:8c:ea:2e:
                    cb:27:32:56:75:ff:37:c7:00:c5:d9:ef:f5:2e:b2:
                    66:de:ae:44:de:b3:14:82:e1:f8:77:b7:98:a7:36:
                    36:03:d8:4c:99:92:ad:23:f1:5b:10:66:62:80:3e:
                    7a:02:a3:d4:ce:35:e9:8c:e4:29:44:2b:65:cd:12:
                    ed:f7:02:4d:af:1c:43:32:23:14:89:0e:92:24:40:
                    29:4c:58:9f:c7:e0:14:f1:73:a6:79:c8:bf:16:b4:
                    c3:72:18:a4:09:85:e0:15:35:d8:1f:da:a8:5d:dc:
                    be:ad:55:9f:04:31:2c:71:9f:b4:48:0e:28:b0:7b:
                    3d:c8:0b:05:d8:dc:86:83:be:29:46:2d:21:93:13:
                    c3:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:F5:A5:49:5F:1F:65:CA:71:24:A1:46:79:43:9D:57:05:5E:93:FA
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/09f42c3d-b8e5-42c7-af82-019d77bbaf69.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:80:33:85:9b:ca:b6:92:7f:62:f0:d1:9a:a2:23:12:56:08:
         e4:01:f9:92:5e:93:76:be:49:44:2c:d9:26:9a:b8:c2:a6:db:
         c1:35:40:96:34:b4:00:ec:5b:27:c4:c0:c5:2c:3e:78:af:19:
         f6:53:63:7a:37:82:6f:05:39:21:22:5f:88:c9:d1:ad:c1:46:
         a8:f8:4b:c7:c2:5b:34:c0:90:3a:10:e5:a3:b6:5c:3b:3b:d4:
         e1:26:bf:78:7d:ae:a6:2e:f9:18:02:02:59:8d:8f:1c:04:ba:
         b5:87:4c:12:b5:f4:0d:46:c3:3d:b2:6f:ca:02:ef:4a:6d:bc:
         0f:71:ef:f2:c8:cd:15:63:6b:31:78:c3:a7:d2:d2:90:39:e9:
         16:4b:8e:aa:99:a8:28:57:53:e3:f9:ac:1d:5d:d3:b1:f4:27:
         a3:e5:d4:e0:a9:6f:f9:17:94:b6:57:81:d8:21:d3:b6:a2:a9:
         b8:ef:a0:e6:52:92:7b:e4:40:0d:cf:9c:2d:ff:cf:5f:e6:57:
         84:74:48:cf:88:7c:0a:8e:25:c8:b1:56:57:39:e2:1e:90:82:
         9e:1c:71:92:90:44:6c:ba:f1:3e:c0:0c:35:33:b5:1f:94:7d:
         96:bf:4b:02:aa:4b:49:ce:c5:f3:9c:63:7f:71:b3:c3:9e:61:
         21:c9:78:79
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPSa+n1NmXC0owlZIMELQLlTdXlEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTEyMDAwMDAwWhcNMjQwMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDY2YTU1OTczOTNhZGI4Y2QwNjAxNjk4YjQ3MzhmNjU1
OGYzZGE4NDM4YWZmNjg4MGMzMDU3OTYyYmU0OGI5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaDwkHyepQhhFn1Qed8E1F1Uygpt6J3E21XcuuDXuC3izI
uJ/hrH1q688+r1c+6hogNkmYHG+VMbm6w4+UColJTXApbkUVuNZEC5zZFIusnhUm
vac7dOd/ltyO+JD5ctEv1OCdTwJffcSvvKQ2oHuzGnDHwIzqLssnMlZ1/zfHAMXZ
7/UusmberkTesxSC4fh3t5inNjYD2EyZkq0j8VsQZmKAPnoCo9TONemM5ClEK2XN
Eu33Ak2vHEMyIxSJDpIkQClMWJ/H4BTxc6Z5yL8WtMNyGKQJheAVNdgf2qhd3L6t
VZ8EMSxxn7RIDiiwez3ICwXY3IaDvilGLSGTE8ORAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqvWlSV8fZcpxJKFGeUOdVwVek/owHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzA5ZjQyYzNkLWI4ZTUtNDJjNy1hZjgyLTAxOWQ3N2JiYWY2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIuAM4WbyraSf2Lw0ZqiIxJWCOQB
+ZJek3a+SUQs2SaauMKm28E1QJY0tADsWyfEwMUsPnivGfZTY3o3gm8FOSEiX4jJ
0a3BRqj4S8fCWzTAkDoQ5aO2XDs71OEmv3h9rqYu+RgCAlmNjxwEurWHTBK19A1G
wz2yb8oC70ptvA9x7/LIzRVjazF4w6fS0pA56RZLjqqZqChXU+P5rB1d07H0J6Pl
1OCpb/kXlLZXgdgh07aiqbjvoOZSknvkQA3PnC3/z1/mV4R0SM+IfAqOJcixVlc5
4h6Qgp4ccZKQRGy68T7ADDUztR+UfZa/SwKqS0nOxfOcY39xs8OeYSHJeHk=
-----END CERTIFICATE-----