Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5f2004bd-b89f-489b-afb5-7f3163c6d605.roa
File:                     5f2004bd-b89f-489b-afb5-7f3163c6d605.roa (raw, json)
Hash identifier:          1cZ3VbapU6Gmy2Sl/V71yG3CWX1PEyb73+LgYm5yByQ=
Subject key identifier:   D7:EF:61:EE:89:08:2C:C8:CC:EB:9D:6F:23:77:52:DE:0E:2F:F9:90
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       227709AE8179F3C109E77A49D3C61E4CC7A026CD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5f2004bd-b89f-489b-afb5-7f3163c6d605.roa
Signing time:             Sat 28 Sep 2024 00:00:00 +0000
ROA not before:           Sat 28 Sep 2024 00:00:00 +0000
ROA not after:            Sat 02 Nov 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:77:09:ae:81:79:f3:c1:09:e7:7a:49:d3:c6:1e:4c:c7:a0:26:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 28 00:00:00 2024 GMT
            Not After : Nov  2 23:59:59 2024 GMT
        Subject: serialNumber=51764a1c53fdaaa3b9f271b55ebcb80417bad5c19a0b01acbf8e0199c8625f7e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ee:8c:12:d7:91:df:db:e3:de:0e:a3:c1:be:
                    9f:3c:33:c2:07:22:5b:10:f7:7a:fc:26:68:9b:31:
                    c2:46:b9:88:85:0b:67:f9:fe:f2:bb:4c:ed:7a:d4:
                    28:d2:5a:50:05:78:68:70:66:9d:a5:8a:14:90:ad:
                    d9:a1:01:e6:46:1b:99:55:f7:79:67:3c:a4:13:e3:
                    38:24:af:14:89:c5:3f:52:71:dd:db:91:5b:69:d6:
                    58:3c:fe:ad:24:c8:31:ec:e6:9f:d8:db:50:02:da:
                    b9:84:35:e2:e1:60:5a:1c:a8:fd:0e:10:23:29:c2:
                    25:7e:30:a0:c1:6d:a6:c3:5d:ed:41:91:59:9d:75:
                    22:12:42:05:c1:69:35:61:f2:94:32:db:d3:d2:70:
                    a4:91:c6:fb:e6:66:ec:84:b4:ef:1f:42:dc:96:80:
                    2b:c5:90:04:bd:21:e3:05:2a:e5:20:22:c9:94:48:
                    3e:e8:34:97:f4:0a:19:f8:69:f8:fc:56:96:8e:33:
                    41:bd:a8:6b:76:0a:f9:ca:ff:00:33:22:d7:3d:51:
                    67:5d:4a:2a:6e:fd:4d:53:04:68:a7:21:34:ec:40:
                    51:ed:94:c2:57:eb:e3:bf:0b:5f:04:26:df:a2:22:
                    2e:33:7a:17:7f:9f:a6:f4:71:78:33:3a:2e:eb:8a:
                    37:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:EF:61:EE:89:08:2C:C8:CC:EB:9D:6F:23:77:52:DE:0E:2F:F9:90
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5f2004bd-b89f-489b-afb5-7f3163c6d605.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:bb:44:dc:3a:f2:99:c1:c1:97:8c:17:1d:05:68:73:ad:0d:
         9d:ae:fc:20:c1:82:80:a5:84:e3:e3:97:2a:17:15:6e:13:dd:
         23:83:c4:c7:1d:8d:c8:87:cc:80:dc:a7:d4:3e:ae:81:1c:a5:
         57:01:bf:b1:ef:df:3b:24:79:22:05:1a:b5:cc:97:46:a1:c5:
         a1:84:d0:92:64:07:6c:1f:83:a5:dd:b0:67:27:b5:94:17:32:
         02:47:40:e6:03:cd:5a:0c:2f:55:9f:f3:ad:0b:9f:94:54:97:
         99:f3:70:ee:6d:f4:23:61:37:db:0c:81:63:89:8b:6f:31:9e:
         0a:cd:6d:21:25:86:05:c7:ea:7e:b3:86:3a:b5:b0:3d:9a:0d:
         34:64:1a:41:3d:fc:db:a1:36:7b:f1:b0:ae:07:84:24:9b:ab:
         6a:61:bc:60:73:06:fd:20:83:c2:ee:34:06:50:c3:e5:32:1b:
         1a:26:27:9d:35:3f:fb:35:d5:39:2f:15:47:a2:f9:7b:5d:c7:
         aa:3d:52:b3:79:92:2a:66:f8:ea:88:3e:4f:5c:96:1e:af:fe:
         57:a1:ef:70:ec:45:d9:68:8c:96:5f:29:e1:3a:dc:59:34:f3:
         12:87:e6:ee:19:1f:c6:b4:47:d8:b7:cf:e6:92:b0:df:17:e9:
         38:e5:e2:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIncJroF588EJ53pJ08YeTMegJs0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTI4MDAwMDAwWhcNMjQxMTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MTc2NGExYzUzZmRhYWEzYjlmMjcxYjU1ZWJjYjgwNDE3
YmFkNWMxOWEwYjAxYWNiZjhlMDE5OWM4NjI1ZjdlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG7owS15Hf2+PeDqPBvp88M8IHIlsQ93r8JmibMcJGuYiF
C2f5/vK7TO161CjSWlAFeGhwZp2lihSQrdmhAeZGG5lV93lnPKQT4zgkrxSJxT9S
cd3bkVtp1lg8/q0kyDHs5p/Y21AC2rmENeLhYFocqP0OECMpwiV+MKDBbabDXe1B
kVmddSISQgXBaTVh8pQy29PScKSRxvvmZuyEtO8fQtyWgCvFkAS9IeMFKuUgIsmU
SD7oNJf0Chn4afj8VpaOM0G9qGt2CvnK/wAzItc9UWddSipu/U1TBGinITTsQFHt
lMJX6+O/C18EJt+iIi4zehd/n6b0cXgzOi7rijevAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1+9h7okILMjM651vI3dS3g4v+ZAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzVmMjAwNGJkLWI4OWYtNDg5Yi1hZmI1LTdmMzE2M2M2ZDYwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAK+7RNw68pnBwZeMFx0FaHOtDZ2u
/CDBgoClhOPjlyoXFW4T3SODxMcdjciHzIDcp9Q+roEcpVcBv7Hv3zskeSIFGrXM
l0ahxaGE0JJkB2wfg6XdsGcntZQXMgJHQOYDzVoML1Wf860Ln5RUl5nzcO5t9CNh
N9sMgWOJi28xngrNbSElhgXH6n6zhjq1sD2aDTRkGkE9/NuhNnvxsK4HhCSbq2ph
vGBzBv0gg8LuNAZQw+UyGxomJ501P/s11TkvFUei+Xtdx6o9UrN5kipm+OqIPk9c
lh6v/leh73DsRdlojJZfKeE63Fk08xKH5u4ZH8a0R9i3z+aSsN8X6Tjl4tE=
-----END CERTIFICATE-----