Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6d8fe031-c31f-42c5-9c6b-7187be3a5524.roa
File:                     6d8fe031-c31f-42c5-9c6b-7187be3a5524.roa (raw, json)
Hash identifier:          xVaxYgXL2a3nMyYbRIh16jVqltXv17OOGEfNlig/3U8=
Subject key identifier:   9E:0E:10:69:B3:04:61:05:A7:5C:FD:87:23:9B:58:0C:02:BF:54:8B
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       0828D62D81F256A2801CE5E2A77EEF96541453DB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6d8fe031-c31f-42c5-9c6b-7187be3a5524.roa
Signing time:             Sun 02 Jun 2024 00:00:00 +0000
ROA not before:           Sun 02 Jun 2024 00:00:00 +0000
ROA not after:            Sun 07 Jul 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:28:d6:2d:81:f2:56:a2:80:1c:e5:e2:a7:7e:ef:96:54:14:53:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun  2 00:00:00 2024 GMT
            Not After : Jul  7 23:59:59 2024 GMT
        Subject: serialNumber=32f79098112fa60de47a726da72001fac417e762bfc80db86636a1833ede2603, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c2:07:ef:3d:1d:44:55:ef:83:b6:da:ca:81:
                    af:7e:44:11:67:d2:88:53:25:f9:3e:3a:a4:a6:ee:
                    6c:80:9c:87:1d:57:15:85:ab:0b:96:af:78:4d:0f:
                    fa:b3:52:9a:a3:66:cb:34:cf:dc:ee:2d:7c:e9:5f:
                    e2:27:c0:33:fd:9e:ea:bb:4d:52:e1:d5:9f:f8:58:
                    7f:f2:3d:b0:c6:6c:30:fb:dd:d1:db:6b:dd:a5:3f:
                    3a:50:10:09:4b:87:70:8e:62:8a:2f:f3:12:42:5c:
                    c3:ca:52:61:83:2e:e4:cf:7c:f1:cd:1f:e1:b1:30:
                    12:1b:38:bd:4a:6f:bb:72:7e:a9:09:52:4b:eb:cc:
                    ba:15:40:99:4d:b9:7a:fd:5e:d3:86:a3:2a:ca:23:
                    b3:f6:b6:d2:50:c1:78:cc:cb:5c:dc:c9:46:34:9d:
                    b3:58:0b:84:d5:bb:75:cc:18:62:14:64:50:cc:e7:
                    c1:73:5e:f8:4d:dd:bb:9e:cd:1b:1a:01:47:f0:45:
                    42:66:dd:42:df:f0:aa:d9:ae:db:c4:7b:1d:92:0d:
                    53:13:c6:49:f3:a2:97:58:e4:0f:b5:e8:76:ce:a6:
                    b5:3c:17:03:88:e1:a6:cf:29:bf:0a:9b:f3:91:46:
                    f7:8d:19:65:c3:a3:ab:d3:d1:15:62:76:b7:70:3d:
                    5d:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:0E:10:69:B3:04:61:05:A7:5C:FD:87:23:9B:58:0C:02:BF:54:8B
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6d8fe031-c31f-42c5-9c6b-7187be3a5524.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:f9:b2:57:bf:36:f5:93:87:d6:07:0f:ed:26:97:4f:51:07:
         c2:f7:17:63:77:71:be:e0:9a:14:54:ec:52:3d:9b:53:c3:b2:
         c0:a7:b0:78:42:73:a6:0d:84:7e:60:0b:4a:94:56:28:a9:b2:
         c2:5b:d6:ec:d8:cc:8b:4b:fb:bb:de:67:78:15:b7:fd:bb:a8:
         06:9d:36:46:b8:ba:93:1b:fc:74:46:64:ad:91:95:4f:54:69:
         2f:f9:d8:98:c8:1a:45:7b:8c:01:e8:c4:e7:b8:21:7b:51:8b:
         8e:4c:b0:de:6a:bc:d8:b5:4a:26:3c:a7:bf:9c:0f:44:ff:47:
         08:58:66:f5:fe:9f:19:8c:06:44:bc:32:10:78:74:1f:23:37:
         28:f9:83:54:26:de:f3:5d:e9:3b:61:30:55:e2:99:ff:ad:d5:
         04:37:a4:60:b3:f7:e7:24:6c:44:7a:a9:38:53:4e:d6:e3:b6:
         fb:bd:7b:26:e9:f1:6e:b2:bb:3c:78:01:33:3b:9c:00:50:2a:
         e4:b9:f2:62:f9:6e:12:50:30:77:a7:a5:09:c7:6d:a0:14:89:
         0d:c9:44:bf:92:3c:c4:24:ac:99:c9:9c:ba:79:19:d5:e8:9d:
         a7:e0:3d:93:28:bd:b7:46:24:67:f2:81:62:96:77:bf:ea:88:
         0e:28:df:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCCjWLYHyVqKAHOXip37vllQUU9swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNjAyMDAwMDAwWhcNMjQwNzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMmY3OTA5ODExMmZhNjBkZTQ3YTcyNmRhNzIwMDFmYWM0
MTdlNzYyYmZjODBkYjg2NjM2YTE4MzNlZGUyNjAzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClwgfvPR1EVe+DttrKga9+RBFn0ohTJfk+OqSm7myAnIcd
VxWFqwuWr3hND/qzUpqjZss0z9zuLXzpX+InwDP9nuq7TVLh1Z/4WH/yPbDGbDD7
3dHba92lPzpQEAlLh3COYoov8xJCXMPKUmGDLuTPfPHNH+GxMBIbOL1Kb7tyfqkJ
UkvrzLoVQJlNuXr9XtOGoyrKI7P2ttJQwXjMy1zcyUY0nbNYC4TVu3XMGGIUZFDM
58FzXvhN3buezRsaAUfwRUJm3ULf8KrZrtvEex2SDVMTxknzopdY5A+16HbOprU8
FwOI4abPKb8Km/ORRveNGWXDo6vT0RVidrdwPV3bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUng4QabMEYQWnXP2HI5tYDAK/VIswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzZkOGZlMDMxLWMzMWYtNDJjNS05YzZiLTcxODdiZTNhNTUyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFv5sle/NvWTh9YHD+0ml09RB8L3
F2N3cb7gmhRU7FI9m1PDssCnsHhCc6YNhH5gC0qUViipssJb1uzYzItL+7veZ3gV
t/27qAadNka4upMb/HRGZK2RlU9UaS/52JjIGkV7jAHoxOe4IXtRi45MsN5qvNi1
SiY8p7+cD0T/RwhYZvX+nxmMBkS8MhB4dB8jNyj5g1Qm3vNd6TthMFXimf+t1QQ3
pGCz9+ckbER6qThTTtbjtvu9eybp8W6yuzx4ATM7nABQKuS58mL5bhJQMHenpQnH
baAUiQ3JRL+SPMQkrJnJnLp5GdXonafgPZMovbdGJGfygWKWd7/qiA4o36Q=
-----END CERTIFICATE-----