Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b1739b31-5efb-4440-be88-022f0e403cfb.roa
File:                     b1739b31-5efb-4440-be88-022f0e403cfb.roa (raw, json)
Hash identifier:          8firXpZ5VHJeAVzUjvk07svvE7OK9lju0exLK+9pwOo=
Subject key identifier:   8F:4C:1A:97:84:90:94:8D:01:93:56:00:D8:1C:EC:FF:1E:FC:34:34
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       749964AF4986B0F9DEABB15A5B57C8B869C7EDEB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b1739b31-5efb-4440-be88-022f0e403cfb.roa
Signing time:             Sun 17 Nov 2024 00:00:00 +0000
ROA not before:           Sun 17 Nov 2024 00:00:00 +0000
ROA not after:            Sun 22 Dec 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:99:64:af:49:86:b0:f9:de:ab:b1:5a:5b:57:c8:b8:69:c7:ed:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 17 00:00:00 2024 GMT
            Not After : Dec 22 23:59:59 2024 GMT
        Subject: serialNumber=96ef504d5ac7fd937d8c590fd1a973235a8fdac26975b5e9133242315efd66f1, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fa:98:17:da:23:0c:75:9a:91:b1:73:7e:c8:
                    e5:b4:2d:c7:20:7f:51:69:e7:9e:9d:9b:47:00:4e:
                    38:ce:d9:29:de:43:05:d7:67:de:ca:4f:fd:b8:1c:
                    77:38:65:cb:36:93:36:9d:8f:54:37:2e:b6:b9:24:
                    37:84:1d:6e:6d:6d:8a:3a:85:20:cf:16:c0:e2:3a:
                    21:66:59:c3:0b:38:f9:ae:09:ba:4e:9f:ca:35:ea:
                    b9:df:ef:97:ed:84:ce:48:84:e3:bb:c1:b1:76:8f:
                    d7:e7:9c:20:c4:31:3c:96:b8:3c:29:55:e9:19:5e:
                    a5:3c:39:b3:c6:ad:11:fc:30:27:32:97:c8:d3:ee:
                    6c:26:cc:c4:10:0e:1f:b7:cb:32:ad:61:c7:3f:e4:
                    f8:d1:27:8a:69:96:70:f5:0c:44:48:17:fe:c2:50:
                    e4:76:9c:5e:b7:d3:25:f4:57:c7:7e:ce:54:e3:0e:
                    92:e5:58:65:93:8d:f5:cd:1c:06:15:af:b8:e4:60:
                    8c:70:ec:ba:b6:d0:4e:a5:ed:49:13:1e:0b:c3:30:
                    66:ff:2b:61:5d:8f:da:da:8f:a3:91:56:84:84:c7:
                    53:a5:04:3e:8e:3e:3a:c0:c4:6b:83:9a:28:bd:47:
                    a4:d2:18:33:96:f8:33:24:2e:0d:3c:fb:72:2b:7f:
                    2d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:4C:1A:97:84:90:94:8D:01:93:56:00:D8:1C:EC:FF:1E:FC:34:34
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b1739b31-5efb-4440-be88-022f0e403cfb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:81:89:16:38:c0:01:8c:42:6c:7d:1e:e5:a2:b7:64:56:91:
         4f:3d:77:4c:20:ad:43:d1:a0:cf:68:90:04:50:a7:97:45:03:
         07:ff:36:51:c6:a4:0b:59:69:54:1f:19:03:25:d0:37:f5:f7:
         64:ff:ed:a7:cd:b2:4b:05:08:85:c9:3a:fe:48:d0:e0:f3:cb:
         77:f5:85:6a:0d:3b:81:d5:f7:31:4d:bf:c3:89:64:3d:c9:7e:
         c5:0b:47:8c:0c:73:08:56:20:0f:48:3e:34:5b:52:bf:0b:30:
         a7:aa:86:e0:34:b7:60:5c:ba:b0:15:86:29:a5:00:24:0e:ec:
         3f:b6:5e:6e:92:cf:47:dc:5a:37:99:eb:58:90:53:ab:dc:cd:
         ba:2a:c2:45:aa:78:d9:2a:a6:cc:f6:03:13:7b:0b:81:d0:48:
         0f:53:c6:1f:ec:df:50:d1:c0:bd:93:af:be:fc:72:ad:f9:df:
         eb:bc:17:96:41:6f:2a:7c:2a:d4:71:78:9b:a8:13:02:8a:be:
         bd:61:b9:f7:0b:26:91:0e:0c:b7:af:bc:24:ef:f0:d4:d5:bc:
         21:89:02:a7:e9:1c:0f:20:bc:63:d7:a9:7a:6f:c0:b7:31:20:
         97:f1:78:23:61:a6:68:16:d3:8d:0e:13:b6:23:8f:76:58:ba:
         c2:39:b7:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdJlkr0mGsPneq7FaW1fIuGnH7eswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTE3MDAwMDAwWhcNMjQxMjIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NmVmNTA0ZDVhYzdmZDkzN2Q4YzU5MGZkMWE5NzMyMzVh
OGZkYWMyNjk3NWI1ZTkxMzMyNDIzMTVlZmQ2NmYxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCm+pgX2iMMdZqRsXN+yOW0Lccgf1Fp556dm0cATjjO2Sne
QwXXZ97KT/24HHc4Zcs2kzadj1Q3Lra5JDeEHW5tbYo6hSDPFsDiOiFmWcMLOPmu
CbpOn8o16rnf75fthM5IhOO7wbF2j9fnnCDEMTyWuDwpVekZXqU8ObPGrRH8MCcy
l8jT7mwmzMQQDh+3yzKtYcc/5PjRJ4pplnD1DERIF/7CUOR2nF630yX0V8d+zlTj
DpLlWGWTjfXNHAYVr7jkYIxw7Lq20E6l7UkTHgvDMGb/K2Fdj9raj6ORVoSEx1Ol
BD6OPjrAxGuDmii9R6TSGDOW+DMkLg08+3Irfy1DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUj0wal4SQlI0Bk1YA2Bzs/x78NDQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2IxNzM5YjMxLTVlZmItNDQ0MC1iZTg4LTAyMmYwZTQwM2NmYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKWBiRY4wAGMQmx9HuWit2RWkU89
d0wgrUPRoM9okARQp5dFAwf/NlHGpAtZaVQfGQMl0Df192T/7afNsksFCIXJOv5I
0ODzy3f1hWoNO4HV9zFNv8OJZD3JfsULR4wMcwhWIA9IPjRbUr8LMKeqhuA0t2Bc
urAVhimlACQO7D+2Xm6Sz0fcWjeZ61iQU6vczboqwkWqeNkqpsz2AxN7C4HQSA9T
xh/s31DRwL2Tr778cq353+u8F5ZBbyp8KtRxeJuoEwKKvr1hufcLJpEODLevvCTv
8NTVvCGJAqfpHA8gvGPXqXpvwLcxIJfxeCNhpmgW040OE7Yjj3ZYusI5t2Q=
-----END CERTIFICATE-----
Generated at Sun May 11 16:12:08 2025 by rpki-client