Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d6d78a6c-2ed8-4db5-9f40-54aa8eda3eee.roa
File:                     d6d78a6c-2ed8-4db5-9f40-54aa8eda3eee.roa (raw, json)
Hash identifier:          6M6Pt3XKhYuTGW7wYDTASuGL109RWS9T09ugV7QYjs4=
Subject key identifier:   6F:77:F5:BB:BD:EC:8A:D3:28:90:2F:36:D7:D8:D7:E1:26:F5:E8:52
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       1AD336BA70D2CDD5332B494563878175F149BF4C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d6d78a6c-2ed8-4db5-9f40-54aa8eda3eee.roa
Signing time:             Tue 14 May 2024 00:00:00 +0000
ROA not before:           Tue 14 May 2024 00:00:00 +0000
ROA not after:            Tue 18 Jun 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:d3:36:ba:70:d2:cd:d5:33:2b:49:45:63:87:81:75:f1:49:bf:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 14 00:00:00 2024 GMT
            Not After : Jun 18 23:59:59 2024 GMT
        Subject: serialNumber=7ee6566bef959c56da5ae5296b41ab02ecfcbbcd181c757b988eea2936d038a0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:fd:89:ce:2c:da:c9:10:8a:6a:e3:c5:40:93:
                    cb:b3:ef:c5:0a:73:95:28:4f:b8:34:c1:96:03:57:
                    6b:b1:4c:1b:9d:a8:3a:91:4f:8d:ad:58:8f:42:fc:
                    93:3a:0c:99:d7:ce:81:b2:1f:f6:31:8b:3d:3f:23:
                    83:f2:a5:87:5b:ba:bd:b6:ff:e5:14:b1:3d:66:95:
                    25:ca:38:ce:46:cf:27:8c:9c:73:cf:d0:e6:af:8a:
                    38:ff:6b:ec:0c:ff:5b:fb:06:19:08:07:4c:8a:7b:
                    ba:01:d0:17:c1:70:0a:da:bf:47:04:23:89:78:62:
                    93:10:29:60:f0:ba:a2:a4:3d:34:8d:e0:84:6f:69:
                    12:0d:b4:4a:e0:4c:ae:15:63:1e:d1:cc:21:7d:bc:
                    7a:a7:94:03:37:f4:e4:e2:36:6f:6e:fb:19:08:04:
                    f3:32:6d:0e:29:97:09:33:78:f4:4d:b5:71:1a:e2:
                    56:6c:27:de:a9:ec:38:90:8e:84:47:d5:2d:ff:49:
                    5a:28:25:25:a9:b2:03:a4:3c:8d:0d:1b:a5:b6:0c:
                    be:c1:bd:42:b6:74:b0:a9:24:bb:32:12:41:77:e7:
                    06:b7:8a:9b:13:30:e0:1e:c8:50:e1:c7:a4:0c:63:
                    49:d6:fc:2f:d3:b0:2d:26:31:b6:f6:5f:70:02:bb:
                    e3:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:77:F5:BB:BD:EC:8A:D3:28:90:2F:36:D7:D8:D7:E1:26:F5:E8:52
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d6d78a6c-2ed8-4db5-9f40-54aa8eda3eee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:a2:93:7a:11:3e:29:1e:a4:52:26:a8:13:5a:98:78:8a:20:
         b3:2f:7d:76:1f:10:96:d2:56:d2:f1:e7:25:97:88:45:44:77:
         1a:3d:46:db:5c:34:9b:a9:bc:ab:45:98:9b:0a:31:60:88:b5:
         bc:2c:bb:45:38:6d:9f:28:2f:b9:da:b9:14:9c:ff:d0:87:07:
         42:64:1a:34:c9:78:88:98:e8:87:70:5a:29:28:14:cb:6e:76:
         c3:be:60:6c:92:29:25:d9:4b:57:e1:b5:6b:2b:b3:be:6c:76:
         fb:84:d0:de:3b:ea:d3:08:76:ba:22:ce:60:ae:e4:f3:b2:a6:
         fe:0b:9d:99:33:e9:2f:ea:31:84:0c:d2:6e:9a:3d:29:31:49:
         13:20:ba:da:bb:0e:cb:59:0f:f9:1e:5d:cc:de:83:7c:34:ef:
         79:85:9b:88:6f:e8:8e:82:d7:14:e6:d5:be:04:0e:be:b0:af:
         4f:ef:eb:eb:94:91:b1:fb:70:86:7a:bf:7d:38:6d:45:93:e8:
         77:f7:97:e5:5d:0c:4b:61:80:07:f7:9d:66:bd:6f:5e:65:07:
         83:39:53:67:e0:d5:d9:9e:e3:ff:3e:32:02:5b:af:6b:d2:d1:
         a1:d8:c0:26:f0:64:52:ea:cb:13:39:a7:7b:ec:9a:50:c0:a3:
         85:55:85:6d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGtM2unDSzdUzK0lFY4eBdfFJv0wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTE0MDAwMDAwWhcNMjQwNjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZWU2NTY2YmVmOTU5YzU2ZGE1YWU1Mjk2YjQxYWIwMmVj
ZmNiYmNkMTgxYzc1N2I5ODhlZWEyOTM2ZDAzOGEwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDX/YnOLNrJEIpq48VAk8uz78UKc5UoT7g0wZYDV2uxTBud
qDqRT42tWI9C/JM6DJnXzoGyH/Yxiz0/I4PypYdbur22/+UUsT1mlSXKOM5GzyeM
nHPP0Oavijj/a+wM/1v7BhkIB0yKe7oB0BfBcArav0cEI4l4YpMQKWDwuqKkPTSN
4IRvaRINtErgTK4VYx7RzCF9vHqnlAM39OTiNm9u+xkIBPMybQ4plwkzePRNtXEa
4lZsJ96p7DiQjoRH1S3/SVooJSWpsgOkPI0NG6W2DL7BvUK2dLCpJLsyEkF35wa3
ipsTMOAeyFDhx6QMY0nW/C/TsC0mMbb2X3ACu+OvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUb3f1u73sitMokC8219jX4Sb16FIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q2ZDc4YTZjLTJlZDgtNGRiNS05ZjQwLTU0YWE4ZWRhM2VlZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADWik3oRPikepFImqBNamHiKILMv
fXYfEJbSVtLx5yWXiEVEdxo9RttcNJupvKtFmJsKMWCItbwsu0U4bZ8oL7nauRSc
/9CHB0JkGjTJeIiY6IdwWikoFMtudsO+YGySKSXZS1fhtWsrs75sdvuE0N476tMI
droizmCu5POypv4LnZkz6S/qMYQM0m6aPSkxSRMgutq7DstZD/keXczeg3w073mF
m4hv6I6C1xTm1b4EDr6wr0/v6+uUkbH7cIZ6v304bUWT6Hf3l+VdDEthgAf3nWa9
b15lB4M5U2fg1dme4/8+MgJbr2vS0aHYwCbwZFLqyxM5p3vsmlDAo4VVhW0=
-----END CERTIFICATE-----
Generated at Tue May 6 19:56:11 2025 by rpki-client