Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d83ca474-0cae-4dfc-9f57-6bf761116b2f.roa
File:                     d83ca474-0cae-4dfc-9f57-6bf761116b2f.roa (raw, json)
Hash identifier:          phZVc/W4pSQNlslXmquGPumhQsSOuAy8Lc4Rp+7kUA0=
Subject key identifier:   A1:59:36:DB:55:70:03:46:15:D6:E0:33:E0:64:7C:33:A5:03:92:2D
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       15F7A34417FBBDB1F4E1C25A11BCAF4C322B6015
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d83ca474-0cae-4dfc-9f57-6bf761116b2f.roa
Signing time:             Fri 13 Dec 2024 00:00:00 +0000
ROA not before:           Fri 13 Dec 2024 00:00:00 +0000
ROA not after:            Fri 17 Jan 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:f7:a3:44:17:fb:bd:b1:f4:e1:c2:5a:11:bc:af:4c:32:2b:60:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 13 00:00:00 2024 GMT
            Not After : Jan 17 23:59:59 2025 GMT
        Subject: serialNumber=393265ef1a8c9385e77c06c774cc4a6e781c5c9daf400a8fde8df59f5fbef08b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:0c:d7:80:e1:4a:49:7a:be:8d:dd:f9:07:20:
                    e8:76:f7:da:64:e0:d8:9d:c4:6f:d3:f1:20:ce:b4:
                    c0:13:99:b1:70:28:7c:bb:ee:89:02:b9:d0:7e:9b:
                    c9:60:1c:b9:37:09:1b:83:89:23:56:33:f0:3a:b6:
                    42:6f:2e:2d:e7:63:9e:c1:d3:f4:24:05:dd:a9:71:
                    86:67:12:da:b4:ef:89:76:d7:bd:be:df:68:40:53:
                    e6:47:fe:bd:f4:73:d5:d1:a7:08:91:38:2f:e5:99:
                    ef:07:a6:fe:95:46:11:3c:2d:af:6e:0d:b1:45:69:
                    22:fb:ea:52:69:7c:44:0b:73:cb:8d:ed:aa:e4:6c:
                    97:8a:ce:b9:13:f9:e6:77:0c:ff:27:ed:8a:16:35:
                    d9:d1:5c:0a:93:07:01:a4:18:a3:d8:dd:b7:93:05:
                    47:89:c9:4f:ca:fe:1a:a5:38:ca:89:5f:02:c8:58:
                    9f:43:d1:d4:eb:9e:85:54:14:9c:d5:5f:c2:1e:82:
                    16:fc:a5:ea:48:63:6f:73:31:77:3f:d7:06:b0:54:
                    a6:34:79:05:ef:13:d2:ad:75:5b:13:d8:89:56:b9:
                    d3:f7:b5:a9:78:34:36:2d:30:f9:36:3d:0a:82:e8:
                    0b:b5:69:56:75:5e:f8:f6:e8:07:2d:d8:e0:34:1a:
                    8c:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:59:36:DB:55:70:03:46:15:D6:E0:33:E0:64:7C:33:A5:03:92:2D
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d83ca474-0cae-4dfc-9f57-6bf761116b2f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:07:0d:a2:84:ec:56:a9:fd:1a:26:3c:80:93:1e:3a:14:81:
         71:c6:57:2f:a8:7a:d6:7e:ec:ad:ab:a6:eb:bd:4c:46:81:c7:
         d1:ef:44:bf:5f:74:e8:b9:af:a6:07:31:c5:51:f0:17:c4:9e:
         ab:cc:c3:3c:d5:59:3e:01:d9:c3:e3:dc:d1:f4:a5:b2:70:19:
         02:67:8c:90:a9:e8:e9:b1:75:48:f1:f0:91:8f:6c:5f:b5:35:
         c5:4f:4d:b3:4c:da:f4:cd:90:10:dc:f4:f8:b3:04:63:7c:9a:
         c3:5f:07:09:47:91:8c:d9:67:20:21:0a:d7:57:27:98:bf:7f:
         14:87:53:ae:44:94:6f:b1:9a:d2:2c:6c:be:90:8f:94:2f:33:
         61:e9:a2:de:b8:75:7e:19:47:3c:9e:90:08:9d:67:f4:06:64:
         69:43:36:5b:76:dc:12:49:7c:98:7d:86:35:bb:21:75:97:10:
         ee:77:a2:6e:ce:6b:3b:28:de:f9:e4:67:40:bf:51:86:c4:51:
         92:10:22:77:d9:8e:02:31:bb:73:27:68:16:78:38:73:fc:6c:
         49:48:b9:13:e5:fe:7a:1f:a2:c4:c3:d0:07:50:e8:c5:62:5c:
         be:55:46:55:f9:f2:30:ed:f9:25:70:61:be:27:4f:49:36:bf:
         18:15:3f:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFfejRBf7vbH04cJaEbyvTDIrYBUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMjEzMDAwMDAwWhcNMjUwMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzOTMyNjVlZjFhOGM5Mzg1ZTc3YzA2Yzc3NGNjNGE2ZTc4
MWM1YzlkYWY0MDBhOGZkZThkZjU5ZjVmYmVmMDhiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDDNeA4UpJer6N3fkHIOh299pk4NidxG/T8SDOtMATmbFw
KHy77okCudB+m8lgHLk3CRuDiSNWM/A6tkJvLi3nY57B0/QkBd2pcYZnEtq074l2
172+32hAU+ZH/r30c9XRpwiROC/lme8Hpv6VRhE8La9uDbFFaSL76lJpfEQLc8uN
7arkbJeKzrkT+eZ3DP8n7YoWNdnRXAqTBwGkGKPY3beTBUeJyU/K/hqlOMqJXwLI
WJ9D0dTrnoVUFJzVX8Ieghb8pepIY29zMXc/1wawVKY0eQXvE9KtdVsT2IlWudP3
tal4NDYtMPk2PQqC6Au1aVZ1Xvj26Act2OA0GozFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoVk221VwA0YV1uAz4GR8M6UDki0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q4M2NhNDc0LTBjYWUtNGRmYy05ZjU3LTZiZjc2MTExNmIyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAUHDaKE7Fap/RomPICTHjoUgXHG
Vy+oetZ+7K2rpuu9TEaBx9HvRL9fdOi5r6YHMcVR8BfEnqvMwzzVWT4B2cPj3NH0
pbJwGQJnjJCp6OmxdUjx8JGPbF+1NcVPTbNM2vTNkBDc9PizBGN8msNfBwlHkYzZ
ZyAhCtdXJ5i/fxSHU65ElG+xmtIsbL6Qj5QvM2Hpot64dX4ZRzyekAidZ/QGZGlD
Nlt23BJJfJh9hjW7IXWXEO53om7Oazso3vnkZ0C/UYbEUZIQInfZjgIxu3MnaBZ4
OHP8bElIuRPl/nofosTD0AdQ6MViXL5VRlX58jDt+SVwYb4nT0k2vxgVP2Q=
-----END CERTIFICATE-----