Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb85efe2-f1be-4591-b842-3b415c61a29d.roa
File:                     fb85efe2-f1be-4591-b842-3b415c61a29d.roa (raw, json)
Hash identifier:          qNLvLLTVDzv2ane67BJgq7MGKTEpWg5y4Z2hvFhFYa4=
Subject key identifier:   73:04:98:1B:DA:D6:30:29:09:FA:64:E4:31:E6:80:7E:87:9F:AA:B2
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       16269164EDB9D95B25E1B6DD678058EA7907B753
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb85efe2-f1be-4591-b842-3b415c61a29d.roa
Signing time:             Mon 13 May 2024 00:00:00 +0000
ROA not before:           Mon 13 May 2024 00:00:00 +0000
ROA not after:            Mon 17 Jun 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:26:91:64:ed:b9:d9:5b:25:e1:b6:dd:67:80:58:ea:79:07:b7:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 13 00:00:00 2024 GMT
            Not After : Jun 17 23:59:59 2024 GMT
        Subject: serialNumber=abcc93803a2dd969d488db92aa7c24f06803266d2b40fb0e50fbf5cd87d7844a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:02:40:12:38:91:9d:ec:1e:cf:7c:d9:23:33:
                    da:f8:ab:1e:f1:ee:7d:3c:b8:7d:b6:8e:36:65:81:
                    da:f3:ba:c2:9d:8a:9a:fc:b2:a8:cb:59:58:2d:24:
                    cd:c0:c0:ee:06:cc:73:59:5b:75:f6:04:d7:cd:c5:
                    97:a3:44:24:c5:b4:1c:70:56:15:6f:09:60:32:c2:
                    a4:1f:89:21:18:f9:8d:68:00:51:2a:49:c1:15:e5:
                    dc:2a:55:83:ef:d6:f3:e3:fd:31:67:5c:b8:70:06:
                    89:d0:c1:5c:0d:6e:02:90:bd:a5:17:d2:8c:a2:e8:
                    1b:38:96:0c:76:67:de:0a:88:80:55:2c:02:2a:ca:
                    0e:62:62:1a:de:02:7d:bc:c1:ac:4c:fd:1f:d4:73:
                    51:1d:e7:73:bf:6a:b4:d6:fd:95:7a:8e:9b:62:e8:
                    51:70:ac:81:0d:fc:43:0b:b0:c5:14:7e:ce:23:9e:
                    62:9c:4e:e9:54:91:c3:f4:78:21:55:5f:a6:25:97:
                    5c:1c:50:47:94:d3:28:4c:f5:9a:5e:da:4b:b7:47:
                    b7:5d:66:f2:1f:f2:39:c3:26:fb:99:be:40:40:d2:
                    c1:52:a7:56:61:6b:b5:37:51:9f:d3:f6:c3:29:e0:
                    7b:c8:b9:e3:e2:7c:22:64:da:5c:36:5d:74:64:02:
                    43:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:04:98:1B:DA:D6:30:29:09:FA:64:E4:31:E6:80:7E:87:9F:AA:B2
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb85efe2-f1be-4591-b842-3b415c61a29d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:25:b9:32:86:8a:13:a7:82:70:b5:3c:ad:5b:3d:a5:79:5e:
         74:a9:e6:2b:06:68:33:0b:2f:0d:26:e5:9c:4c:70:f0:80:b9:
         df:23:fa:8a:89:1e:91:40:31:6f:67:79:3b:c5:db:28:31:1c:
         53:4d:31:95:e9:2c:08:e9:89:14:51:ac:12:04:95:18:97:34:
         d7:86:dc:b4:8d:be:ab:62:6f:0c:19:df:4c:79:5a:cd:56:8b:
         bd:bf:96:3f:f2:85:1f:c1:86:cf:2d:f0:8b:16:31:df:1c:f4:
         22:e9:29:d4:88:b6:09:d1:56:3e:75:6a:16:6f:cb:96:b9:c5:
         d7:e5:b4:80:d2:6c:14:c3:3b:e0:90:ad:d5:46:c5:b1:d4:ef:
         47:55:a9:3e:4e:34:d3:25:a2:9c:5c:63:ab:79:f9:b5:ff:59:
         06:52:e1:9d:85:05:9f:de:a4:12:32:1b:a9:3a:23:6d:19:8d:
         11:c3:16:f2:8d:ad:8a:fd:7b:10:19:0e:83:34:b3:72:bd:d4:
         63:8f:ef:7f:74:14:58:fc:3c:c7:67:a8:48:e4:f7:89:e5:ff:
         d2:f3:b4:cb:45:81:d5:d0:e8:82:9d:41:06:5b:c6:e9:0a:0e:
         0c:23:0e:ed:7b:29:60:14:ab:39:e3:e8:bd:41:a2:45:3a:d7:
         fd:60:1e:58
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFiaRZO252Vsl4bbdZ4BY6nkHt1MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTEzMDAwMDAwWhcNMjQwNjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYmNjOTM4MDNhMmRkOTY5ZDQ4OGRiOTJhYTdjMjRmMDY4
MDMyNjZkMmI0MGZiMGU1MGZiZjVjZDg3ZDc4NDRhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQAkASOJGd7B7PfNkjM9r4qx7x7n08uH22jjZlgdrzusKd
ipr8sqjLWVgtJM3AwO4GzHNZW3X2BNfNxZejRCTFtBxwVhVvCWAywqQfiSEY+Y1o
AFEqScEV5dwqVYPv1vPj/TFnXLhwBonQwVwNbgKQvaUX0oyi6Bs4lgx2Z94KiIBV
LAIqyg5iYhreAn28waxM/R/Uc1Ed53O/arTW/ZV6jpti6FFwrIEN/EMLsMUUfs4j
nmKcTulUkcP0eCFVX6Yll1wcUEeU0yhM9Zpe2ku3R7ddZvIf8jnDJvuZvkBA0sFS
p1Zha7U3UZ/T9sMp4HvIuePifCJk2lw2XXRkAkMnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcwSYG9rWMCkJ+mTkMeaAfoefqrIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZiODVlZmUyLWYxYmUtNDU5MS1iODQyLTNiNDE1YzYxYTI5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHQluTKGihOngnC1PK1bPaV5XnSp
5isGaDMLLw0m5ZxMcPCAud8j+oqJHpFAMW9neTvF2ygxHFNNMZXpLAjpiRRRrBIE
lRiXNNeG3LSNvqtibwwZ30x5Ws1Wi72/lj/yhR/Bhs8t8IsWMd8c9CLpKdSItgnR
Vj51ahZvy5a5xdfltIDSbBTDO+CQrdVGxbHU70dVqT5ONNMlopxcY6t5+bX/WQZS
4Z2FBZ/epBIyG6k6I20ZjRHDFvKNrYr9exAZDoM0s3K91GOP7390FFj8PMdnqEjk
94nl/9LztMtFgdXQ6IKdQQZbxukKDgwjDu17KWAUqznj6L1BokU61/1gHlg=
-----END CERTIFICATE-----
Generated at Sat May 10 16:15:35 2025 by rpki-client