Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06549ce9-6675-402a-b6ec-e98d38245508.roa
File:                     06549ce9-6675-402a-b6ec-e98d38245508.roa (raw, json)
Hash identifier:          AfecE/aYmFFIJTEsEMSP5QLOJhTVBR8WsZIH6B/vH7w=
Subject key identifier:   60:36:F5:81:87:47:37:3E:01:42:74:64:80:A0:B4:9E:E5:66:BC:C8
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       4CC3A2419DF956D878286E7EBA33AD26BAA382BF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06549ce9-6675-402a-b6ec-e98d38245508.roa
Signing time:             Sun 26 Nov 2023 00:00:00 +0000
ROA not before:           Sun 26 Nov 2023 00:00:00 +0000
ROA not after:            Sun 31 Dec 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:c3:a2:41:9d:f9:56:d8:78:28:6e:7e:ba:33:ad:26:ba:a3:82:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 26 00:00:00 2023 GMT
            Not After : Dec 31 23:59:59 2023 GMT
        Subject: serialNumber=e8b32d376d56eb8c438d598318eea0126af6180f111e841b5f92fe303af9d959, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:8f:f3:3b:c3:23:bf:22:05:1b:7a:4a:91:18:
                    c0:a7:2e:2a:d6:b7:05:41:be:33:96:c0:4f:fd:ca:
                    66:7b:98:83:72:c4:b1:c5:9b:64:5c:98:3b:c4:85:
                    fb:47:a8:25:d8:12:98:b4:8f:3a:ee:85:84:03:95:
                    66:f8:ee:cc:38:91:bc:b5:0b:27:51:15:fe:ed:b7:
                    ad:19:ea:a6:48:de:d7:fb:f2:93:8f:5f:47:5b:0e:
                    04:37:ae:f1:73:82:87:ee:c3:c2:2e:49:5c:90:96:
                    91:56:0c:a4:6b:89:e0:82:80:31:c0:00:c7:13:85:
                    6e:6b:51:71:ad:03:69:7a:23:91:13:0e:9e:18:94:
                    ee:04:50:c9:df:0e:b5:12:78:04:6c:36:1a:5a:66:
                    04:d1:af:af:e5:e8:99:81:fc:54:e9:bb:35:63:f2:
                    af:78:d6:35:27:b6:a8:f2:3e:14:1c:14:90:e1:d2:
                    cd:7a:12:28:4b:14:a0:6d:1d:f1:70:3e:bb:47:90:
                    80:9d:6e:df:12:66:18:5d:92:89:b4:a4:d9:e0:1a:
                    ab:2d:cd:18:6f:2b:a1:b4:6c:06:83:85:ff:8d:ef:
                    4e:cd:c3:2d:8a:18:8a:6a:d8:7e:63:11:7e:7f:fb:
                    8f:c1:6d:45:f3:5f:0f:6d:60:fd:79:44:95:a1:78:
                    40:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:36:F5:81:87:47:37:3E:01:42:74:64:80:A0:B4:9E:E5:66:BC:C8
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/06549ce9-6675-402a-b6ec-e98d38245508.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:cd:4f:e1:50:fd:8b:1f:89:11:91:bd:4b:95:0c:3a:43:7d:
         1b:b0:76:69:d3:67:0f:a7:15:b0:c2:c3:aa:6b:52:43:9c:fd:
         d9:0e:92:13:96:95:9d:fa:5d:bf:8c:8a:69:17:b4:71:52:bb:
         41:cd:60:ec:a8:a7:98:6e:3f:a6:ab:af:79:6a:d3:c5:67:04:
         b7:88:99:69:a2:56:5c:3e:8d:5f:84:b9:1a:7f:c7:62:d1:a4:
         63:ef:50:5a:3f:06:43:96:0c:4d:97:c9:b2:a4:86:68:0d:1b:
         0f:bb:70:fe:9f:34:7a:7e:e5:e2:5d:65:1b:9b:27:a0:94:c9:
         3a:78:aa:28:e9:a7:66:cf:7a:5f:c1:f9:0d:46:d5:e0:d0:72:
         fb:1e:60:59:78:3a:82:f8:7c:b9:e4:ef:30:a6:03:15:4e:87:
         a8:cd:b4:6b:a8:d0:57:d5:c2:da:d1:9c:58:bc:20:53:15:6e:
         fd:01:96:97:93:46:fc:9e:7c:b5:4b:5e:7c:54:65:a7:19:8a:
         9a:f4:60:ad:b7:27:84:d5:a6:88:88:3a:b6:3a:4a:da:3e:45:
         b2:36:35:11:f9:f9:96:1f:9a:8a:ec:b0:61:9d:76:b2:bc:e1:
         f9:af:fa:56:43:1a:e4:2a:3e:51:7b:21:32:b7:38:e4:2e:5e:
         54:31:2b:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTMOiQZ35Vth4KG5+ujOtJrqjgr8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTI2MDAwMDAwWhcNMjMxMjMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlOGIzMmQzNzZkNTZlYjhjNDM4ZDU5ODMxOGVlYTAxMjZh
ZjYxODBmMTExZTg0MWI1ZjkyZmUzMDNhZjlkOTU5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2j/M7wyO/IgUbekqRGMCnLirWtwVBvjOWwE/9ymZ7mINy
xLHFm2RcmDvEhftHqCXYEpi0jzruhYQDlWb47sw4kby1CydRFf7tt60Z6qZI3tf7
8pOPX0dbDgQ3rvFzgofuw8IuSVyQlpFWDKRrieCCgDHAAMcThW5rUXGtA2l6I5ET
Dp4YlO4EUMnfDrUSeARsNhpaZgTRr6/l6JmB/FTpuzVj8q941jUntqjyPhQcFJDh
0s16EihLFKBtHfFwPrtHkICdbt8SZhhdkom0pNngGqstzRhvK6G0bAaDhf+N707N
wy2KGIpq2H5jEX5/+4/BbUXzXw9tYP15RJWheEA3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYDb1gYdHNz4BQnRkgKC0nuVmvMgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzA2NTQ5Y2U5LTY2NzUtNDAyYS1iNmVjLWU5OGQzODI0NTUwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADTNT+FQ/YsfiRGRvUuVDDpDfRuw
dmnTZw+nFbDCw6prUkOc/dkOkhOWlZ36Xb+MimkXtHFSu0HNYOyop5huP6arr3lq
08VnBLeImWmiVlw+jV+EuRp/x2LRpGPvUFo/BkOWDE2XybKkhmgNGw+7cP6fNHp+
5eJdZRubJ6CUyTp4qijpp2bPel/B+Q1G1eDQcvseYFl4OoL4fLnk7zCmAxVOh6jN
tGuo0FfVwtrRnFi8IFMVbv0BlpeTRvyefLVLXnxUZacZipr0YK23J4TVpoiIOrY6
Sto+RbI2NRH5+ZYfmorssGGddrK84fmv+lZDGuQqPlF7ITK3OOQuXlQxK44=
-----END CERTIFICATE-----