Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1cd064c8-b1ed-45dd-bd0a-1fbdb8d6959c.roa
File:                     1cd064c8-b1ed-45dd-bd0a-1fbdb8d6959c.roa (raw, json)
Hash identifier:          RhfCdGbxCoDYcQa7rHN1MXofqzSonSfROvZBtVOY8tY=
Subject key identifier:   0E:80:99:18:DC:B0:D1:8C:9A:2B:29:CA:87:C5:BD:B2:B2:35:C4:46
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2A29C8FE344CE18307461DD92B10EA07E434BC63
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1cd064c8-b1ed-45dd-bd0a-1fbdb8d6959c.roa
Signing time:             Thu 10 Aug 2023 00:00:00 +0000
ROA not before:           Thu 10 Aug 2023 00:00:00 +0000
ROA not after:            Thu 14 Sep 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:29:c8:fe:34:4c:e1:83:07:46:1d:d9:2b:10:ea:07:e4:34:bc:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug 10 00:00:00 2023 GMT
            Not After : Sep 14 23:59:59 2023 GMT
        Subject: serialNumber=6e0475e8d7442366ef75e721c38386b8aff8741a34ec49aae992f3fd18c8659e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:10:7f:76:fd:78:c2:0c:a8:bd:61:00:68:1a:
                    04:b8:8d:c9:9e:e4:b5:27:b3:90:a8:d6:64:df:c9:
                    65:29:43:16:60:00:30:bb:ce:51:52:65:17:19:92:
                    a0:1a:9f:2f:a0:6c:83:81:55:51:2d:a8:be:c6:d0:
                    84:f9:16:56:99:37:6f:83:e6:37:c5:e4:69:c7:f5:
                    be:63:77:a4:8b:2f:f7:8d:13:b9:fc:56:d9:b7:10:
                    b5:87:6a:d2:3a:cf:00:04:76:5d:75:ab:06:1c:f6:
                    79:b4:55:81:ae:22:09:ce:99:f9:a2:99:21:ee:c0:
                    05:4f:fa:fb:75:f5:dc:45:01:a7:54:7b:32:20:37:
                    77:a0:ac:78:a8:04:03:c8:b3:49:24:8f:48:a3:00:
                    c7:ca:a3:1e:bb:17:09:c1:41:b9:db:4e:3c:2a:5d:
                    71:00:5e:14:89:7c:a1:59:2b:66:6b:4c:e6:c8:82:
                    fd:5e:c9:3d:fc:86:a8:ac:4b:42:cd:99:75:03:bf:
                    21:f0:8b:4c:d8:99:1a:2f:50:74:af:60:b2:c6:65:
                    74:5c:85:f5:48:db:0e:13:0e:58:3e:b4:cc:64:55:
                    75:30:39:58:73:67:46:8d:2f:5d:69:b9:57:b5:99:
                    5e:12:b0:c2:bd:a6:32:0a:d2:1c:15:8e:70:64:83:
                    85:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:80:99:18:DC:B0:D1:8C:9A:2B:29:CA:87:C5:BD:B2:B2:35:C4:46
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1cd064c8-b1ed-45dd-bd0a-1fbdb8d6959c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:6c:77:21:b9:d0:61:37:6b:55:0e:64:33:07:8f:c2:57:e2:
         cd:15:bb:7e:2c:ee:10:d3:d6:aa:08:a3:f4:a6:a9:2f:66:11:
         1e:76:2d:a7:56:1e:1d:22:3f:f8:66:f0:b0:01:a5:ee:db:ea:
         af:8b:ca:3f:d3:c5:65:39:89:ad:da:f3:58:e2:f0:be:c3:2d:
         a1:34:b0:68:01:61:0d:f8:1a:d8:59:41:d1:89:b8:2e:11:1e:
         e1:3e:df:52:6e:58:b3:fc:c6:38:ee:4d:d8:43:9a:bb:06:43:
         df:74:2d:4c:f8:94:03:3f:50:1d:35:0a:71:8c:95:9b:0d:ff:
         0c:ae:ee:f3:58:1e:93:6d:2e:d9:13:86:8b:74:06:91:2c:98:
         87:a0:68:fc:ba:ac:d7:5d:69:16:09:10:bb:dd:9b:34:65:04:
         26:ca:f5:20:b7:6b:f0:95:cc:1e:2e:ba:0d:a8:a4:11:5d:af:
         85:06:34:0d:d5:9f:af:00:00:b9:3c:33:f3:21:08:0a:0c:c2:
         a0:02:ad:d0:89:78:29:5c:fb:05:33:83:5d:db:bf:c7:29:9d:
         74:67:06:24:9a:5a:c4:d1:ae:17:2a:88:57:ee:70:8e:57:03:
         43:9a:fa:13:e9:54:b0:bd:50:96:21:69:77:6a:b1:0e:e4:c6:
         f4:07:13:c4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKinI/jRM4YMHRh3ZKxDqB+Q0vGMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODEwMDAwMDAwWhcNMjMwOTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZTA0NzVlOGQ3NDQyMzY2ZWY3NWU3MjFjMzgzODZiOGFm
Zjg3NDFhMzRlYzQ5YWFlOTkyZjNmZDE4Yzg2NTllMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsEH92/XjCDKi9YQBoGgS4jcme5LUns5Co1mTfyWUpQxZg
ADC7zlFSZRcZkqAany+gbIOBVVEtqL7G0IT5FlaZN2+D5jfF5GnH9b5jd6SLL/eN
E7n8Vtm3ELWHatI6zwAEdl11qwYc9nm0VYGuIgnOmfmimSHuwAVP+vt19dxFAadU
ezIgN3egrHioBAPIs0kkj0ijAMfKox67FwnBQbnbTjwqXXEAXhSJfKFZK2ZrTObI
gv1eyT38hqisS0LNmXUDvyHwi0zYmRovUHSvYLLGZXRchfVI2w4TDlg+tMxkVXUw
OVhzZ0aNL11puVe1mV4SsMK9pjIK0hwVjnBkg4UZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDoCZGNyw0YyaKynKh8W9srI1xEYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzFjZDA2NGM4LWIxZWQtNDVkZC1iZDBhLTFmYmRiOGQ2OTU5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAlsdyG50GE3a1UOZDMHj8JX4s0V
u34s7hDT1qoIo/SmqS9mER52LadWHh0iP/hm8LABpe7b6q+Lyj/TxWU5ia3a81ji
8L7DLaE0sGgBYQ34GthZQdGJuC4RHuE+31JuWLP8xjjuTdhDmrsGQ990LUz4lAM/
UB01CnGMlZsN/wyu7vNYHpNtLtkThot0BpEsmIegaPy6rNddaRYJELvdmzRlBCbK
9SC3a/CVzB4uug2opBFdr4UGNA3Vn68AALk8M/MhCAoMwqACrdCJeClc+wUzg13b
v8cpnXRnBiSaWsTRrhcqiFfucI5XA0Oa+hPpVLC9UJYhaXdqsQ7kxvQHE8Q=
-----END CERTIFICATE-----