Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2afbdf39-6fa9-44d8-acbe-c414f410a9e8.roa
File:                     2afbdf39-6fa9-44d8-acbe-c414f410a9e8.roa (raw, json)
Hash identifier:          UjgBCSQboZiLe5jvDhSggC8OSqf7LpE1YWe9Isc2GA4=
Subject key identifier:   E5:3D:0F:9E:62:01:E0:CF:4F:A4:1B:29:73:CA:26:8A:0C:F2:0E:E3
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2C398D7B8B20B800820862CBDD4C740BA5F12DA6
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2afbdf39-6fa9-44d8-acbe-c414f410a9e8.roa
Signing time:             Sat 29 Jul 2023 00:00:00 +0000
ROA not before:           Sat 29 Jul 2023 00:00:00 +0000
ROA not after:            Sat 02 Sep 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:39:8d:7b:8b:20:b8:00:82:08:62:cb:dd:4c:74:0b:a5:f1:2d:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 29 00:00:00 2023 GMT
            Not After : Sep  2 23:59:59 2023 GMT
        Subject: serialNumber=22ea1c8303ccbaf2ba3396893e3c36a3048bc1c0f5babdc9b5fc8a589ee8002b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:33:3e:30:9a:1a:b9:43:db:fa:5e:78:e3:f0:
                    81:4e:73:d7:63:79:50:a5:89:be:72:d7:fb:2b:e7:
                    cc:57:78:07:a1:df:63:55:e7:d8:a1:92:a3:64:c5:
                    cc:29:fc:21:72:7d:b7:f1:a4:9b:7c:b5:24:2c:54:
                    09:26:a1:0c:13:d2:26:91:13:09:2a:bd:c1:4e:9f:
                    c1:46:11:4f:2a:29:48:10:b9:75:aa:1b:52:33:43:
                    77:65:21:6f:18:41:13:a5:0c:f2:21:36:f2:49:ba:
                    43:ca:52:f5:7b:d1:a1:6b:45:66:1c:17:59:9f:e0:
                    56:02:a2:1c:72:34:03:3f:34:58:2d:f5:fa:d5:aa:
                    3a:54:a0:e0:a1:06:77:e2:0f:58:9f:19:03:7f:c5:
                    d7:8b:44:3b:ef:64:1f:52:bb:22:24:1c:58:9a:a0:
                    20:b6:38:e1:cd:e3:39:8c:12:3f:d0:0c:d8:52:7c:
                    3e:69:59:e2:10:15:bc:c1:d1:8e:87:27:93:b9:da:
                    31:19:cd:e5:34:ae:b3:89:4d:06:86:33:de:90:90:
                    af:8d:21:03:ae:9f:4b:f8:87:a8:02:c7:9b:cf:c0:
                    8e:6f:5e:70:21:2f:4f:7b:fd:9e:46:8f:b5:dd:b9:
                    a5:57:77:b0:e5:1a:3b:b3:a2:c2:fe:4d:66:34:3e:
                    1a:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:3D:0F:9E:62:01:E0:CF:4F:A4:1B:29:73:CA:26:8A:0C:F2:0E:E3
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2afbdf39-6fa9-44d8-acbe-c414f410a9e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:eb:d1:72:c3:85:65:c7:98:6d:fd:34:75:3f:b8:6b:ed:3e:
         00:bf:52:33:c1:33:d7:91:45:31:95:f0:b5:18:f4:25:19:a8:
         de:45:e8:46:cc:2c:19:98:dc:7f:bc:75:10:6f:07:e9:47:fa:
         7c:5e:fb:44:38:4e:49:78:fd:9c:8e:5b:83:67:f8:28:e7:4f:
         4d:fb:6a:46:88:97:a3:40:9e:b1:64:0d:f7:16:5f:49:84:cb:
         28:fd:3b:8e:aa:ee:60:33:88:d9:b2:69:06:65:f7:a2:c3:23:
         f9:3f:19:12:87:e0:c3:3f:66:86:42:72:68:54:67:43:c4:eb:
         25:59:d7:0b:8e:07:d2:dd:88:7b:9e:05:92:33:39:49:c4:25:
         e9:33:25:9d:e6:be:5b:c7:05:4d:a3:82:47:ba:9e:a6:13:06:
         f5:37:23:c3:37:fb:66:a6:eb:30:c7:c7:29:1f:20:67:d9:ab:
         98:2c:e7:9a:c4:ef:5b:08:08:40:41:ad:5b:22:d2:a3:ba:10:
         bb:11:a4:de:b5:70:c8:6a:f2:ec:57:d5:8e:24:ab:65:05:cd:
         02:53:9c:57:d0:d6:df:a6:49:cf:21:ee:b0:b3:b8:7c:9d:38:
         85:d8:5c:f2:a1:67:19:a9:45:89:60:cd:3b:a9:79:37:de:6d:
         0d:cb:41:a9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULDmNe4sguACCCGLL3Ux0C6XxLaYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzI5MDAwMDAwWhcNMjMwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMmVhMWM4MzAzY2NiYWYyYmEzMzk2ODkzZTNjMzZhMzA0
OGJjMWMwZjViYWJkYzliNWZjOGE1ODllZTgwMDJiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHMz4wmhq5Q9v6Xnjj8IFOc9djeVClib5y1/sr58xXeAeh
32NV59ihkqNkxcwp/CFyfbfxpJt8tSQsVAkmoQwT0iaREwkqvcFOn8FGEU8qKUgQ
uXWqG1IzQ3dlIW8YQROlDPIhNvJJukPKUvV70aFrRWYcF1mf4FYCohxyNAM/NFgt
9frVqjpUoOChBnfiD1ifGQN/xdeLRDvvZB9SuyIkHFiaoCC2OOHN4zmMEj/QDNhS
fD5pWeIQFbzB0Y6HJ5O52jEZzeU0rrOJTQaGM96QkK+NIQOun0v4h6gCx5vPwI5v
XnAhL097/Z5Gj7XduaVXd7DlGjuzosL+TWY0PhrnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5T0PnmIB4M9PpBspc8omigzyDuMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJhZmJkZjM5LTZmYTktNDRkOC1hY2JlLWM0MTRmNDEwYTllOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADLr0XLDhWXHmG39NHU/uGvtPgC/
UjPBM9eRRTGV8LUY9CUZqN5F6EbMLBmY3H+8dRBvB+lH+nxe+0Q4Tkl4/ZyOW4Nn
+CjnT037akaIl6NAnrFkDfcWX0mEyyj9O46q7mAziNmyaQZl96LDI/k/GRKH4MM/
ZoZCcmhUZ0PE6yVZ1wuOB9LdiHueBZIzOUnEJekzJZ3mvlvHBU2jgke6nqYTBvU3
I8M3+2am6zDHxykfIGfZq5gs55rE71sICEBBrVsi0qO6ELsRpN61cMhq8uxX1Y4k
q2UFzQJTnFfQ1t+mSc8h7rCzuHydOIXYXPKhZxmpRYlgzTupeTfebQ3LQak=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:15 2024 by rpki-client on console-fra.rpki-client.org