Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2e418d78-2349-47fa-8ca5-c43a2a57dd97.roa
File:                     2e418d78-2349-47fa-8ca5-c43a2a57dd97.roa (raw, json)
Hash identifier:          jgdHk3meVigKN4L0luVeN90vHsOLUUYUkyi2FGMCdHo=
Subject key identifier:   FE:BD:8B:00:AD:1E:0B:A9:9C:2C:8C:AF:ED:97:83:04:D9:6B:91:63
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       750156A20C76D8C3F3A6B0336A73CFFE0E6C871A
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2e418d78-2349-47fa-8ca5-c43a2a57dd97.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:01:56:a2:0c:76:d8:c3:f3:a6:b0:33:6a:73:cf:fe:0e:6c:87:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=6114871a6cb5c84f0d737cb2746dd42c667635212bf5617f52c9c960481cfca4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7f:90:21:f1:a1:88:8d:e0:32:e5:6f:1c:f7:
                    14:53:35:b6:81:82:64:8e:10:8a:89:7f:d7:a4:1d:
                    e5:ca:24:07:c8:57:97:64:3a:1e:45:b3:85:eb:5a:
                    cc:56:eb:7d:e2:6b:b9:5c:b5:d7:b2:d6:37:69:21:
                    0c:21:df:87:95:fd:e6:cb:ee:ff:e5:b3:b7:9b:55:
                    62:d2:d9:47:d1:2b:51:47:c4:c8:4a:5b:e2:98:83:
                    0e:6f:3f:d3:fb:87:e3:b0:68:77:87:6f:2e:10:c6:
                    95:3c:d3:b8:a1:19:97:38:c4:63:86:50:ea:49:e9:
                    eb:80:b7:79:f7:15:db:3b:f1:16:c1:47:cb:b7:72:
                    ca:0c:ce:e5:6e:40:ef:53:42:0e:a5:d1:6b:af:c2:
                    75:28:38:2c:8d:60:7d:b3:c4:a2:41:bd:49:db:0b:
                    f9:2c:42:70:dd:2c:df:50:3d:dc:bd:f4:f2:f3:02:
                    53:b5:21:3f:c0:04:98:95:65:66:9e:cd:e3:54:b5:
                    f5:b4:d8:30:2f:9c:d6:de:5c:ef:b7:00:c6:67:48:
                    07:d9:b9:f3:e9:9f:1c:1c:26:f7:1a:dc:fb:a7:1f:
                    75:70:75:c8:e1:d2:0e:9f:cd:7e:a4:c4:c5:dd:c6:
                    77:e6:c8:1a:19:1c:3b:09:8f:ca:75:61:8f:6c:c4:
                    67:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:BD:8B:00:AD:1E:0B:A9:9C:2C:8C:AF:ED:97:83:04:D9:6B:91:63
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2e418d78-2349-47fa-8ca5-c43a2a57dd97.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:7f:fb:8a:24:8c:ef:a7:aa:47:1e:08:ef:46:89:d8:3b:c5:
         2d:b3:5d:c5:63:a5:44:48:0d:8b:fa:66:f3:3d:7a:05:cc:f9:
         9c:1f:ac:5b:57:96:33:da:ad:c8:54:0c:67:b9:51:72:95:b6:
         fa:8e:4a:29:76:65:07:50:82:04:8b:46:d6:ff:19:cf:d2:6a:
         7c:fd:9c:b3:1b:42:bf:cc:e6:e7:71:e1:9d:ea:e5:b2:29:cd:
         b7:f8:7d:03:17:ab:ec:69:be:c6:47:c6:6f:50:b2:0f:68:6f:
         3e:8c:42:b8:5e:63:38:b8:d3:46:aa:ce:97:84:b2:a0:6c:52:
         05:1d:68:b4:57:12:12:7a:d5:69:b3:ca:fd:93:3a:d7:05:dd:
         c6:2e:77:85:50:ad:c8:c8:bd:b2:15:da:60:fb:fe:1f:34:65:
         19:33:1a:30:a9:2b:bd:b1:f4:0d:3f:f0:af:ae:58:6a:c2:81:
         89:99:a2:fe:29:2e:5d:08:59:c6:3c:6a:ad:d0:99:3c:a1:52:
         65:42:05:ff:c4:39:09:8d:80:93:29:86:56:09:80:18:c3:72:
         5c:f0:95:5b:99:85:13:61:91:ca:ec:29:f0:2f:46:52:ba:ee:
         e4:e2:67:7b:7a:62:f9:79:4a:68:c4:82:12:a6:8e:3e:3b:5d:
         81:37:f1:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdQFWogx22MPzprAzanPP/g5shxowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTE0ODcxYTZjYjVjODRmMGQ3MzdjYjI3NDZkZDQyYzY2
NzYzNTIxMmJmNTYxN2Y1MmM5Yzk2MDQ4MWNmY2E0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCff5Ah8aGIjeAy5W8c9xRTNbaBgmSOEIqJf9ekHeXKJAfI
V5dkOh5Fs4XrWsxW633ia7lctdey1jdpIQwh34eV/ebL7v/ls7ebVWLS2UfRK1FH
xMhKW+KYgw5vP9P7h+OwaHeHby4QxpU807ihGZc4xGOGUOpJ6euAt3n3Fds78RbB
R8u3csoMzuVuQO9TQg6l0WuvwnUoOCyNYH2zxKJBvUnbC/ksQnDdLN9QPdy99PLz
AlO1IT/ABJiVZWaezeNUtfW02DAvnNbeXO+3AMZnSAfZufPpnxwcJvca3PunH3Vw
dcjh0g6fzX6kxMXdxnfmyBoZHDsJj8p1YY9sxGeRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/r2LAK0eC6mcLIyv7ZeDBNlrkWMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJlNDE4ZDc4LTIzNDktNDdmYS04Y2E1LWM0M2EyYTU3ZGQ5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGF/+4okjO+nqkceCO9Gidg7xS2z
XcVjpURIDYv6ZvM9egXM+ZwfrFtXljParchUDGe5UXKVtvqOSil2ZQdQggSLRtb/
Gc/Sanz9nLMbQr/M5udx4Z3q5bIpzbf4fQMXq+xpvsZHxm9Qsg9obz6MQrheYzi4
00aqzpeEsqBsUgUdaLRXEhJ61Wmzyv2TOtcF3cYud4VQrcjIvbIV2mD7/h80ZRkz
GjCpK72x9A0/8K+uWGrCgYmZov4pLl0IWcY8aq3QmTyhUmVCBf/EOQmNgJMphlYJ
gBjDclzwlVuZhRNhkcrsKfAvRlK67uTiZ3t6Yvl5SmjEghKmjj47XYE38dE=
-----END CERTIFICATE-----