Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3a7f908d-f05a-4292-b285-bfba9ff56a76.roa
File:                     3a7f908d-f05a-4292-b285-bfba9ff56a76.roa (raw, json)
Hash identifier:          gJgHrOIXOmYsh46gmgUS1l4LEEeBguCjR3b408299sM=
Subject key identifier:   21:9F:24:1C:BB:78:A6:DE:91:26:89:6F:30:01:68:9B:87:AA:8A:8E
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       4EEBD0CE23F32A84045AD9C6E85B4F6AE1F08357
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3a7f908d-f05a-4292-b285-bfba9ff56a76.roa
Signing time:             Sun 28 Apr 2024 00:00:00 +0000
ROA not before:           Sun 28 Apr 2024 00:00:00 +0000
ROA not after:            Sun 02 Jun 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:eb:d0:ce:23:f3:2a:84:04:5a:d9:c6:e8:5b:4f:6a:e1:f0:83:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 28 00:00:00 2024 GMT
            Not After : Jun  2 23:59:59 2024 GMT
        Subject: serialNumber=4938be72da58efe940618d3e8a85cf946f379cec36e25d08472497ce326df979, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a0:db:e3:bd:56:70:c5:a9:5a:87:03:3a:3c:
                    6c:2a:84:b3:0a:79:51:43:7e:ae:be:35:5b:5a:c7:
                    af:2c:86:f9:47:d6:f8:24:05:66:ae:7c:d9:e4:23:
                    3f:8e:bd:37:32:1a:8f:a2:ea:de:b9:28:ab:78:7e:
                    07:97:a0:1b:d5:d8:35:f3:0a:f1:51:25:17:61:41:
                    47:10:fc:ce:c0:1a:d5:7c:35:7e:2b:c9:40:17:07:
                    72:59:8f:8c:29:17:7d:d3:cc:5e:80:55:15:ac:ac:
                    99:15:8d:09:ed:1b:c7:0c:76:ab:46:ec:96:ab:ff:
                    46:d9:bb:fd:f9:30:08:d7:7b:a3:95:ca:d9:bc:48:
                    33:ad:04:a8:bc:1e:1d:2d:a4:82:21:ba:f9:29:52:
                    1f:e8:20:07:72:4f:0e:b7:0a:90:5e:17:dd:97:9e:
                    a4:77:94:da:6b:dd:ad:a7:6a:97:c7:45:4c:00:0c:
                    aa:23:b9:62:22:5a:ec:07:ed:58:04:2d:ca:a2:6c:
                    f2:ae:54:ba:57:98:4a:3a:25:bd:91:24:b1:e5:e9:
                    80:60:fd:e2:40:70:cf:03:51:4a:f4:b6:81:1b:cb:
                    34:11:8d:43:89:b2:c3:b8:a0:e9:7f:01:19:be:c8:
                    b6:cc:51:9d:5a:86:bd:61:57:c5:48:95:39:5c:72:
                    de:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:9F:24:1C:BB:78:A6:DE:91:26:89:6F:30:01:68:9B:87:AA:8A:8E
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3a7f908d-f05a-4292-b285-bfba9ff56a76.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:ba:aa:6b:91:64:7f:12:17:d5:fc:32:51:f5:d3:6c:e8:92:
         ef:a8:f0:12:68:09:5a:a1:71:ca:29:d1:b0:6f:45:67:51:60:
         29:c7:8f:b1:88:e5:43:24:c7:5e:14:bb:fd:64:60:56:47:35:
         6b:3d:bc:ca:1b:f8:e2:73:2b:04:38:71:f0:76:84:24:0c:56:
         84:59:f9:60:64:d0:82:db:60:37:cf:63:52:42:2b:6f:e0:e7:
         5e:df:e4:bd:89:ac:35:ed:08:cd:c5:4e:d9:31:a6:11:48:c1:
         73:20:a6:3e:43:89:d7:51:48:6e:ef:f0:c2:78:61:f3:8c:39:
         35:0c:b6:61:53:65:fe:7b:35:01:0c:9c:7f:5a:13:ba:45:b5:
         f8:89:3c:7f:43:00:7b:57:a1:41:1f:f5:d7:1e:de:36:4f:64:
         a2:15:58:a9:e3:03:ff:fc:b4:f1:5b:ec:19:7b:e6:ad:cc:bc:
         ed:db:6b:25:3b:65:2a:c0:ac:2b:f8:56:f9:e0:de:9c:69:09:
         cd:db:1b:50:86:e1:98:ec:6f:cf:c4:96:fe:33:cc:64:9d:0a:
         5a:75:f3:11:51:b0:62:22:59:3d:ec:d6:03:64:11:45:8e:56:
         b4:5f:3c:b6:c1:19:bd:91:88:89:ef:a6:f2:08:fe:ec:06:df:
         9f:6c:c4:b8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTuvQziPzKoQEWtnG6FtPauHwg1cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNDI4MDAwMDAwWhcNMjQwNjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OTM4YmU3MmRhNThlZmU5NDA2MThkM2U4YTg1Y2Y5NDZm
Mzc5Y2VjMzZlMjVkMDg0NzI0OTdjZTMyNmRmOTc5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLoNvjvVZwxalahwM6PGwqhLMKeVFDfq6+NVtax68shvlH
1vgkBWaufNnkIz+OvTcyGo+i6t65KKt4fgeXoBvV2DXzCvFRJRdhQUcQ/M7AGtV8
NX4ryUAXB3JZj4wpF33TzF6AVRWsrJkVjQntG8cMdqtG7Jar/0bZu/35MAjXe6OV
ytm8SDOtBKi8Hh0tpIIhuvkpUh/oIAdyTw63CpBeF92XnqR3lNpr3a2napfHRUwA
DKojuWIiWuwH7VgELcqibPKuVLpXmEo6Jb2RJLHl6YBg/eJAcM8DUUr0toEbyzQR
jUOJssO4oOl/ARm+yLbMUZ1ahr1hV8VIlTlcct47AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIZ8kHLt4pt6RJolvMAFom4eqio4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNhN2Y5MDhkLWYwNWEtNDI5Mi1iMjg1LWJmYmE5ZmY1NmE3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA66qmuRZH8SF9X8MlH102zoku+o
8BJoCVqhccop0bBvRWdRYCnHj7GI5UMkx14Uu/1kYFZHNWs9vMob+OJzKwQ4cfB2
hCQMVoRZ+WBk0ILbYDfPY1JCK2/g517f5L2JrDXtCM3FTtkxphFIwXMgpj5DiddR
SG7v8MJ4YfOMOTUMtmFTZf57NQEMnH9aE7pFtfiJPH9DAHtXoUEf9dce3jZPZKIV
WKnjA//8tPFb7Bl75q3MvO3bayU7ZSrArCv4Vvng3pxpCc3bG1CG4Zjsb8/Elv4z
zGSdClp18xFRsGIiWT3s1gNkEUWOVrRfPLbBGb2RiInvpvII/uwG359sxLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:01 2024 by rpki-client on console-ams.rpki-client.org