Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4807dc37-14f6-4220-8f0f-d6b118791a2a.roa
File:                     4807dc37-14f6-4220-8f0f-d6b118791a2a.roa (raw, json)
Hash identifier:          w+e+YG+8+3Hw3kVCnE/Fu9PfSPCSKqArkg3I0jYGNII=
Subject key identifier:   7E:45:48:AA:B2:75:88:C5:AA:0D:0A:91:44:29:E2:33:88:A9:68:7B
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       793A77853851B8A07B492AC1C65349AD9CE23A64
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4807dc37-14f6-4220-8f0f-d6b118791a2a.roa
Signing time:             Tue 25 Jul 2023 00:00:00 +0000
ROA not before:           Tue 25 Jul 2023 00:00:00 +0000
ROA not after:            Tue 29 Aug 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:3a:77:85:38:51:b8:a0:7b:49:2a:c1:c6:53:49:ad:9c:e2:3a:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 25 00:00:00 2023 GMT
            Not After : Aug 29 23:59:59 2023 GMT
        Subject: serialNumber=6ca5383b172deca6a1131df55c64880b5ab0b44276233b9c63434b4345961670, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ed:af:4c:32:10:8c:f4:32:52:7e:c6:23:88:
                    94:e7:4a:3d:82:27:48:06:6c:21:6f:84:5c:02:db:
                    7a:aa:8e:f9:43:94:9f:7f:35:3f:a0:dd:f3:ba:0c:
                    11:12:b5:f7:06:f4:3b:0b:94:25:31:55:8d:06:6b:
                    36:41:1a:cb:00:fd:4b:11:9e:e3:36:ec:b9:c8:a3:
                    fb:59:b9:75:cd:50:1b:bd:a4:3e:21:12:1c:57:c6:
                    2b:77:44:e3:cd:2c:9e:81:4f:07:ed:2c:7c:dd:8f:
                    e6:3d:5b:1e:24:4e:8e:13:b3:96:1c:09:8b:93:30:
                    76:39:de:6a:a6:98:9d:fc:68:60:86:40:72:9e:4e:
                    ea:86:ac:25:e8:11:7e:b2:62:41:9c:5a:96:97:91:
                    59:c7:8d:e9:6d:ff:c3:8b:09:ab:3b:05:00:c3:7b:
                    fb:20:58:70:c4:9d:4e:a1:69:59:e4:75:fa:fc:4f:
                    d1:d0:3f:a5:f7:cb:c4:77:70:15:6f:d5:65:9b:2e:
                    16:02:21:c1:0d:5d:f2:04:7f:cc:17:5a:b1:7c:ae:
                    23:53:46:84:0f:47:bd:ce:9d:f5:b0:14:71:52:0d:
                    e6:7a:bb:98:09:d7:e5:93:51:50:a7:c9:0d:6d:41:
                    54:ae:7d:f9:f5:c4:f6:dc:75:46:7a:2f:c0:e6:75:
                    a7:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:45:48:AA:B2:75:88:C5:AA:0D:0A:91:44:29:E2:33:88:A9:68:7B
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4807dc37-14f6-4220-8f0f-d6b118791a2a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:c0:03:1b:64:c7:90:2e:3d:04:f0:19:fb:01:2e:36:66:dd:
         47:76:4b:92:52:97:c3:a6:3b:ac:98:50:4b:dc:ca:23:d0:8d:
         53:ce:5b:98:e7:4d:86:e9:26:18:23:3f:04:5c:44:af:85:d0:
         74:62:bc:93:9f:2b:bf:c2:e4:5c:d2:67:f2:39:cf:4c:b2:f1:
         29:76:ac:a2:6d:60:c8:ae:60:15:34:6b:93:94:b1:7b:b0:33:
         2a:0c:e4:d8:fa:aa:cc:c4:32:2c:f6:02:bb:56:be:eb:6f:14:
         5f:ee:de:15:7e:72:41:18:12:3b:a7:81:a0:5f:20:22:39:d0:
         cb:5f:1f:ff:bb:78:3b:8f:9d:21:ec:db:c6:0a:7a:78:8a:aa:
         3d:22:73:33:96:01:fb:36:93:82:57:db:4c:b9:91:7e:75:15:
         2c:68:22:25:8a:e8:c5:b2:d8:e9:91:57:95:19:d7:b7:c3:04:
         8f:24:95:69:a0:77:6e:98:96:e4:e9:04:84:90:e1:89:f0:79:
         36:8c:75:79:d1:a0:0d:03:c2:31:12:6a:f0:df:31:c4:17:60:
         e2:a3:8f:1c:a8:79:5a:55:67:76:ed:fe:53:ab:e7:ca:10:64:
         60:6e:8a:aa:12:7e:31:59:7a:e3:60:c2:53:e2:16:7f:56:d3:
         78:b7:3b:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeTp3hThRuKB7SSrBxlNJrZziOmQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzI1MDAwMDAwWhcNMjMwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2Y2E1MzgzYjE3MmRlY2E2YTExMzFkZjU1YzY0ODgwYjVh
YjBiNDQyNzYyMzNiOWM2MzQzNGI0MzQ1OTYxNjcwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg7a9MMhCM9DJSfsYjiJTnSj2CJ0gGbCFvhFwC23qqjvlD
lJ9/NT+g3fO6DBEStfcG9DsLlCUxVY0GazZBGssA/UsRnuM27LnIo/tZuXXNUBu9
pD4hEhxXxit3ROPNLJ6BTwftLHzdj+Y9Wx4kTo4Ts5YcCYuTMHY53mqmmJ38aGCG
QHKeTuqGrCXoEX6yYkGcWpaXkVnHjelt/8OLCas7BQDDe/sgWHDEnU6haVnkdfr8
T9HQP6X3y8R3cBVv1WWbLhYCIcENXfIEf8wXWrF8riNTRoQPR73OnfWwFHFSDeZ6
u5gJ1+WTUVCnyQ1tQVSuffn1xPbcdUZ6L8DmdafLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfkVIqrJ1iMWqDQqRRCniM4ipaHswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQ4MDdkYzM3LTE0ZjYtNDIyMC04ZjBmLWQ2YjExODc5MWEyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGLAAxtkx5AuPQTwGfsBLjZm3Ud2
S5JSl8OmO6yYUEvcyiPQjVPOW5jnTYbpJhgjPwRcRK+F0HRivJOfK7/C5FzSZ/I5
z0yy8Sl2rKJtYMiuYBU0a5OUsXuwMyoM5Nj6qszEMiz2ArtWvutvFF/u3hV+ckEY
EjungaBfICI50MtfH/+7eDuPnSHs28YKeniKqj0iczOWAfs2k4JX20y5kX51FSxo
IiWK6MWy2OmRV5UZ17fDBI8klWmgd26YluTpBISQ4YnweTaMdXnRoA0DwjESavDf
McQXYOKjjxyoeVpVZ3bt/lOr58oQZGBuiqoSfjFZeuNgwlPiFn9W03i3O4E=
-----END CERTIFICATE-----