Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4ecd9e48-f280-4cdb-b8cc-69031a7bba11.roa
File:                     4ecd9e48-f280-4cdb-b8cc-69031a7bba11.roa (raw, json)
Hash identifier:          0op37oV8qjLmX+9IEW2Whk5SkXfAQa+MOvXFnKJVDfM=
Subject key identifier:   CF:CE:5B:96:33:CC:30:8B:D1:5C:89:8F:71:68:26:91:43:4B:E3:73
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       23CA77656629018DB3B2A101EF0931622AAF2D25
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4ecd9e48-f280-4cdb-b8cc-69031a7bba11.roa
Signing time:             Tue 27 Jun 2023 00:00:00 +0000
ROA not before:           Tue 27 Jun 2023 00:00:00 +0000
ROA not after:            Tue 01 Aug 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:ca:77:65:66:29:01:8d:b3:b2:a1:01:ef:09:31:62:2a:af:2d:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 27 00:00:00 2023 GMT
            Not After : Aug  1 23:59:59 2023 GMT
        Subject: serialNumber=6ada49f4669ddc902099ad33f687923b1147973f546500d3147be60b22d02d8d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:aa:98:c9:0d:da:10:a0:12:f4:d9:e0:6a:4e:
                    7f:3e:36:9d:3d:53:73:f6:59:1f:16:f2:e6:69:82:
                    de:cd:5c:b1:d9:71:5d:00:8d:4d:95:8f:e9:5c:3a:
                    4d:1c:21:f6:9d:e4:39:c6:4e:6c:67:28:90:e2:1e:
                    4d:c7:98:89:d7:94:b3:8c:90:1d:cf:1c:cb:dd:69:
                    70:6c:9e:49:c7:9f:5e:c0:13:75:3b:0b:29:d5:ee:
                    f2:9c:0f:b1:14:c5:c8:c2:70:45:92:02:49:d9:53:
                    c0:62:e2:81:47:56:05:1e:da:b4:4d:f5:72:85:28:
                    d5:b1:e1:ba:e8:c9:df:f6:86:5a:2d:d6:f7:25:de:
                    0f:8a:74:a1:3b:09:28:fb:cf:41:75:c8:e1:c5:3c:
                    11:aa:33:31:1e:d1:56:f8:e0:07:7e:08:e3:8c:92:
                    61:e8:6b:fa:24:a8:07:ec:ff:d2:68:d2:3d:b6:04:
                    cf:22:b0:66:39:b2:7f:ba:4f:4d:a6:8d:9e:da:d6:
                    d1:ac:ff:4a:ac:29:5a:d4:4a:d4:ff:14:89:9a:3f:
                    06:87:b0:5e:b1:5e:b0:6f:2a:8d:14:44:54:bc:48:
                    d8:5b:00:15:67:9c:1e:fa:38:ef:91:97:33:0d:13:
                    d9:c5:38:b2:7c:c7:b7:00:87:61:b6:30:d1:c6:b5:
                    60:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:CE:5B:96:33:CC:30:8B:D1:5C:89:8F:71:68:26:91:43:4B:E3:73
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4ecd9e48-f280-4cdb-b8cc-69031a7bba11.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:d2:37:ea:2f:af:67:5a:e0:9b:55:3f:42:ce:36:9e:84:d6:
         8f:5b:6a:ea:31:42:89:40:0c:82:b8:54:b9:7f:a6:fe:04:7f:
         06:cd:15:a6:88:79:14:2d:f2:bb:82:ce:2e:7a:d9:1c:b6:aa:
         aa:74:8e:5e:70:2b:95:84:68:f9:4a:d0:8a:41:4e:63:1b:81:
         a3:ad:cd:4d:81:7b:a1:c1:c2:90:bd:20:3c:4b:ca:d6:1a:3e:
         e7:83:1e:2c:05:49:47:0e:5a:1b:d9:57:20:8c:b8:4a:9f:e4:
         02:5d:c0:93:3b:14:02:75:a3:3a:f7:51:e3:f5:98:0e:68:7a:
         d1:0d:09:d9:58:68:5c:23:93:3b:3f:aa:f4:a4:71:e8:3b:02:
         8f:83:9e:79:80:3b:2c:49:d2:0a:97:ce:69:e1:3b:ea:2b:13:
         9e:dc:f9:15:bf:f0:01:7e:42:67:8b:03:3f:f1:e9:47:24:e7:
         c4:98:14:fa:fd:81:af:85:74:a0:39:05:ab:19:1d:63:bb:77:
         18:ff:86:3c:5f:67:27:26:73:f4:f3:bc:e7:97:08:3f:7d:bc:
         b7:d6:33:9c:c4:0e:b9:8d:08:c6:63:c6:46:25:05:ab:d5:8c:
         19:6d:7d:4f:df:b0:ec:26:a8:ba:9c:a2:c1:f4:f7:d2:ed:28:
         da:5e:81:16
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI8p3ZWYpAY2zsqEB7wkxYiqvLSUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjI3MDAwMDAwWhcNMjMwODAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YWRhNDlmNDY2OWRkYzkwMjA5OWFkMzNmNjg3OTIzYjEx
NDc5NzNmNTQ2NTAwZDMxNDdiZTYwYjIyZDAyZDhkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCEqpjJDdoQoBL02eBqTn8+Np09U3P2WR8W8uZpgt7NXLHZ
cV0AjU2Vj+lcOk0cIfad5DnGTmxnKJDiHk3HmInXlLOMkB3PHMvdaXBsnknHn17A
E3U7CynV7vKcD7EUxcjCcEWSAknZU8Bi4oFHVgUe2rRN9XKFKNWx4broyd/2hlot
1vcl3g+KdKE7CSj7z0F1yOHFPBGqMzEe0Vb44Ad+COOMkmHoa/okqAfs/9Jo0j22
BM8isGY5sn+6T02mjZ7a1tGs/0qsKVrUStT/FImaPwaHsF6xXrBvKo0URFS8SNhb
ABVnnB76OO+RlzMNE9nFOLJ8x7cAh2G2MNHGtWA5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUz85bljPMMIvRXImPcWgmkUNL43MwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzRlY2Q5ZTQ4LWYyODAtNGNkYi1iOGNjLTY5MDMxYTdiYmExMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKrSN+ovr2da4JtVP0LONp6E1o9b
auoxQolADIK4VLl/pv4EfwbNFaaIeRQt8ruCzi562Ry2qqp0jl5wK5WEaPlK0IpB
TmMbgaOtzU2Be6HBwpC9IDxLytYaPueDHiwFSUcOWhvZVyCMuEqf5AJdwJM7FAJ1
ozr3UeP1mA5oetENCdlYaFwjkzs/qvSkceg7Ao+DnnmAOyxJ0gqXzmnhO+orE57c
+RW/8AF+QmeLAz/x6Uck58SYFPr9ga+FdKA5BasZHWO7dxj/hjxfZycmc/TzvOeX
CD99vLfWM5zEDrmNCMZjxkYlBavVjBltfU/fsOwmqLqcosH099LtKNpegRY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:45 2024 by rpki-client on console-ams.rpki-client.org