Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5dc0b37f-14a9-4825-a078-a39218df07c3.roa
File:                     5dc0b37f-14a9-4825-a078-a39218df07c3.roa (raw, json)
Hash identifier:          mQf6CfaRPR9Kc1SeK7LKHXmbEfyBagWq0t4DLODVtoo=
Subject key identifier:   DC:74:13:B1:61:9E:F6:6C:31:22:37:3D:7E:79:72:97:76:C3:12:53
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       754070CAFB159819DEC48B3945A62C35EE808467
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5dc0b37f-14a9-4825-a078-a39218df07c3.roa
Signing time:             Mon 25 Dec 2023 00:00:00 +0000
ROA not before:           Mon 25 Dec 2023 00:00:00 +0000
ROA not after:            Mon 29 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:40:70:ca:fb:15:98:19:de:c4:8b:39:45:a6:2c:35:ee:80:84:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 25 00:00:00 2023 GMT
            Not After : Jan 29 23:59:59 2024 GMT
        Subject: serialNumber=581377857a357d18285a008cad6955616111ac245d87986f988bf98ef1a58519, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:0c:ee:9a:d0:d1:e0:5b:2c:f3:d0:16:24:75:
                    fc:38:bb:68:61:3a:13:b6:52:ed:78:f4:6d:e0:9f:
                    73:6f:4e:0b:f2:f5:a3:b7:80:30:d2:a9:4b:78:94:
                    a4:d8:64:09:ec:87:12:da:f5:3b:ee:e7:16:dd:f7:
                    be:42:75:73:f0:85:83:1c:64:77:c9:02:ae:44:5d:
                    45:fe:22:74:14:3c:54:59:48:43:12:d1:8b:21:b8:
                    45:60:15:52:95:49:da:92:93:13:47:f7:5d:ab:3a:
                    13:34:71:88:19:b9:39:79:ad:b0:4f:02:eb:ad:7c:
                    79:24:61:8b:54:40:05:cc:52:2f:c1:be:4a:0e:42:
                    28:e0:40:59:34:6d:d8:e5:46:3b:a7:c5:1d:e5:12:
                    7c:5c:2c:0d:3d:e3:ab:d0:26:95:9f:f2:6f:b7:7d:
                    d5:34:4a:7e:32:5f:52:f8:2e:af:9e:81:5f:f4:2e:
                    8e:0f:50:c6:20:ca:e7:2e:f0:3a:0b:e3:81:5a:58:
                    ee:b8:b1:c8:65:89:d9:3c:7e:66:13:0c:e6:dc:7c:
                    98:f3:2a:2d:b9:ed:52:7c:9a:8d:77:b9:80:cc:54:
                    4a:d8:3d:65:5c:29:c3:6b:84:ef:6a:f7:ec:b5:94:
                    19:54:c3:5d:0a:0e:ac:df:3f:d5:c6:55:a7:2c:24:
                    32:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:74:13:B1:61:9E:F6:6C:31:22:37:3D:7E:79:72:97:76:C3:12:53
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5dc0b37f-14a9-4825-a078-a39218df07c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:53:2a:aa:2c:65:71:a1:fb:8e:ad:5b:32:2a:2c:b9:e6:22:
         02:bb:ae:66:16:34:e4:c3:c4:fc:4d:55:f9:a3:aa:3f:93:5e:
         52:07:5f:10:3b:c4:2f:8f:1c:e9:68:b3:49:f2:4e:71:a4:e9:
         c3:30:74:67:90:a1:21:8a:45:6c:b6:f3:00:62:18:90:20:08:
         50:2e:72:85:39:b3:3d:0c:69:6d:46:b2:c7:4a:25:e0:9c:fa:
         72:bd:5e:f4:27:f3:02:5f:29:21:2d:eb:d9:fc:37:94:92:fd:
         68:1a:c1:9e:a2:63:ee:38:4e:7d:de:f7:52:8f:64:2b:94:18:
         11:93:7b:3e:8e:e4:32:50:c1:5a:7f:25:a6:b0:f8:12:d3:a8:
         16:67:8a:ac:04:39:f1:a1:d4:de:3c:e4:d7:30:64:88:37:07:
         b5:1a:a9:75:90:ac:e9:29:e2:62:2b:65:a2:e0:b0:1f:82:f1:
         fa:e8:ff:36:88:8c:c4:18:bc:2e:0a:06:49:59:e3:af:a3:64:
         bc:90:a8:04:67:43:3d:42:6a:b7:7c:56:35:a8:a1:1f:f6:8c:
         bc:4e:11:6b:68:2f:73:54:60:72:6f:a9:fe:ce:65:92:54:3f:
         0c:3e:2a:fd:a8:ac:9e:af:dc:3a:1b:d6:4c:b9:2d:73:db:9c:
         db:26:fa:e7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdUBwyvsVmBnexIs5RaYsNe6AhGcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjI1MDAwMDAwWhcNMjQwMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ODEzNzc4NTdhMzU3ZDE4Mjg1YTAwOGNhZDY5NTU2MTYx
MTFhYzI0NWQ4Nzk4NmY5ODhiZjk4ZWYxYTU4NTE5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9DO6a0NHgWyzz0BYkdfw4u2hhOhO2Uu149G3gn3NvTgvy
9aO3gDDSqUt4lKTYZAnshxLa9Tvu5xbd975CdXPwhYMcZHfJAq5EXUX+InQUPFRZ
SEMS0YshuEVgFVKVSdqSkxNH912rOhM0cYgZuTl5rbBPAuutfHkkYYtUQAXMUi/B
vkoOQijgQFk0bdjlRjunxR3lEnxcLA0946vQJpWf8m+3fdU0Sn4yX1L4Lq+egV/0
Lo4PUMYgyucu8DoL44FaWO64schlidk8fmYTDObcfJjzKi257VJ8mo13uYDMVErY
PWVcKcNrhO9q9+y1lBlUw10KDqzfP9XGVacsJDKHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3HQTsWGe9mwxIjc9fnlyl3bDElMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzVkYzBiMzdmLTE0YTktNDgyNS1hMDc4LWEzOTIxOGRmMDdjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHlTKqosZXGh+46tWzIqLLnmIgK7
rmYWNOTDxPxNVfmjqj+TXlIHXxA7xC+PHOlos0nyTnGk6cMwdGeQoSGKRWy28wBi
GJAgCFAucoU5sz0MaW1GssdKJeCc+nK9XvQn8wJfKSEt69n8N5SS/WgawZ6iY+44
Tn3e91KPZCuUGBGTez6O5DJQwVp/Jaaw+BLTqBZniqwEOfGh1N485NcwZIg3B7Ua
qXWQrOkp4mIrZaLgsB+C8fro/zaIjMQYvC4KBklZ46+jZLyQqARnQz1Card8VjWo
oR/2jLxOEWtoL3NUYHJvqf7OZZJUPww+Kv2orJ6v3Dob1ky5LXPbnNsm+uc=
-----END CERTIFICATE-----