Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/919061f7-63ef-49f6-bfe5-e6e7c28b0c77.roa
File:                     919061f7-63ef-49f6-bfe5-e6e7c28b0c77.roa (raw, json)
Hash identifier:          8qjANnQIAAVqhjXhQDKaplL536jT82OFpDYz8vsKsac=
Subject key identifier:   3F:14:0B:F6:D0:25:A8:4A:99:50:70:2A:F3:AA:AF:37:70:4D:99:0C
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       04CA891A03A007402BBC8C815AB9EAFBC4E5D511
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/919061f7-63ef-49f6-bfe5-e6e7c28b0c77.roa
Signing time:             Fri 22 Mar 2024 00:00:00 +0000
ROA not before:           Fri 22 Mar 2024 00:00:00 +0000
ROA not after:            Fri 26 Apr 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:ca:89:1a:03:a0:07:40:2b:bc:8c:81:5a:b9:ea:fb:c4:e5:d5:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Mar 22 00:00:00 2024 GMT
            Not After : Apr 26 23:59:59 2024 GMT
        Subject: serialNumber=78b57bce95b7c232b6397c7247df6d384a7be8fc944b9f6e70634302b313903d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:25:7d:fb:2a:20:07:8b:53:43:75:ad:23:21:
                    66:c5:31:31:86:9a:fb:7e:b7:e2:44:c6:84:a6:01:
                    1d:d9:20:f0:4b:71:fd:80:5b:c3:41:01:0f:ef:99:
                    36:82:07:25:bc:ec:64:ea:5c:9c:b8:15:06:ea:9f:
                    99:c7:86:37:4c:aa:24:0e:f6:9f:11:ce:c8:85:b4:
                    fd:e3:5e:66:e6:6b:10:d8:9f:24:0a:f5:d9:bd:be:
                    b0:a3:3e:d7:90:3f:ec:26:35:32:eb:96:59:1d:87:
                    24:41:ac:91:4d:f7:7d:da:85:f7:7d:a5:6f:57:bb:
                    fb:38:16:25:d9:c1:ff:27:3f:d8:8b:6a:90:ac:62:
                    96:48:aa:cd:74:49:23:95:26:b0:56:c8:d4:1f:6f:
                    c6:34:e3:a4:83:92:5d:94:a4:e9:d2:2b:e7:15:d8:
                    ec:6d:00:de:77:4e:3c:de:53:2d:fa:26:2b:18:6e:
                    07:68:8c:dc:c7:61:47:15:0e:79:80:15:c5:f9:04:
                    1b:5c:eb:e1:bd:9c:5e:8a:88:29:07:5f:df:c5:2f:
                    97:cf:79:1d:78:c8:00:44:ab:18:cd:62:d7:b3:85:
                    99:ba:e2:84:74:10:a4:74:9d:d4:76:75:cd:db:60:
                    0b:e8:b0:9c:30:7a:a8:d0:60:af:43:74:54:9f:7b:
                    df:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:14:0B:F6:D0:25:A8:4A:99:50:70:2A:F3:AA:AF:37:70:4D:99:0C
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/919061f7-63ef-49f6-bfe5-e6e7c28b0c77.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:e0:75:1b:62:14:b5:12:63:9b:f7:5e:33:3c:81:3d:f0:44:
         0f:ed:f6:22:cb:34:9c:6a:77:28:c6:7b:1b:ec:68:83:92:53:
         96:1c:bb:da:da:3b:dd:f3:22:6e:c5:b1:72:5b:88:f9:b3:58:
         17:5e:07:ac:20:6a:06:74:0f:2e:20:07:d9:8c:8a:1e:0f:aa:
         f6:47:ec:d5:a1:1a:17:bd:91:8a:a2:b1:03:65:c3:89:76:fe:
         bc:bd:1b:47:6e:e3:40:fb:17:2f:f9:bb:c6:03:d1:94:23:4f:
         0e:48:d2:48:74:1b:55:f3:ce:ff:c0:a8:0a:b0:74:55:4a:8d:
         2e:79:26:9c:ee:58:be:85:fe:30:ab:b4:3f:9b:4c:3f:bb:35:
         1b:43:66:19:ab:db:ec:26:fc:15:3a:38:1d:6f:40:7f:23:61:
         16:b3:65:97:f9:43:87:1e:36:99:d7:79:bd:60:0c:89:41:80:
         95:54:9d:e2:bc:c7:64:e2:a1:80:2c:78:d2:51:b2:9e:78:2b:
         7d:71:65:7b:fa:28:59:73:ff:53:c9:7d:ff:fe:e6:e8:05:c4:
         35:df:d0:c5:01:7f:b5:32:dc:ff:e5:00:e3:ec:e1:cd:30:c3:
         5b:34:54:5d:bc:c5:08:7d:9b:30:9c:c3:c6:57:fb:a0:bc:7e:
         34:4a:65:c4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBMqJGgOgB0ArvIyBWrnq+8Tl1REwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzIyMDAwMDAwWhcNMjQwNDI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3OGI1N2JjZTk1YjdjMjMyYjYzOTdjNzI0N2RmNmQzODRh
N2JlOGZjOTQ0YjlmNmU3MDYzNDMwMmIzMTM5MDNkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGJX37KiAHi1NDda0jIWbFMTGGmvt+t+JExoSmAR3ZIPBL
cf2AW8NBAQ/vmTaCByW87GTqXJy4FQbqn5nHhjdMqiQO9p8RzsiFtP3jXmbmaxDY
nyQK9dm9vrCjPteQP+wmNTLrllkdhyRBrJFN933ahfd9pW9Xu/s4FiXZwf8nP9iL
apCsYpZIqs10SSOVJrBWyNQfb8Y046SDkl2UpOnSK+cV2OxtAN53TjzeUy36JisY
bgdojNzHYUcVDnmAFcX5BBtc6+G9nF6KiCkHX9/FL5fPeR14yABEqxjNYtezhZm6
4oR0EKR0ndR2dc3bYAvosJwweqjQYK9DdFSfe98JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPxQL9tAlqEqZUHAq86qvN3BNmQwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzkxOTA2MWY3LTYzZWYtNDlmNi1iZmU1LWU2ZTdjMjhiMGM3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA7gdRtiFLUSY5v3XjM8gT3wRA/t
9iLLNJxqdyjGexvsaIOSU5Ycu9raO93zIm7FsXJbiPmzWBdeB6wgagZ0Dy4gB9mM
ih4PqvZH7NWhGhe9kYqisQNlw4l2/ry9G0du40D7Fy/5u8YD0ZQjTw5I0kh0G1Xz
zv/AqAqwdFVKjS55JpzuWL6F/jCrtD+bTD+7NRtDZhmr2+wm/BU6OB1vQH8jYRaz
ZZf5Q4ceNpnXeb1gDIlBgJVUneK8x2TioYAseNJRsp54K31xZXv6KFlz/1PJff/+
5ugFxDXf0MUBf7Uy3P/lAOPs4c0ww1s0VF28xQh9mzCcw8ZX+6C8fjRKZcQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:00 2024 by rpki-client on console-ams.rpki-client.org