Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/96774438-1d94-4e6b-8734-4800bc49522f.roa
File:                     96774438-1d94-4e6b-8734-4800bc49522f.roa (raw, json)
Hash identifier:          FmXPxKDxOqVUQ0p7BsFBgQGPeCwWWzGpDfL/Iiu+mL0=
Subject key identifier:   50:C7:DD:64:53:6D:50:FA:28:20:61:62:A6:4C:C4:07:80:02:28:7D
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2B826D1EF29AED20AD3135E452814F01D0DF22E7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/96774438-1d94-4e6b-8734-4800bc49522f.roa
Signing time:             Sat 27 Jan 2024 00:00:00 +0000
ROA not before:           Sat 27 Jan 2024 00:00:00 +0000
ROA not after:            Sat 02 Mar 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:82:6d:1e:f2:9a:ed:20:ad:31:35:e4:52:81:4f:01:d0:df:22:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jan 27 00:00:00 2024 GMT
            Not After : Mar  2 23:59:59 2024 GMT
        Subject: serialNumber=62caf8c3f92f23c8b2b43d1ad1a29c43f7e3854f7e8a71f948a5bdadcf15f20b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:cc:cd:6a:f8:44:4e:81:e7:32:eb:8e:e6:6e:
                    ab:87:74:de:b4:19:07:3c:36:c1:4c:89:e3:27:18:
                    bf:f7:af:97:fd:7f:6b:e4:60:0a:f6:28:9b:4d:2c:
                    cf:4c:5b:f2:ff:8d:72:ed:5d:ed:74:5c:e9:09:bc:
                    27:a4:ca:6b:09:56:5f:27:1d:4a:2c:d2:53:58:35:
                    ec:a9:91:2a:21:df:7a:fe:da:39:ad:9f:ef:0f:0d:
                    84:b8:44:5c:12:3b:e4:54:a9:c7:fe:df:c6:47:25:
                    66:28:ed:1f:76:a3:7e:a5:97:85:27:bc:62:31:b1:
                    42:c0:fd:54:23:11:c5:64:f7:02:b5:68:0a:12:89:
                    aa:77:f6:ed:68:a5:de:2a:97:0e:7e:18:66:be:58:
                    d1:69:db:92:55:27:4c:4e:a2:f4:af:36:0e:8e:2c:
                    9c:25:4d:4d:8a:aa:22:d4:93:41:0d:32:d5:70:0e:
                    6d:63:a8:15:ae:e9:5c:37:97:a0:7e:d6:2b:7d:b9:
                    46:32:b9:f2:31:8f:8d:a1:08:5e:72:3d:14:24:fb:
                    75:17:49:08:76:54:60:dc:76:e2:96:dc:5e:d4:c7:
                    96:b2:c9:24:62:9b:cd:04:61:96:2c:16:48:ee:e2:
                    d1:9f:c8:5c:27:b5:e4:db:33:90:01:07:d6:80:0c:
                    0b:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:C7:DD:64:53:6D:50:FA:28:20:61:62:A6:4C:C4:07:80:02:28:7D
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/96774438-1d94-4e6b-8734-4800bc49522f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:ae:e4:f7:0b:99:70:d2:1f:50:fe:2a:fc:27:48:41:f3:ae:
         c6:8f:e5:d1:3f:fd:10:14:20:ee:8b:b2:7f:e5:43:69:8c:2c:
         fd:d8:53:ef:87:b1:ca:13:57:bf:4e:fc:c8:99:26:90:b7:d3:
         c6:39:40:f8:3a:96:43:ab:e3:39:06:d7:78:33:4a:50:6d:5c:
         26:14:5b:69:a2:f6:e6:f1:bb:4d:fb:14:26:7b:7e:3e:b2:37:
         b6:60:f1:c9:d5:1b:e8:d7:77:37:5d:62:c9:a1:f3:7e:79:80:
         b4:40:c7:88:f3:f4:9a:8c:6d:65:c0:eb:b2:da:bb:6d:0f:38:
         c8:54:f9:49:9c:53:b1:9b:db:c9:7a:ff:38:49:14:5f:7b:db:
         46:d8:61:51:1c:db:8a:9f:a2:c8:d1:37:71:3a:8b:c0:d8:ac:
         bb:17:fd:9d:cd:17:43:16:67:9b:99:a4:d9:52:b9:dc:c3:88:
         51:2b:26:dd:9f:de:65:f1:23:6a:70:21:b5:aa:97:93:05:fc:
         9e:c8:4e:fe:da:2b:a4:b9:08:27:ce:4a:7c:be:05:51:28:85:
         9d:b4:02:f2:cd:4d:8c:4f:71:2c:0b:c9:93:0c:59:95:ea:73:
         7e:be:23:f4:87:4d:cf:7c:e7:86:45:11:2f:0d:ae:80:9d:ce:
         d1:a3:f3:fb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK4JtHvKa7SCtMTXkUoFPAdDfIucwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTI3MDAwMDAwWhcNMjQwMzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MmNhZjhjM2Y5MmYyM2M4YjJiNDNkMWFkMWEyOWM0M2Y3
ZTM4NTRmN2U4YTcxZjk0OGE1YmRhZGNmMTVmMjBiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzzM1q+EROgecy647mbquHdN60GQc8NsFMieMnGL/3r5f9
f2vkYAr2KJtNLM9MW/L/jXLtXe10XOkJvCekymsJVl8nHUos0lNYNeypkSoh33r+
2jmtn+8PDYS4RFwSO+RUqcf+38ZHJWYo7R92o36ll4UnvGIxsULA/VQjEcVk9wK1
aAoSiap39u1opd4qlw5+GGa+WNFp25JVJ0xOovSvNg6OLJwlTU2KqiLUk0ENMtVw
Dm1jqBWu6Vw3l6B+1it9uUYyufIxj42hCF5yPRQk+3UXSQh2VGDcduKW3F7Ux5ay
ySRim80EYZYsFkju4tGfyFwnteTbM5ABB9aADAt9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUMfdZFNtUPooIGFipkzEB4ACKH0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzk2Nzc0NDM4LTFkOTQtNGU2Yi04NzM0LTQ4MDBiYzQ5NTIyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAESu5PcLmXDSH1D+KvwnSEHzrsaP
5dE//RAUIO6Lsn/lQ2mMLP3YU++HscoTV79O/MiZJpC308Y5QPg6lkOr4zkG13gz
SlBtXCYUW2mi9ubxu037FCZ7fj6yN7Zg8cnVG+jXdzddYsmh8355gLRAx4jz9JqM
bWXA67Lau20POMhU+UmcU7Gb28l6/zhJFF9720bYYVEc24qfosjRN3E6i8DYrLsX
/Z3NF0MWZ5uZpNlSudzDiFErJt2f3mXxI2pwIbWql5MF/J7ITv7aK6S5CCfOSny+
BVEohZ20AvLNTYxPcSwLyZMMWZXqc36+I/SHTc9854ZFES8NroCdztGj8/s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-ams.rpki-client.org