Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b0417594-8b15-4ef0-bb85-75e10c4a3225.roa
File:                     b0417594-8b15-4ef0-bb85-75e10c4a3225.roa (raw, json)
Hash identifier:          RnJ+vfKDGuwb3vzqYCIQh23QUv3fjZ7pw8xgksBJP8I=
Subject key identifier:   9B:53:38:D2:A1:ED:EA:E7:2A:E7:6C:84:74:84:23:41:FC:CA:56:9C
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       56BCA24610CB70449760EA8217D14842DA1F1369
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b0417594-8b15-4ef0-bb85-75e10c4a3225.roa
Signing time:             Sun 31 Mar 2024 00:00:00 +0000
ROA not before:           Sun 31 Mar 2024 00:00:00 +0000
ROA not after:            Sun 05 May 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:bc:a2:46:10:cb:70:44:97:60:ea:82:17:d1:48:42:da:1f:13:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Mar 31 00:00:00 2024 GMT
            Not After : May  5 23:59:59 2024 GMT
        Subject: serialNumber=2001b9c9d6d9715889d2d6ff60d54384ea5e52a7dc28d9158b80bec6720d2a83, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:69:73:2e:8a:b0:be:de:87:1c:4f:18:be:40:
                    99:5d:2a:a5:eb:72:9c:99:44:37:d7:98:32:f1:61:
                    44:95:5e:4e:50:0d:53:89:da:42:0f:30:56:49:6f:
                    e1:8b:4a:1c:d1:de:d2:e7:20:1e:81:b1:86:42:8f:
                    47:79:6c:1e:d3:e8:a2:53:cf:ba:87:20:9f:d1:f1:
                    55:b8:45:0a:10:71:27:10:d7:08:a8:8b:63:7f:53:
                    1e:4d:22:85:6f:c0:ac:34:c4:6c:6d:8a:90:6f:52:
                    1b:35:5a:1b:d8:bf:ec:66:63:66:9a:43:bd:f7:ce:
                    e4:9e:05:3f:56:54:e3:02:3b:07:da:48:91:7e:8f:
                    7e:7d:0f:62:c3:61:dd:90:0b:9a:ba:7c:71:a2:6c:
                    6d:89:04:df:fc:0d:96:02:fb:7e:dd:7f:67:b4:30:
                    1f:e8:01:c6:8a:76:79:0c:3b:c9:45:50:15:8f:d5:
                    a7:c0:be:d0:19:07:66:14:87:f1:c7:1d:16:fd:1b:
                    f1:de:fa:3b:de:4c:ae:5b:17:47:5b:66:14:2c:fd:
                    93:3e:87:fa:ee:66:79:9d:2f:6d:2e:cc:e4:a0:c9:
                    55:54:5c:b6:7f:bd:ed:1d:fd:2f:47:72:03:12:9e:
                    a2:3b:7d:78:87:23:14:87:3d:fc:e1:7e:bd:a6:8c:
                    5e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:53:38:D2:A1:ED:EA:E7:2A:E7:6C:84:74:84:23:41:FC:CA:56:9C
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b0417594-8b15-4ef0-bb85-75e10c4a3225.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:59:e5:af:d6:36:47:f0:4b:ae:73:9d:41:bc:46:11:f3:05:
         7f:66:ff:ff:0d:db:a3:7f:c6:95:61:f6:0b:92:ac:cd:d0:e1:
         a1:0b:5a:66:53:80:51:a9:bc:7b:1c:c2:78:f6:43:8d:ee:02:
         97:18:41:4a:c6:65:87:7d:4a:ae:72:60:30:1d:11:10:82:0d:
         7e:aa:5d:e8:87:af:97:74:ee:ef:b7:eb:42:e6:75:b1:1b:51:
         b9:8b:ed:57:1c:68:5a:cc:a4:b1:f4:9f:fe:ad:64:0b:e8:6d:
         34:b4:aa:b2:58:3c:02:5c:f8:f8:00:a3:2f:17:5d:81:2b:f1:
         41:4f:9f:a6:74:07:69:73:59:32:a0:d9:0a:97:92:2e:ff:05:
         2b:37:48:9e:b9:d0:13:de:77:5b:93:96:b3:c5:22:9c:fc:e2:
         9e:03:fa:22:ec:fd:bc:71:9f:e4:df:02:43:20:10:71:59:19:
         ac:71:bd:7d:e9:0d:07:9e:96:18:cf:96:4b:61:b4:83:0b:78:
         29:38:69:b5:55:c1:e6:d7:28:aa:9c:62:85:25:ee:ce:a9:eb:
         f0:6a:3d:06:e5:e5:fe:e8:de:0d:1b:03:0f:e0:23:dc:82:0b:
         d3:b5:47:f7:fd:32:e4:93:20:56:6a:cd:26:87:58:e9:60:ba:
         64:ec:43:60
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVryiRhDLcESXYOqCF9FIQtofE2kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzMxMDAwMDAwWhcNMjQwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDAxYjljOWQ2ZDk3MTU4ODlkMmQ2ZmY2MGQ1NDM4NGVh
NWU1MmE3ZGMyOGQ5MTU4YjgwYmVjNjcyMGQyYTgzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPaXMuirC+3occTxi+QJldKqXrcpyZRDfXmDLxYUSVXk5Q
DVOJ2kIPMFZJb+GLShzR3tLnIB6BsYZCj0d5bB7T6KJTz7qHIJ/R8VW4RQoQcScQ
1wioi2N/Ux5NIoVvwKw0xGxtipBvUhs1WhvYv+xmY2aaQ733zuSeBT9WVOMCOwfa
SJF+j359D2LDYd2QC5q6fHGibG2JBN/8DZYC+37df2e0MB/oAcaKdnkMO8lFUBWP
1afAvtAZB2YUh/HHHRb9G/He+jveTK5bF0dbZhQs/ZM+h/ruZnmdL20uzOSgyVVU
XLZ/ve0d/S9HcgMSnqI7fXiHIxSHPfzhfr2mjF5JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUm1M40qHt6ucq52yEdIQjQfzKVpwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2IwNDE3NTk0LThiMTUtNGVmMC1iYjg1LTc1ZTEwYzRhMzIyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKpZ5a/WNkfwS65znUG8RhHzBX9m
//8N26N/xpVh9guSrM3Q4aELWmZTgFGpvHscwnj2Q43uApcYQUrGZYd9Sq5yYDAd
ERCCDX6qXeiHr5d07u+360LmdbEbUbmL7VccaFrMpLH0n/6tZAvobTS0qrJYPAJc
+PgAoy8XXYEr8UFPn6Z0B2lzWTKg2QqXki7/BSs3SJ650BPed1uTlrPFIpz84p4D
+iLs/bxxn+TfAkMgEHFZGaxxvX3pDQeelhjPlkthtIMLeCk4abVVwebXKKqcYoUl
7s6p6/BqPQbl5f7o3g0bAw/gI9yCC9O1R/f9MuSTIFZqzSaHWOlgumTsQ2A=
-----END CERTIFICATE-----