Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ca8f5681-d265-4cd2-9acc-09c59e3b9c0a.roa
File:                     ca8f5681-d265-4cd2-9acc-09c59e3b9c0a.roa (raw, json)
Hash identifier:          vvlJbQEq23Xrqzb3GW5tTMPli1WHR7DIOgGiO1/Mits=
Subject key identifier:   B4:B6:EE:A0:C4:EB:38:F7:97:90:D3:06:06:3A:BB:66:62:B2:FF:0A
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       20280A6F828C1B2350603FFF409B19F361C10B28
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ca8f5681-d265-4cd2-9acc-09c59e3b9c0a.roa
Signing time:             Thu 22 Jun 2023 00:00:00 +0000
ROA not before:           Thu 22 Jun 2023 00:00:00 +0000
ROA not after:            Thu 27 Jul 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:28:0a:6f:82:8c:1b:23:50:60:3f:ff:40:9b:19:f3:61:c1:0b:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 22 00:00:00 2023 GMT
            Not After : Jul 27 23:59:59 2023 GMT
        Subject: serialNumber=13e2e86abb4c1f5ebd62809aeb8ae124ad02667cb75ad031e373ae95b170cb5e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3d:ae:29:95:67:6c:3d:85:74:4f:22:8c:36:
                    25:91:e3:5f:d2:21:d3:b8:b7:6e:fe:6c:b4:e7:25:
                    ce:9b:1e:9a:c2:cf:5d:eb:f1:28:27:47:6d:94:21:
                    b1:d1:94:94:cb:cf:3a:38:d4:78:f9:26:da:5e:ed:
                    59:6a:bd:95:1a:e3:a2:77:cc:00:f8:ef:df:35:cc:
                    b0:2a:05:6f:66:16:3a:90:b5:0a:95:d9:ff:3f:cb:
                    dd:a8:15:61:23:35:23:98:ab:de:51:85:e3:9e:1b:
                    22:70:6a:cd:c3:eb:33:c0:73:1a:0f:e1:ae:54:4e:
                    f4:66:02:17:ed:2e:63:8b:62:7d:5c:8d:b4:28:40:
                    fb:8a:3a:82:52:03:d8:7f:41:cc:12:e9:4a:d4:10:
                    0f:e8:65:94:36:39:14:fd:17:8f:ce:c7:38:fb:2a:
                    c7:ad:4f:0a:d2:cb:58:be:2b:6b:b4:6b:87:9a:db:
                    86:10:34:02:5b:6d:04:56:58:95:05:ad:65:76:3e:
                    0a:19:34:e2:92:0f:ab:d9:5e:5f:e3:83:e1:28:34:
                    a7:58:5c:68:af:12:67:e8:8b:96:4a:44:63:ac:d2:
                    15:7f:60:cd:d4:53:bd:a9:23:e7:21:09:e7:c1:39:
                    83:1b:9b:cd:d2:70:6f:cd:d3:b5:82:44:a5:22:ce:
                    9e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:B6:EE:A0:C4:EB:38:F7:97:90:D3:06:06:3A:BB:66:62:B2:FF:0A
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ca8f5681-d265-4cd2-9acc-09c59e3b9c0a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:0d:5a:3a:08:2d:d3:1e:c1:19:04:76:ae:b5:c6:e3:c2:29:
         ee:3c:fb:d3:61:75:1c:2f:ca:c9:cc:8d:d0:bd:1a:7a:89:a5:
         7e:c4:23:72:df:70:47:57:ff:8a:bb:07:75:d3:ec:b1:a4:11:
         9d:7a:16:f4:48:8b:7c:af:7c:a4:27:a1:2a:0c:d5:4f:b4:1c:
         67:af:7d:a3:23:ec:4d:21:9e:89:8f:30:ab:91:9f:b4:ba:2f:
         af:60:1f:c8:fa:99:3d:94:39:90:23:85:21:d9:bd:93:6c:88:
         0c:5e:f0:b5:06:6a:32:ed:06:2c:36:fa:f0:f5:e3:51:56:92:
         43:5c:33:fa:d5:b4:7d:c9:f1:50:cd:15:c4:d3:a4:15:99:c7:
         8f:f4:df:9c:08:52:ca:d2:ee:e5:ae:3f:1f:c9:3e:df:66:db:
         54:3f:1a:86:ad:41:ba:45:9d:7a:ce:f8:ad:6a:41:99:67:ea:
         a2:29:a6:c5:49:42:7e:66:fa:a4:07:82:a1:95:12:4a:a6:7c:
         f8:98:d4:8e:1d:33:45:c8:5e:4a:04:68:4a:15:34:4a:a4:8d:
         94:39:be:dc:06:2b:bc:5c:be:16:55:44:ac:e8:7d:5e:0d:75:
         56:e5:1f:d8:a6:df:6a:e1:d4:8e:a1:a2:a0:c8:5a:90:9a:26:
         70:75:19:ca
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUICgKb4KMGyNQYD//QJsZ82HBCygwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjIyMDAwMDAwWhcNMjMwNzI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxM2UyZTg2YWJiNGMxZjVlYmQ2MjgwOWFlYjhhZTEyNGFk
MDI2NjdjYjc1YWQwMzFlMzczYWU5NWIxNzBjYjVlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1Pa4plWdsPYV0TyKMNiWR41/SIdO4t27+bLTnJc6bHprC
z13r8SgnR22UIbHRlJTLzzo41Hj5Jtpe7VlqvZUa46J3zAD47981zLAqBW9mFjqQ
tQqV2f8/y92oFWEjNSOYq95RheOeGyJwas3D6zPAcxoP4a5UTvRmAhftLmOLYn1c
jbQoQPuKOoJSA9h/QcwS6UrUEA/oZZQ2ORT9F4/Oxzj7KsetTwrSy1i+K2u0a4ea
24YQNAJbbQRWWJUFrWV2PgoZNOKSD6vZXl/jg+EoNKdYXGivEmfoi5ZKRGOs0hV/
YM3UU72pI+chCefBOYMbm83ScG/N07WCRKUizp6hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtLbuoMTrOPeXkNMGBjq7ZmKy/wowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2NhOGY1NjgxLWQyNjUtNGNkMi05YWNjLTA5YzU5ZTNiOWMwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABINWjoILdMewRkEdq61xuPCKe48
+9NhdRwvysnMjdC9GnqJpX7EI3LfcEdX/4q7B3XT7LGkEZ16FvRIi3yvfKQnoSoM
1U+0HGevfaMj7E0hnomPMKuRn7S6L69gH8j6mT2UOZAjhSHZvZNsiAxe8LUGajLt
Biw2+vD141FWkkNcM/rVtH3J8VDNFcTTpBWZx4/035wIUsrS7uWuPx/JPt9m21Q/
GoatQbpFnXrO+K1qQZln6qIppsVJQn5m+qQHgqGVEkqmfPiY1I4dM0XIXkoEaEoV
NEqkjZQ5vtwGK7xcvhZVRKzofV4NdVblH9im32rh1I6hoqDIWpCaJnB1Gco=
-----END CERTIFICATE-----