Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d4cb09e1-e7a2-4dff-88c8-bb6c5a0f548e.roa
File:                     d4cb09e1-e7a2-4dff-88c8-bb6c5a0f548e.roa (raw, json)
Hash identifier:          mVLi5cv8vF48lrLx+Q0dCdSl7xeq35Psdnhj9OXbR4A=
Subject key identifier:   7B:78:1B:29:A7:64:3F:94:9D:94:4B:63:3B:B1:28:10:DB:DC:E0:23
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       23AD86B1F1987CE852024966E2DF8B6882AD5087
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d4cb09e1-e7a2-4dff-88c8-bb6c5a0f548e.roa
Signing time:             Tue 26 Mar 2024 00:00:00 +0000
ROA not before:           Tue 26 Mar 2024 00:00:00 +0000
ROA not after:            Tue 30 Apr 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:ad:86:b1:f1:98:7c:e8:52:02:49:66:e2:df:8b:68:82:ad:50:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Mar 26 00:00:00 2024 GMT
            Not After : Apr 30 23:59:59 2024 GMT
        Subject: serialNumber=bf7ffe0abfa07c8053b701da9508c699da8e837b1c4ca89d0d0db26e14454956, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:23:87:5a:b4:60:9a:89:92:02:6b:87:5e:33:
                    12:93:60:26:25:56:d7:c4:dc:3d:00:e6:37:9b:f9:
                    97:6f:87:60:de:24:01:a6:d2:1c:82:68:fc:fa:d1:
                    6c:ab:8d:19:5c:7d:b9:94:d3:a9:69:5c:28:d5:c2:
                    e2:c6:8a:bd:5f:e9:e5:ec:40:2a:25:7f:c0:74:17:
                    d9:40:47:7d:7a:a7:ef:65:36:78:f9:04:81:e8:bd:
                    73:53:c9:fb:11:df:72:22:dd:cd:e3:bc:b5:60:fe:
                    1c:c8:28:99:d7:0c:5d:68:50:21:4f:58:9d:0e:23:
                    d6:8e:f1:20:23:f6:08:6a:74:e8:e6:f6:a7:af:21:
                    1b:69:f6:0d:2c:f4:b9:34:c4:22:7c:52:02:a6:03:
                    e5:4d:89:37:9a:ba:fd:77:17:d9:c1:fc:4d:e3:18:
                    da:ee:e7:ee:0e:f0:08:23:88:24:e7:7a:1f:5b:d8:
                    61:28:1f:36:06:5a:9b:ec:7e:0c:86:ab:3f:d1:57:
                    ac:d5:5a:d7:3e:55:0b:73:b9:ba:a2:50:50:d2:6e:
                    04:58:01:03:8d:f7:6a:b6:f1:6d:8f:12:be:1d:ef:
                    ed:a0:b7:39:19:0f:66:a5:af:f6:da:de:a4:01:da:
                    22:cc:35:01:46:50:a3:75:c3:52:d3:ef:5d:01:fb:
                    ba:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:78:1B:29:A7:64:3F:94:9D:94:4B:63:3B:B1:28:10:DB:DC:E0:23
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d4cb09e1-e7a2-4dff-88c8-bb6c5a0f548e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:ec:43:de:e1:ec:cc:36:6c:e7:ea:a5:94:57:32:70:1c:22:
         f3:63:23:58:6a:86:21:aa:c7:68:1f:d0:f1:87:58:03:d6:53:
         e4:be:9a:7e:98:1a:26:da:c0:36:a9:0f:e8:92:2a:88:c2:62:
         e1:28:85:16:c7:47:ec:49:82:48:5d:38:e6:f0:f4:3a:3e:86:
         41:ea:77:1e:a4:60:3d:7d:64:56:ee:49:97:d7:76:5f:68:39:
         f8:97:c1:31:81:74:66:4c:46:c9:bb:59:e4:78:16:03:20:ca:
         f6:aa:df:8c:ce:67:16:94:1b:19:3c:d2:96:9d:60:a0:5d:7f:
         a1:02:4d:44:a2:3a:bd:69:cd:f1:86:68:45:a9:41:17:b8:90:
         c2:f9:20:cb:59:d9:3c:38:c4:03:a4:16:4e:fc:06:b1:a4:9d:
         5e:cc:14:34:75:35:d0:a6:ab:14:5c:5f:e4:f6:f9:14:05:30:
         bc:0e:fe:50:33:34:67:69:d0:d3:62:01:ce:64:b8:aa:26:a2:
         dc:5e:71:49:a3:61:f8:11:60:cd:71:9f:4d:22:4b:a6:6b:b1:
         a0:bb:3e:65:06:6f:ad:15:d3:c2:40:98:67:ea:f9:21:d4:6e:
         05:a7:08:d4:7b:1b:e5:f6:1a:37:20:57:a9:5e:98:b1:a3:a3:
         9d:36:63:30
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI62GsfGYfOhSAklm4t+LaIKtUIcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzI2MDAwMDAwWhcNMjQwNDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjdmZmUwYWJmYTA3YzgwNTNiNzAxZGE5NTA4YzY5OWRh
OGU4MzdiMWM0Y2E4OWQwZDBkYjI2ZTE0NDU0OTU2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAI4datGCaiZICa4deMxKTYCYlVtfE3D0A5jeb+Zdvh2De
JAGm0hyCaPz60WyrjRlcfbmU06lpXCjVwuLGir1f6eXsQColf8B0F9lAR316p+9l
Nnj5BIHovXNTyfsR33Ii3c3jvLVg/hzIKJnXDF1oUCFPWJ0OI9aO8SAj9ghqdOjm
9qevIRtp9g0s9Lk0xCJ8UgKmA+VNiTeauv13F9nB/E3jGNru5+4O8AgjiCTneh9b
2GEoHzYGWpvsfgyGqz/RV6zVWtc+VQtzubqiUFDSbgRYAQON92q28W2PEr4d7+2g
tzkZD2alr/ba3qQB2iLMNQFGUKN1w1LT710B+7qxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUe3gbKadkP5SdlEtjO7EoENvc4CMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q0Y2IwOWUxLWU3YTItNGRmZi04OGM4LWJiNmM1YTBmNTQ4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABDsQ97h7Mw2bOfqpZRXMnAcIvNj
I1hqhiGqx2gf0PGHWAPWU+S+mn6YGibawDapD+iSKojCYuEohRbHR+xJgkhdOObw
9Do+hkHqdx6kYD19ZFbuSZfXdl9oOfiXwTGBdGZMRsm7WeR4FgMgyvaq34zOZxaU
Gxk80padYKBdf6ECTUSiOr1pzfGGaEWpQRe4kML5IMtZ2Tw4xAOkFk78BrGknV7M
FDR1NdCmqxRcX+T2+RQFMLwO/lAzNGdp0NNiAc5kuKomotxecUmjYfgRYM1xn00i
S6ZrsaC7PmUGb60V08JAmGfq+SHUbgWnCNR7G+X2GjcgV6lemLGjo502YzA=
-----END CERTIFICATE-----