Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e5b55f47-e6c9-4aa0-81de-c0c3f2f22031.roa
File:                     e5b55f47-e6c9-4aa0-81de-c0c3f2f22031.roa (raw, json)
Hash identifier:          VM+j3Ww3fNVfF105YDnPR+dwrMTuIPFO2ynSPgc6q0s=
Subject key identifier:   55:10:9D:E2:0C:BD:B4:C9:81:3F:83:EB:9F:58:E2:C0:8F:3F:2B:08
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5997996C9B706C8A15CC4A05572E41AE4BB6CACA
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e5b55f47-e6c9-4aa0-81de-c0c3f2f22031.roa
Signing time:             Thu 15 Jun 2023 00:00:00 +0000
ROA not before:           Thu 15 Jun 2023 00:00:00 +0000
ROA not after:            Thu 20 Jul 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:97:99:6c:9b:70:6c:8a:15:cc:4a:05:57:2e:41:ae:4b:b6:ca:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 15 00:00:00 2023 GMT
            Not After : Jul 20 23:59:59 2023 GMT
        Subject: serialNumber=70957b5356a442c64c218c6911deeccfd628e30b437c1d04c504e16e5427ed8e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:bc:87:7d:34:0e:16:f7:4a:74:73:b3:4c:8d:
                    66:63:95:f8:af:1d:19:02:4d:c8:d3:33:21:19:ed:
                    51:ef:e9:58:d2:90:cb:99:30:74:a8:cf:a3:b4:e4:
                    41:c5:aa:c7:a1:1e:3c:23:5a:49:a9:59:89:77:b2:
                    2f:5f:55:23:49:0e:2b:af:19:97:9d:cd:f1:13:4c:
                    cf:06:7a:ad:3e:b2:8b:d1:2f:d6:ff:4f:0b:ba:58:
                    b3:40:1d:25:b1:89:62:9e:ce:15:ed:57:e3:8a:5c:
                    68:06:07:bd:61:00:fb:56:e6:93:7c:a8:92:19:74:
                    b8:01:d0:24:53:78:f9:f6:50:c6:86:03:86:e0:e7:
                    6e:f0:49:3d:9b:16:b3:55:59:25:8c:dd:df:ed:4e:
                    33:47:54:de:7f:62:79:9f:f3:02:d5:6c:18:e2:de:
                    70:7d:fb:4f:05:c8:b0:d1:ef:b2:4e:f9:17:53:91:
                    bd:12:69:4f:f3:a7:ec:e9:f7:71:6a:10:07:4a:af:
                    e8:84:74:01:01:2f:c8:0d:20:4b:63:7e:bf:9b:fa:
                    de:45:f9:d9:80:61:bb:79:07:6f:53:f4:89:69:c1:
                    8d:da:2e:3f:10:4a:91:10:07:1d:db:5e:20:93:37:
                    5c:fe:1e:cb:a6:5b:6c:33:8a:24:57:e4:44:40:f2:
                    51:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:10:9D:E2:0C:BD:B4:C9:81:3F:83:EB:9F:58:E2:C0:8F:3F:2B:08
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e5b55f47-e6c9-4aa0-81de-c0c3f2f22031.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:fb:43:42:65:83:26:7f:86:5c:14:e9:c9:c6:4a:9f:26:8b:
         10:50:64:0a:53:66:29:a7:b6:53:ac:ec:a8:66:7e:a6:e8:1b:
         26:c9:f0:51:4d:f0:ce:ea:bd:71:6e:ef:a9:36:9a:8a:6d:2d:
         8d:f7:d8:ef:83:98:06:bc:b4:39:45:c1:7a:22:ae:c5:e9:69:
         32:5d:7a:3e:d8:0b:50:40:74:e1:d2:de:35:e6:bc:f5:50:e1:
         73:61:78:eb:5a:df:a3:0d:86:c3:1b:51:84:08:a7:0a:07:ff:
         17:52:09:83:ef:24:f0:0d:28:87:ed:2d:bb:f9:04:7d:d2:f5:
         f5:5b:2c:16:30:c3:27:71:66:0f:3d:48:6f:b7:da:0d:17:ab:
         96:7c:23:61:ac:81:e1:8e:0a:3c:3d:6e:f2:97:26:84:c3:bc:
         69:48:e6:bd:40:6b:4c:f7:5f:09:cb:8f:14:18:13:a1:dd:35:
         32:f2:67:77:71:05:b4:c6:ff:1e:39:95:b4:f3:db:35:35:ed:
         3f:e3:c1:c6:31:d3:c6:13:22:3b:24:f7:66:dc:0d:d1:37:9c:
         2e:cb:40:72:d0:c5:f7:90:b9:02:c0:50:c8:1b:1a:f1:17:94:
         23:b2:27:75:65:01:78:54:a6:73:46:ca:52:e4:c9:96:d0:d3:
         c6:2b:49:48
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWZeZbJtwbIoVzEoFVy5Brku2ysowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjE1MDAwMDAwWhcNMjMwNzIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDk1N2I1MzU2YTQ0MmM2NGMyMThjNjkxMWRlZWNjZmQ2
MjhlMzBiNDM3YzFkMDRjNTA0ZTE2ZTU0MjdlZDhlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKvId9NA4W90p0c7NMjWZjlfivHRkCTcjTMyEZ7VHv6VjS
kMuZMHSoz6O05EHFqsehHjwjWkmpWYl3si9fVSNJDiuvGZedzfETTM8Geq0+sovR
L9b/Twu6WLNAHSWxiWKezhXtV+OKXGgGB71hAPtW5pN8qJIZdLgB0CRTePn2UMaG
A4bg527wST2bFrNVWSWM3d/tTjNHVN5/Ynmf8wLVbBji3nB9+08FyLDR77JO+RdT
kb0SaU/zp+zp93FqEAdKr+iEdAEBL8gNIEtjfr+b+t5F+dmAYbt5B29T9IlpwY3a
Lj8QSpEQBx3bXiCTN1z+HsumW2wziiRX5ERA8lHVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVRCd4gy9tMmBP4Prn1jiwI8/KwgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2U1YjU1ZjQ3LWU2YzktNGFhMC04MWRlLWMwYzNmMmYyMjAzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAB77Q0JlgyZ/hlwU6cnGSp8mixBQ
ZApTZimntlOs7KhmfqboGybJ8FFN8M7qvXFu76k2moptLY332O+DmAa8tDlFwXoi
rsXpaTJdej7YC1BAdOHS3jXmvPVQ4XNheOta36MNhsMbUYQIpwoH/xdSCYPvJPAN
KIftLbv5BH3S9fVbLBYwwydxZg89SG+32g0Xq5Z8I2GsgeGOCjw9bvKXJoTDvGlI
5r1Aa0z3XwnLjxQYE6HdNTLyZ3dxBbTG/x45lbTz2zU17T/jwcYx08YTIjsk92bc
DdE3nC7LQHLQxfeQuQLAUMgbGvEXlCOyJ3VlAXhUpnNGylLkyZbQ08YrSUg=
-----END CERTIFICATE-----