Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ee78f200-bf58-4fde-9270-3d2fd08bb08f.roa
File:                     ee78f200-bf58-4fde-9270-3d2fd08bb08f.roa (raw, json)
Hash identifier:          mvNvnyn1zhnsVk7UjUNLVYDaeLjZD5NKSuMsf0MCTZ8=
Subject key identifier:   06:20:50:8F:46:84:AB:7B:02:71:76:EB:5C:16:88:B9:BC:76:FC:AB
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       4EA853B1113D5525A90CB0C519975FCDEFAC0895
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ee78f200-bf58-4fde-9270-3d2fd08bb08f.roa
Signing time:             Sat 22 Jul 2023 00:00:00 +0000
ROA not before:           Sat 22 Jul 2023 00:00:00 +0000
ROA not after:            Sat 26 Aug 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:a8:53:b1:11:3d:55:25:a9:0c:b0:c5:19:97:5f:cd:ef:ac:08:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 22 00:00:00 2023 GMT
            Not After : Aug 26 23:59:59 2023 GMT
        Subject: serialNumber=3509944c714b0412a69d299793d8dfb60db600a45d8d426f21bd0c042cf9ffd5, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f1:69:df:f4:a0:dd:46:8e:83:f6:b5:63:97:
                    9e:bf:0a:6b:96:2c:73:39:a2:6e:45:bb:f2:d5:a9:
                    0b:e5:60:da:40:5d:23:0d:77:61:a4:24:d2:a2:10:
                    1a:c6:91:a4:9c:19:64:d9:54:3a:21:a8:59:d8:a6:
                    f5:55:62:bf:16:94:2e:1d:e5:e6:e3:83:3d:2f:0f:
                    7f:cd:b4:33:39:54:1a:6c:f5:76:2d:3a:e8:19:d7:
                    f6:6c:82:45:28:f9:90:98:41:69:52:8a:a9:e0:8e:
                    b9:31:10:b6:c7:b0:34:33:80:de:cc:e1:ba:f8:34:
                    ff:96:e1:1d:20:f9:8a:9c:49:e9:f4:45:74:6a:92:
                    0b:1f:a6:af:38:05:b7:2d:e1:8e:b6:98:0c:ab:af:
                    2e:b8:ed:a1:81:19:44:f7:73:69:bf:d8:bf:a5:64:
                    ac:1e:60:71:a4:c2:8f:6c:ff:65:25:d2:e1:ac:cf:
                    ce:8c:cc:b1:0a:b5:a5:22:9d:42:22:70:77:dd:5b:
                    15:31:d7:d7:90:cd:8c:96:db:0b:33:d9:62:35:ac:
                    f8:14:15:f8:5a:35:87:37:a5:ea:f9:14:c5:c4:6f:
                    59:72:6e:53:da:2d:0b:56:e8:ab:4e:2d:7a:0f:75:
                    25:7e:08:81:f8:2d:6f:ce:52:87:77:62:1c:24:fe:
                    50:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:20:50:8F:46:84:AB:7B:02:71:76:EB:5C:16:88:B9:BC:76:FC:AB
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ee78f200-bf58-4fde-9270-3d2fd08bb08f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:9d:83:71:de:37:0a:3f:ad:26:6c:9b:bb:26:f5:81:be:71:
         ce:02:01:07:8d:90:d1:66:9b:01:28:a6:57:0d:75:8a:42:b8:
         47:09:50:cf:6a:db:64:2f:d1:7f:11:c3:95:50:6a:33:38:94:
         40:3b:49:b3:01:a2:03:a9:13:c5:db:5f:8a:0f:47:a3:82:2e:
         1d:45:61:78:5e:7d:b7:69:49:16:dc:02:4e:33:73:fd:38:e1:
         73:cc:61:91:26:b4:94:6d:f7:57:9d:5b:b8:2a:31:e5:49:0f:
         83:f2:07:ed:ae:13:a7:a5:21:0b:13:46:c4:0f:15:9a:f4:aa:
         58:61:94:10:ef:3b:0b:3d:da:f4:f4:56:8a:c1:39:13:01:3a:
         fb:06:e2:cf:03:86:fa:f9:8b:02:32:d4:77:10:1d:0b:3f:93:
         4f:02:ba:52:38:ae:ec:80:a7:f2:7e:19:98:a0:32:eb:12:c1:
         93:46:c6:87:b3:d9:29:3e:22:e3:c7:c6:3a:96:0c:e2:d7:25:
         87:d9:94:03:ce:a1:9b:32:69:96:d0:d8:d1:65:bd:c3:bf:4b:
         64:a1:de:b0:54:a8:e5:75:2f:8f:07:fe:bb:14:e9:65:24:3c:
         69:5b:be:9e:cc:00:a1:5d:3c:b1:0a:b6:5f:ce:53:77:98:f5:
         a7:2f:57:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTqhTsRE9VSWpDLDFGZdfze+sCJUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzIyMDAwMDAwWhcNMjMwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTA5OTQ0YzcxNGIwNDEyYTY5ZDI5OTc5M2Q4ZGZiNjBk
YjYwMGE0NWQ4ZDQyNmYyMWJkMGMwNDJjZjlmZmQ1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu8Wnf9KDdRo6D9rVjl56/CmuWLHM5om5Fu/LVqQvlYNpA
XSMNd2GkJNKiEBrGkaScGWTZVDohqFnYpvVVYr8WlC4d5ebjgz0vD3/NtDM5VBps
9XYtOugZ1/ZsgkUo+ZCYQWlSiqngjrkxELbHsDQzgN7M4br4NP+W4R0g+YqcSen0
RXRqkgsfpq84Bbct4Y62mAyrry647aGBGUT3c2m/2L+lZKweYHGkwo9s/2Ul0uGs
z86MzLEKtaUinUIicHfdWxUx19eQzYyW2wsz2WI1rPgUFfhaNYc3per5FMXEb1ly
blPaLQtW6KtOLXoPdSV+CIH4LW/OUod3Yhwk/lCpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBiBQj0aEq3sCcXbrXBaIubx2/KswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2VlNzhmMjAwLWJmNTgtNGZkZS05MjcwLTNkMmZkMDhiYjA4Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADKdg3HeNwo/rSZsm7sm9YG+cc4C
AQeNkNFmmwEoplcNdYpCuEcJUM9q22Qv0X8Rw5VQajM4lEA7SbMBogOpE8XbX4oP
R6OCLh1FYXhefbdpSRbcAk4zc/044XPMYZEmtJRt91edW7gqMeVJD4PyB+2uE6el
IQsTRsQPFZr0qlhhlBDvOws92vT0VorBORMBOvsG4s8Dhvr5iwIy1HcQHQs/k08C
ulI4ruyAp/J+GZigMusSwZNGxoez2Sk+IuPHxjqWDOLXJYfZlAPOoZsyaZbQ2NFl
vcO/S2Sh3rBUqOV1L48H/rsU6WUkPGlbvp7MAKFdPLEKtl/OU3eY9acvV14=
-----END CERTIFICATE-----