Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f13e8f15-8dd3-4b97-b62e-cdfd58b3dd70.roa
File:                     f13e8f15-8dd3-4b97-b62e-cdfd58b3dd70.roa (raw, json)
Hash identifier:          7DMURhQj/m1AtGOElgT4cbOr2OhY92shDpUkOQPNjyA=
Subject key identifier:   03:07:F0:DE:59:4F:2A:4A:4B:1B:69:E3:34:81:9C:86:E5:2D:EC:FE
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       29F94EE8A578158C41AC8BA25964F4652BA74ECF
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f13e8f15-8dd3-4b97-b62e-cdfd58b3dd70.roa
Signing time:             Wed 10 Jan 2024 00:00:00 +0000
ROA not before:           Wed 10 Jan 2024 00:00:00 +0000
ROA not after:            Wed 14 Feb 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:f9:4e:e8:a5:78:15:8c:41:ac:8b:a2:59:64:f4:65:2b:a7:4e:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jan 10 00:00:00 2024 GMT
            Not After : Feb 14 23:59:59 2024 GMT
        Subject: serialNumber=0479759f31b7e64e90c63ddd4eb8de4a849055b414ec85463ec4450535398b1e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:b8:c4:8c:cd:93:f8:06:15:76:e5:e1:71:4f:
                    0f:34:8b:3d:c6:52:bb:bb:07:2e:16:d1:96:8d:48:
                    b0:3e:f2:e3:45:18:e6:61:46:b6:12:75:58:be:40:
                    1e:90:3f:fe:ab:c4:e5:3a:73:46:e8:b9:c5:ea:ae:
                    5a:d9:93:02:6f:9a:ca:e9:c6:38:3c:ac:1c:76:07:
                    d4:2e:4b:38:4a:0a:d4:9d:83:18:7d:03:1e:0d:3d:
                    cc:a4:78:2e:08:89:f4:cd:2f:d3:fb:4c:2a:8a:d4:
                    2c:b1:41:0a:e3:88:4b:2e:ac:ce:13:4e:28:56:28:
                    12:22:b6:9f:13:82:ce:8e:f7:9c:54:2e:03:a2:94:
                    5b:cb:8b:50:5e:b4:7e:7d:5e:12:a4:9a:e3:ed:95:
                    8f:6b:d3:8c:e7:28:93:5f:cd:cf:d8:67:2c:55:72:
                    86:aa:a2:26:dc:76:96:99:4e:33:6e:e3:a2:28:9f:
                    3e:71:e0:48:fc:3f:85:01:80:d4:69:fe:7c:05:cd:
                    dc:79:27:2b:05:42:36:4c:63:57:d8:ac:6d:45:fa:
                    4a:83:dc:dc:dd:79:5c:36:e2:ba:73:08:95:b3:1e:
                    a3:ba:e0:c0:13:42:dd:b7:a9:9e:e5:81:e2:76:d9:
                    2a:6d:26:9c:9d:c7:34:fa:c5:be:3e:3f:a4:33:c6:
                    b7:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:07:F0:DE:59:4F:2A:4A:4B:1B:69:E3:34:81:9C:86:E5:2D:EC:FE
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f13e8f15-8dd3-4b97-b62e-cdfd58b3dd70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:27:e7:4c:7f:0d:80:16:a0:f3:45:7f:03:da:ac:af:23:54:
         c4:45:11:3a:a7:1c:a4:6e:f9:20:1b:cf:00:17:b1:c4:7c:85:
         a2:2f:61:b1:f5:9e:10:70:22:1a:15:22:bb:5d:ce:8f:ac:80:
         be:7d:8f:bd:64:3d:66:08:10:6e:e8:a9:a5:df:8d:0a:48:dc:
         0d:ea:e6:77:d3:32:a2:fd:e7:44:26:07:b0:2a:84:2f:47:4e:
         09:b9:4d:6e:8b:b9:51:58:0f:0d:c1:f0:75:6b:35:19:8f:0f:
         a8:b5:7c:a2:ce:a2:d5:ff:84:c2:7a:b3:34:e2:5b:c7:ef:60:
         93:dd:d8:02:83:71:c8:46:67:a7:de:4d:60:8b:ad:1b:fe:10:
         0e:29:90:15:3d:56:ce:6d:c8:02:b0:d7:2d:1f:bc:bf:5d:ea:
         b3:5e:26:00:2b:8f:71:e2:8b:ae:7c:d3:e6:18:60:bd:41:aa:
         3b:0d:72:a9:8f:b7:54:fa:a5:66:ba:86:17:36:4f:1f:82:0b:
         aa:73:9d:36:7c:1a:93:50:80:47:f6:e9:89:a0:a8:2b:69:ba:
         e0:4a:45:d7:e3:8c:09:14:3f:80:69:69:1c:32:94:9d:01:7e:
         e5:71:db:8c:27:9c:01:c2:94:3e:09:ee:b6:73:0d:e1:5e:67:
         9b:33:25:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKflO6KV4FYxBrIuiWWT0ZSunTs8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTEwMDAwMDAwWhcNMjQwMjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNDc5NzU5ZjMxYjdlNjRlOTBjNjNkZGQ0ZWI4ZGU0YTg0
OTA1NWI0MTRlYzg1NDYzZWM0NDUwNTM1Mzk4YjFlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiuMSMzZP4BhV25eFxTw80iz3GUru7By4W0ZaNSLA+8uNF
GOZhRrYSdVi+QB6QP/6rxOU6c0boucXqrlrZkwJvmsrpxjg8rBx2B9QuSzhKCtSd
gxh9Ax4NPcykeC4IifTNL9P7TCqK1CyxQQrjiEsurM4TTihWKBIitp8Tgs6O95xU
LgOilFvLi1BetH59XhKkmuPtlY9r04znKJNfzc/YZyxVcoaqoibcdpaZTjNu46Io
nz5x4Ej8P4UBgNRp/nwFzdx5JysFQjZMY1fYrG1F+kqD3NzdeVw24rpzCJWzHqO6
4MATQt23qZ7lgeJ22SptJpydxzT6xb4+P6QzxrebAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUAwfw3llPKkpLG2njNIGchuUt7P4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2YxM2U4ZjE1LThkZDMtNGI5Ny1iNjJlLWNkZmQ1OGIzZGQ3MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEUn50x/DYAWoPNFfwParK8jVMRF
ETqnHKRu+SAbzwAXscR8haIvYbH1nhBwIhoVIrtdzo+sgL59j71kPWYIEG7oqaXf
jQpI3A3q5nfTMqL950QmB7AqhC9HTgm5TW6LuVFYDw3B8HVrNRmPD6i1fKLOotX/
hMJ6szTiW8fvYJPd2AKDcchGZ6feTWCLrRv+EA4pkBU9Vs5tyAKw1y0fvL9d6rNe
JgArj3Hii6580+YYYL1BqjsNcqmPt1T6pWa6hhc2Tx+CC6pznTZ8GpNQgEf26Ymg
qCtpuuBKRdfjjAkUP4BpaRwylJ0BfuVx24wnnAHClD4J7rZzDeFeZ5szJRw=
-----END CERTIFICATE-----