Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f42322dc-7b03-4663-9aae-15faa4ccb108.roa
File:                     f42322dc-7b03-4663-9aae-15faa4ccb108.roa (raw, json)
Hash identifier:          JoVodZab77QjCiEV9Xm6rEfOOi+11FLRrkGUxriESZ4=
Subject key identifier:   C7:46:DF:B1:03:35:35:D2:DA:4D:52:27:FA:72:42:1F:8D:4C:05:D8
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6D05DDF3D0E524261185D9D38B2FE4CE48B54B14
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f42322dc-7b03-4663-9aae-15faa4ccb108.roa
Signing time:             Wed 09 Aug 2023 00:00:00 +0000
ROA not before:           Wed 09 Aug 2023 00:00:00 +0000
ROA not after:            Wed 13 Sep 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:05:dd:f3:d0:e5:24:26:11:85:d9:d3:8b:2f:e4:ce:48:b5:4b:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug  9 00:00:00 2023 GMT
            Not After : Sep 13 23:59:59 2023 GMT
        Subject: serialNumber=196fa046488d0462ac84202749e450abf539a1f522075f043a54cd8d85982698, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a2:6f:2d:26:dc:7f:e2:19:57:1d:ea:d7:dc:
                    45:c3:93:87:52:ff:89:79:5c:1f:cf:49:e4:e8:73:
                    23:48:c2:7f:58:10:3e:1d:ce:de:7f:2c:f4:13:97:
                    01:14:d4:1a:f4:f5:fd:7e:bd:9f:74:a2:9f:1c:b7:
                    52:17:41:f2:5c:2a:a7:6b:6d:c7:7b:f2:49:22:2e:
                    2c:ae:55:c5:11:c4:5f:9f:03:50:a7:0c:c2:15:b8:
                    b3:a0:95:8e:bf:f5:63:bf:be:4d:c9:53:37:83:61:
                    44:48:92:f9:34:72:e8:ee:d4:e4:ca:39:53:de:ee:
                    c5:a9:9a:83:17:08:74:39:f8:ed:4f:9f:67:75:69:
                    91:e0:c8:97:e3:7e:ce:84:94:50:36:91:87:ce:f3:
                    a8:99:22:15:ed:5f:b7:ca:23:30:57:30:cf:34:b6:
                    aa:ae:c0:ae:ee:5e:b9:9b:9a:45:9c:fa:be:ff:44:
                    52:f8:fb:5f:31:05:19:e9:f4:12:40:07:05:29:8b:
                    36:4d:d8:55:ac:8e:d8:44:73:62:f3:eb:22:07:75:
                    bd:57:7f:6b:c2:31:25:c0:81:e3:d4:21:ad:0a:16:
                    9a:5f:f5:14:77:74:bd:6a:21:b7:08:f8:0b:02:ed:
                    24:31:32:95:e3:5b:44:1a:b6:cc:06:c8:7a:5e:c2:
                    78:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:46:DF:B1:03:35:35:D2:DA:4D:52:27:FA:72:42:1F:8D:4C:05:D8
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f42322dc-7b03-4663-9aae-15faa4ccb108.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:74:16:57:67:67:6d:cc:25:34:7f:17:5a:90:62:b2:bc:ff:
         f0:fa:da:ac:b7:ff:af:c9:20:99:06:23:ec:50:5a:ca:24:87:
         45:b7:40:d6:ab:c9:2b:52:49:45:3c:1a:3e:24:98:df:02:4a:
         eb:58:21:b4:bc:92:06:1f:94:79:a6:e6:2f:7f:aa:0f:89:2c:
         17:8d:f1:c7:ca:84:10:32:01:3e:f2:9d:f9:d6:93:2d:fa:70:
         b3:08:3b:de:5e:f9:b0:36:54:07:da:94:ba:45:05:5f:8c:99:
         b1:86:75:2a:3d:dd:dd:ff:9b:c9:d2:b7:8a:9d:35:2a:bf:b3:
         ac:ae:3f:99:48:5f:cf:8e:4a:f7:2a:9f:86:9e:13:66:42:ed:
         7d:80:56:6e:6c:e8:88:53:65:a1:2a:f6:7c:8a:f2:47:1b:a3:
         e9:fb:f7:56:86:5b:97:0e:ca:84:11:00:a7:2b:54:b6:87:dd:
         12:9b:03:3a:2c:4d:b0:c5:07:5e:31:d3:c5:23:61:69:06:b2:
         b6:94:ce:f2:f4:56:ab:a6:18:b9:f5:05:48:9c:82:29:8f:b6:
         32:1b:f4:ea:44:d6:cd:a8:a4:cc:55:37:d8:19:c4:ba:48:47:
         5a:35:9c:6c:a9:a4:a3:46:e0:8c:be:f2:0d:40:18:6c:9a:63:
         20:b1:98:be
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbQXd89DlJCYRhdnTiy/kzki1SxQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODA5MDAwMDAwWhcNMjMwOTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTZmYTA0NjQ4OGQwNDYyYWM4NDIwMjc0OWU0NTBhYmY1
MzlhMWY1MjIwNzVmMDQzYTU0Y2Q4ZDg1OTgyNjk4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKom8tJtx/4hlXHerX3EXDk4dS/4l5XB/PSeTocyNIwn9Y
ED4dzt5/LPQTlwEU1Br09f1+vZ90op8ct1IXQfJcKqdrbcd78kkiLiyuVcURxF+f
A1CnDMIVuLOglY6/9WO/vk3JUzeDYURIkvk0cuju1OTKOVPe7sWpmoMXCHQ5+O1P
n2d1aZHgyJfjfs6ElFA2kYfO86iZIhXtX7fKIzBXMM80tqquwK7uXrmbmkWc+r7/
RFL4+18xBRnp9BJABwUpizZN2FWsjthEc2Lz6yIHdb1Xf2vCMSXAgePUIa0KFppf
9RR3dL1qIbcI+AsC7SQxMpXjW0QatswGyHpewng7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUx0bfsQM1NdLaTVIn+nJCH41MBdgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Y0MjMyMmRjLTdiMDMtNDY2My05YWFlLTE1ZmFhNGNjYjEwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABx0FldnZ23MJTR/F1qQYrK8//D6
2qy3/6/JIJkGI+xQWsokh0W3QNaryStSSUU8Gj4kmN8CSutYIbS8kgYflHmm5i9/
qg+JLBeN8cfKhBAyAT7ynfnWky36cLMIO95e+bA2VAfalLpFBV+MmbGGdSo93d3/
m8nSt4qdNSq/s6yuP5lIX8+OSvcqn4aeE2ZC7X2AVm5s6IhTZaEq9nyK8kcbo+n7
91aGW5cOyoQRAKcrVLaH3RKbAzosTbDFB14x08UjYWkGsraUzvL0VqumGLn1BUic
gimPtjIb9OpE1s2opMxVN9gZxLpIR1o1nGyppKNG4Iy+8g1AGGyaYyCxmL4=
-----END CERTIFICATE-----