Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb3fe96a-418c-44e8-9b39-fc81974b3c3d.roa
File:                     fb3fe96a-418c-44e8-9b39-fc81974b3c3d.roa (raw, json)
Hash identifier:          Mb1YcjohxPh2vUOWDwv956+z7u9ihfsW4zppG5dYOMk=
Subject key identifier:   6A:ED:BE:EF:56:66:26:5E:72:1F:7D:F7:97:7D:D9:95:D1:8A:DF:09
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       05A66A7D6C22D1607267573271065774C81B4E62
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb3fe96a-418c-44e8-9b39-fc81974b3c3d.roa
Signing time:             Sat 17 Jun 2023 00:00:00 +0000
ROA not before:           Sat 17 Jun 2023 00:00:00 +0000
ROA not after:            Sat 22 Jul 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:a6:6a:7d:6c:22:d1:60:72:67:57:32:71:06:57:74:c8:1b:4e:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 17 00:00:00 2023 GMT
            Not After : Jul 22 23:59:59 2023 GMT
        Subject: serialNumber=9a1ad9bd49f3a1942dbb59d2df5d8f65188de8bbe06b986c8cb4af3efbcff9cc, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:53:45:99:da:c3:98:f5:bc:6d:e0:e8:1c:96:
                    ef:88:cc:ac:25:71:4d:cf:94:70:00:10:2a:bd:dc:
                    40:7b:0a:e5:a6:b7:24:2f:c6:88:4e:43:25:67:03:
                    90:ed:a8:d6:07:50:c1:46:46:5a:58:12:62:e5:29:
                    7f:db:4d:35:41:cc:04:19:85:76:aa:bf:07:48:07:
                    cd:48:96:ee:e3:73:a6:3f:81:dd:22:c6:3d:dc:6b:
                    3b:ad:ef:bd:fc:3d:ef:dc:bd:f0:68:c3:9f:30:f3:
                    ad:87:7b:5b:1a:43:a3:02:9b:89:cf:49:32:87:89:
                    6b:52:44:7f:bb:45:0d:53:a7:29:80:3d:13:ae:0e:
                    12:c8:0d:06:0a:b8:0c:b2:d0:7b:70:f8:72:0e:4b:
                    1f:bc:6a:fd:5e:aa:c0:5d:50:b4:81:82:f4:94:6e:
                    05:1b:f3:11:43:f5:7c:d0:aa:d6:c6:11:1e:49:b5:
                    1a:e5:80:8d:7d:78:02:d5:08:23:8c:42:d1:fa:ad:
                    ef:df:51:0b:ed:59:17:31:85:75:4a:75:de:1c:6d:
                    43:e7:81:44:03:c5:df:74:cf:73:df:43:09:de:12:
                    52:b3:b9:2c:5d:d4:a8:b4:6f:e2:b3:67:12:33:8c:
                    c8:d7:69:0d:75:e9:01:c2:a9:79:4d:6e:76:3c:bf:
                    ab:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:ED:BE:EF:56:66:26:5E:72:1F:7D:F7:97:7D:D9:95:D1:8A:DF:09
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb3fe96a-418c-44e8-9b39-fc81974b3c3d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:37:67:02:e6:25:31:cc:77:75:64:1f:32:4a:7d:d1:61:76:
         9f:40:83:57:3f:26:20:10:ce:4a:2c:72:c8:e3:65:83:e7:93:
         b2:1d:b4:14:5d:d3:0c:05:cc:a0:fb:45:2e:06:15:9e:20:cd:
         9a:da:d3:27:42:7f:13:d0:4a:13:10:86:dc:fd:b9:6a:4d:49:
         57:c4:3d:04:3c:94:a9:4f:41:87:a9:e1:72:2d:40:c2:15:ca:
         87:6d:29:8b:7a:9b:02:dc:23:71:46:c2:4b:6a:f9:c2:47:00:
         42:b0:d9:22:fc:cb:dd:77:a9:1d:df:bc:ae:b6:cd:f8:3a:02:
         6e:d3:cc:00:87:cb:2d:92:b0:64:00:9c:f3:38:06:fb:c8:22:
         36:91:ad:ef:c0:dd:cf:bc:10:da:c2:22:17:6f:9a:c6:aa:d6:
         86:fb:57:a3:29:8c:e5:e3:96:6d:da:39:86:11:06:c1:84:a8:
         50:7c:08:fd:1c:d9:92:64:81:c6:fb:f0:55:2b:c2:4e:39:df:
         fe:a2:9a:88:33:2c:01:08:d2:ac:64:5d:1b:7b:49:4a:81:ac:
         cb:b4:5d:19:72:07:41:6e:7e:30:ea:c8:2b:c8:22:7f:ff:42:
         b0:60:12:38:f0:01:19:e5:13:94:47:5f:20:c0:61:6c:b9:ae:
         db:0f:9f:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBaZqfWwi0WByZ1cycQZXdMgbTmIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjE3MDAwMDAwWhcNMjMwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YTFhZDliZDQ5ZjNhMTk0MmRiYjU5ZDJkZjVkOGY2NTE4
OGRlOGJiZTA2Yjk4NmM4Y2I0YWYzZWZiY2ZmOWNjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWU0WZ2sOY9bxt4Ogclu+IzKwlcU3PlHAAECq93EB7CuWm
tyQvxohOQyVnA5DtqNYHUMFGRlpYEmLlKX/bTTVBzAQZhXaqvwdIB81Ilu7jc6Y/
gd0ixj3cazut7738Pe/cvfBow58w862He1saQ6MCm4nPSTKHiWtSRH+7RQ1TpymA
PROuDhLIDQYKuAyy0Htw+HIOSx+8av1eqsBdULSBgvSUbgUb8xFD9XzQqtbGER5J
tRrlgI19eALVCCOMQtH6re/fUQvtWRcxhXVKdd4cbUPngUQDxd90z3PfQwneElKz
uSxd1Ki0b+KzZxIzjMjXaQ116QHCqXlNbnY8v6vxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUau2+71ZmJl5yH333l33ZldGK3wkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZiM2ZlOTZhLTQxOGMtNDRlOC05YjM5LWZjODE5NzRiM2MzZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEY3ZwLmJTHMd3VkHzJKfdFhdp9A
g1c/JiAQzkoscsjjZYPnk7IdtBRd0wwFzKD7RS4GFZ4gzZra0ydCfxPQShMQhtz9
uWpNSVfEPQQ8lKlPQYep4XItQMIVyodtKYt6mwLcI3FGwktq+cJHAEKw2SL8y913
qR3fvK62zfg6Am7TzACHyy2SsGQAnPM4BvvIIjaRre/A3c+8ENrCIhdvmsaq1ob7
V6MpjOXjlm3aOYYRBsGEqFB8CP0c2ZJkgcb78FUrwk453/6imogzLAEI0qxkXRt7
SUqBrMu0XRlyB0FufjDqyCvIIn//QrBgEjjwARnlE5RHXyDAYWy5rtsPn/Q=
-----END CERTIFICATE-----