Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fef4871d-8f06-498d-a62a-c8986b5cbc7b.roa
File:                     fef4871d-8f06-498d-a62a-c8986b5cbc7b.roa (raw, json)
Hash identifier:          /eCI99ZmNIiKwRY7vvpaOEsOgaaZqfy+IcxsXnJh7TI=
Subject key identifier:   B4:30:D8:C7:91:86:E1:8B:F5:CA:F4:13:4D:8E:3C:AF:3A:EA:D8:BB
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       4ED01987AF17FDA02D809041DE6AF2B335540EA7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fef4871d-8f06-498d-a62a-c8986b5cbc7b.roa
Signing time:             Thu 14 Dec 2023 00:00:00 +0000
ROA not before:           Thu 14 Dec 2023 00:00:00 +0000
ROA not after:            Thu 18 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:d0:19:87:af:17:fd:a0:2d:80:90:41:de:6a:f2:b3:35:54:0e:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 14 00:00:00 2023 GMT
            Not After : Jan 18 23:59:59 2024 GMT
        Subject: serialNumber=46917adef11657658f535a63c40f5ec1b620a508f1818b7e5eba486b8155b669, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2e:2e:9b:61:69:7f:6d:9a:95:5a:6f:18:fc:
                    c2:85:61:c4:9b:a4:3b:49:bd:39:c7:67:3a:9c:7a:
                    69:a5:06:8d:70:45:1f:92:97:3c:18:ec:1e:e1:c4:
                    7f:96:38:74:e7:bf:9c:fb:61:91:5e:fb:0e:6e:f5:
                    7c:46:f9:6b:ea:0f:6d:3d:98:4d:9c:3d:2e:d4:80:
                    c5:c3:32:88:9c:37:d1:84:b7:4d:4b:aa:f2:f7:ab:
                    bd:cd:e4:1a:f6:3e:9e:8c:a5:f2:79:04:01:86:c9:
                    e9:97:e4:97:c1:28:5f:b1:fe:aa:74:40:41:dc:b0:
                    93:a9:21:66:62:67:6a:76:36:a1:a5:49:49:48:13:
                    72:85:d9:3e:9c:67:08:5c:d1:bf:66:3f:c6:bb:4e:
                    a8:c3:bb:54:00:89:2d:8e:2a:ec:e9:42:8c:98:13:
                    b8:86:c5:01:35:96:00:d9:71:c4:dc:f2:7b:93:e6:
                    be:37:8a:c9:9e:3d:f6:c4:3e:e9:0c:7e:6e:e4:dc:
                    08:ce:ad:2d:28:74:df:ad:d6:a6:99:0c:06:a1:b0:
                    4a:a1:06:f2:7d:41:81:82:29:78:f7:60:55:3b:19:
                    63:57:00:15:13:26:56:19:72:59:11:81:03:3d:02:
                    54:76:03:ff:41:a1:58:9b:f8:c2:9c:a7:01:67:4f:
                    64:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:30:D8:C7:91:86:E1:8B:F5:CA:F4:13:4D:8E:3C:AF:3A:EA:D8:BB
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fef4871d-8f06-498d-a62a-c8986b5cbc7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:1b:23:d5:5a:f9:b8:e3:6f:c1:23:c7:35:5d:f7:02:4c:50:
         a3:08:16:7e:cb:b0:e7:8b:e0:38:4f:08:de:2b:27:c4:96:09:
         33:45:2e:a3:09:94:db:aa:b0:15:7d:2a:65:3f:e2:e5:20:00:
         ee:ed:14:80:d1:3f:96:d5:1b:5f:2e:14:33:66:58:b3:19:13:
         06:f3:cb:fb:a5:39:6a:0d:c4:88:df:c4:bf:c8:ce:e4:99:96:
         d3:8f:ed:7e:ba:3c:a3:24:90:87:bf:94:5e:60:5f:e5:25:6a:
         18:cb:f3:89:e5:02:2f:2e:81:5e:c8:71:2c:8e:71:c4:b2:13:
         6d:ab:3e:bf:cd:45:c8:76:75:72:51:c6:31:28:0d:ff:1a:f1:
         80:b9:74:e9:44:78:e9:41:de:8a:92:73:ba:41:f8:41:7b:4d:
         fa:a0:2d:24:85:c0:08:a2:ba:92:81:3a:9a:b0:f4:26:f3:fb:
         1e:1f:aa:db:86:df:8d:5e:08:76:90:05:04:fe:34:9e:fc:f7:
         56:75:3d:a2:ef:74:95:69:ff:3b:26:77:72:b0:e2:2a:23:8e:
         e5:d1:97:93:fe:d6:ad:0b:20:2b:99:6a:2a:69:f4:33:28:a2:
         64:a5:90:75:c6:8d:3a:3a:ba:d4:e4:99:e5:89:e8:28:b2:63:
         2c:57:82:ac
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTtAZh68X/aAtgJBB3mryszVUDqcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjE0MDAwMDAwWhcNMjQwMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NjkxN2FkZWYxMTY1NzY1OGY1MzVhNjNjNDBmNWVjMWI2
MjBhNTA4ZjE4MThiN2U1ZWJhNDg2YjgxNTViNjY5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDLi6bYWl/bZqVWm8Y/MKFYcSbpDtJvTnHZzqcemmlBo1w
RR+SlzwY7B7hxH+WOHTnv5z7YZFe+w5u9XxG+WvqD209mE2cPS7UgMXDMoicN9GE
t01LqvL3q73N5Br2Pp6MpfJ5BAGGyemX5JfBKF+x/qp0QEHcsJOpIWZiZ2p2NqGl
SUlIE3KF2T6cZwhc0b9mP8a7TqjDu1QAiS2OKuzpQoyYE7iGxQE1lgDZccTc8nuT
5r43ismePfbEPukMfm7k3AjOrS0odN+t1qaZDAahsEqhBvJ9QYGCKXj3YFU7GWNX
ABUTJlYZclkRgQM9AlR2A/9BoVib+MKcpwFnT2SNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtDDYx5GG4Yv1yvQTTY48rzrq2LswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZlZjQ4NzFkLThmMDYtNDk4ZC1hNjJhLWM4OTg2YjVjYmM3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKUbI9Va+bjjb8EjxzVd9wJMUKMI
Fn7LsOeL4DhPCN4rJ8SWCTNFLqMJlNuqsBV9KmU/4uUgAO7tFIDRP5bVG18uFDNm
WLMZEwbzy/ulOWoNxIjfxL/IzuSZltOP7X66PKMkkIe/lF5gX+UlahjL84nlAi8u
gV7IcSyOccSyE22rPr/NRch2dXJRxjEoDf8a8YC5dOlEeOlB3oqSc7pB+EF7Tfqg
LSSFwAiiupKBOpqw9Cbz+x4fqtuG341eCHaQBQT+NJ7891Z1PaLvdJVp/zsmd3Kw
4iojjuXRl5P+1q0LICuZaipp9DMoomSlkHXGjTo6utTkmeWJ6CiyYyxXgqw=
-----END CERTIFICATE-----