Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/114c885e-829e-45d1-ba71-ea387dd4482d.roa
File:                     114c885e-829e-45d1-ba71-ea387dd4482d.roa (raw, json)
Hash identifier:          Gv+oKgMIV7ixoxybIHWJFW4pxIHjiIJYznTtZOujm7Q=
Subject key identifier:   3B:77:D8:0C:36:5B:04:62:83:C2:CE:4E:95:BF:29:6C:14:B4:FB:23
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       11EB787713687C3A64522B69BA49023E535CD2AC
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/114c885e-829e-45d1-ba71-ea387dd4482d.roa
Signing time:             Fri 15 Sep 2023 00:00:00 +0000
ROA not before:           Fri 15 Sep 2023 00:00:00 +0000
ROA not after:            Fri 20 Oct 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:eb:78:77:13:68:7c:3a:64:52:2b:69:ba:49:02:3e:53:5c:d2:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 15 00:00:00 2023 GMT
            Not After : Oct 20 23:59:59 2023 GMT
        Subject: serialNumber=2e95abc7bb085b2c105a75396d668b91b2d37fd62362c8409bca265faa462e8a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:10:9d:1f:e9:24:df:18:32:9a:80:23:7f:24:
                    5b:e8:54:de:58:cf:52:2a:50:5c:63:ce:cd:9c:d6:
                    3d:5c:93:79:2a:ad:e3:3d:59:34:3e:61:52:84:eb:
                    ce:e8:11:52:b7:4b:1b:b6:ce:b6:72:8c:b0:3c:00:
                    f6:bc:03:bd:5d:50:c5:be:8c:4a:4e:aa:c4:37:e6:
                    49:7d:9c:2d:0f:ed:7f:82:f2:ee:46:26:fb:be:a1:
                    be:c6:43:d5:30:35:e8:bd:6a:c3:32:10:43:ca:7e:
                    ab:41:fa:2e:e5:db:fc:0c:9d:70:ca:45:99:f2:5a:
                    b7:19:fc:04:67:55:0d:72:ab:92:3c:e5:43:85:ca:
                    f0:42:57:13:0d:63:40:85:91:38:2a:22:77:c4:88:
                    af:01:63:90:e1:d2:b0:20:8a:c5:df:4e:54:46:cd:
                    10:37:a9:31:82:c7:37:64:2c:21:b0:d8:6f:bf:e9:
                    11:9b:71:e8:72:fb:3f:45:04:71:36:de:bf:18:91:
                    99:42:cb:f2:9a:14:6f:00:5a:2b:db:07:2a:c9:f4:
                    15:16:3c:60:f4:54:78:84:77:fb:56:f6:d5:da:84:
                    0c:72:f0:6d:84:c5:d2:0b:cc:f6:69:8d:f4:8f:6b:
                    f0:60:bc:ec:a0:e4:3f:92:8b:85:90:6e:34:eb:61:
                    ea:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:77:D8:0C:36:5B:04:62:83:C2:CE:4E:95:BF:29:6C:14:B4:FB:23
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/114c885e-829e-45d1-ba71-ea387dd4482d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:75:d2:a7:45:bb:73:fe:10:b4:0a:41:23:ad:40:66:28:62:
         da:b8:be:cb:8f:e8:2f:3f:9f:1e:e3:5a:e3:f0:5f:21:c7:4f:
         d5:30:a4:b6:64:d3:d5:1c:4f:8d:6e:97:56:41:14:99:a1:a4:
         8e:35:b9:3b:21:3a:a5:08:9c:6d:75:71:18:03:79:0d:48:2e:
         3c:31:96:4a:03:d4:60:12:c6:9a:ca:b2:76:6a:8e:1d:0b:6b:
         37:cc:4b:52:2e:e7:1a:c5:26:07:73:dc:a5:67:f6:d7:46:b9:
         28:59:ad:19:e3:a7:73:0b:cd:57:a8:57:25:2c:91:85:f4:ee:
         f1:1d:d0:4e:88:77:91:d4:4b:bb:44:51:91:c6:59:f9:e1:2b:
         9f:97:3e:14:88:86:d8:ec:34:1c:ec:73:19:ec:a1:6e:a8:45:
         f2:b7:d9:67:00:85:f5:a5:7a:11:e3:05:48:42:10:83:e0:83:
         2f:2b:33:00:4a:04:ed:3b:b6:70:d7:67:8a:48:71:ea:bd:90:
         f0:dc:e6:59:f3:e7:89:aa:ee:77:34:8f:b2:35:29:e9:68:7e:
         9c:a8:23:b3:98:49:a1:46:cd:b5:02:0e:e9:06:e2:66:d8:40:
         71:50:b5:8b:71:6e:a7:86:a9:b3:95:31:5c:01:a4:55:11:f7:
         44:22:d0:47
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEet4dxNofDpkUitpukkCPlNc0qwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwOTE1MDAwMDAwWhcNMjMxMDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZTk1YWJjN2JiMDg1YjJjMTA1YTc1Mzk2ZDY2OGI5MWIy
ZDM3ZmQ2MjM2MmM4NDA5YmNhMjY1ZmFhNDYyZThhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxEJ0f6STfGDKagCN/JFvoVN5Yz1IqUFxjzs2c1j1ck3kq
reM9WTQ+YVKE687oEVK3Sxu2zrZyjLA8APa8A71dUMW+jEpOqsQ35kl9nC0P7X+C
8u5GJvu+ob7GQ9UwNei9asMyEEPKfqtB+i7l2/wMnXDKRZnyWrcZ/ARnVQ1yq5I8
5UOFyvBCVxMNY0CFkTgqInfEiK8BY5Dh0rAgisXfTlRGzRA3qTGCxzdkLCGw2G+/
6RGbcehy+z9FBHE23r8YkZlCy/KaFG8AWivbByrJ9BUWPGD0VHiEd/tW9tXahAxy
8G2ExdILzPZpjfSPa/BgvOyg5D+Si4WQbjTrYep/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUO3fYDDZbBGKDws5Olb8pbBS0+yMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzExNGM4ODVlLTgyOWUtNDVkMS1iYTcxLWVhMzg3ZGQ0NDgyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKJ10qdFu3P+ELQKQSOtQGYoYtq4
vsuP6C8/nx7jWuPwXyHHT9UwpLZk09UcT41ul1ZBFJmhpI41uTshOqUInG11cRgD
eQ1ILjwxlkoD1GASxprKsnZqjh0LazfMS1Iu5xrFJgdz3KVn9tdGuShZrRnjp3ML
zVeoVyUskYX07vEd0E6Id5HUS7tEUZHGWfnhK5+XPhSIhtjsNBzscxnsoW6oRfK3
2WcAhfWlehHjBUhCEIPggy8rMwBKBO07tnDXZ4pIceq9kPDc5lnz54mq7nc0j7I1
KelofpyoI7OYSaFGzbUCDukG4mbYQHFQtYtxbqeGqbOVMVwBpFUR90Qi0Ec=
-----END CERTIFICATE-----