Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2bfe3883-e232-4f55-a8c6-933e4110fa8e.roa
File:                     2bfe3883-e232-4f55-a8c6-933e4110fa8e.roa (raw, json)
Hash identifier:          kqOe9Ha2dgvz2TZ5wNzEANUhZ8tiNXU3O19BJAoPYJg=
Subject key identifier:   91:D7:21:33:AB:46:C0:72:A6:7C:64:A2:6A:E2:CB:CF:E5:8F:8A:27
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       05AF59868FE33EA1BB58B66EE3AE5165C0B2EE24
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2bfe3883-e232-4f55-a8c6-933e4110fa8e.roa
Signing time:             Sat 29 Jul 2023 00:00:00 +0000
ROA not before:           Sat 29 Jul 2023 00:00:00 +0000
ROA not after:            Sat 02 Sep 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:af:59:86:8f:e3:3e:a1:bb:58:b6:6e:e3:ae:51:65:c0:b2:ee:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 29 00:00:00 2023 GMT
            Not After : Sep  2 23:59:59 2023 GMT
        Subject: serialNumber=95b20db3c6bc3752f66a483ab7874bf728e854ebbfabec70a0698973fe04387d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:89:2b:60:11:b5:33:a6:de:79:2d:ce:e3:02:
                    fb:a5:f5:a9:74:52:fc:47:d4:75:e6:d7:c7:55:b3:
                    e4:df:12:2b:59:9b:65:7a:c0:ba:b3:4c:95:50:62:
                    f3:d9:34:1b:e2:7d:11:cd:70:3f:b8:b6:7b:a7:d3:
                    6e:79:89:2e:61:84:90:60:94:82:24:0a:88:6c:c3:
                    08:7e:ce:c8:7c:4c:6a:b9:0d:c7:6a:60:8b:92:a2:
                    2e:a9:26:dc:62:56:ff:e9:5c:2b:04:c8:5c:2e:c9:
                    6f:92:37:9d:2d:29:a1:4a:9f:16:5e:41:f1:84:b9:
                    2b:03:68:9e:f7:e7:35:ba:05:98:53:84:6e:5d:18:
                    f3:62:f8:5d:bc:84:75:6e:b0:ad:25:7a:09:e8:96:
                    31:3c:00:64:5a:e5:0f:30:1b:83:fa:ad:09:77:71:
                    85:b5:fb:10:1b:0b:e0:b4:a2:20:40:91:0d:5f:f0:
                    c1:10:b1:96:65:05:77:87:f2:4a:f3:bd:2a:86:7a:
                    d8:e0:c8:bf:bb:a2:60:e4:87:a4:b7:b2:ea:03:65:
                    82:76:4b:0e:44:8d:d0:97:76:ec:a0:fc:52:22:ef:
                    df:37:1f:a4:d8:68:1e:49:b5:ec:18:13:ad:39:83:
                    c6:de:03:0a:55:55:c7:96:ec:59:a6:c3:f3:50:54:
                    19:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D7:21:33:AB:46:C0:72:A6:7C:64:A2:6A:E2:CB:CF:E5:8F:8A:27
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2bfe3883-e232-4f55-a8c6-933e4110fa8e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:8e:33:13:09:db:26:85:94:cd:c0:1e:86:07:89:2a:08:e8:
         47:5b:34:e9:0b:c2:b9:cc:65:c5:14:41:cb:99:82:4c:6e:a9:
         37:ab:c6:ef:03:70:a8:04:c1:fd:80:58:a3:5c:e4:72:90:f1:
         8a:40:08:2f:46:f9:98:e1:c7:37:fa:56:9f:85:3d:50:54:72:
         7f:03:08:a9:45:44:19:d5:e1:8f:d7:0d:40:ac:8e:fb:85:d7:
         73:c0:b6:39:8b:b2:f2:11:4e:e4:7a:e6:16:aa:51:bc:6f:9a:
         0e:e1:8e:b8:6b:d1:90:18:10:1d:27:a4:18:95:11:96:0d:63:
         2b:a4:b0:fa:71:0a:94:42:ee:f0:04:33:34:32:2c:c7:2b:7e:
         e3:1b:33:0a:3a:ee:09:78:21:0f:cf:75:2a:23:b9:ab:34:63:
         ba:cd:98:da:3f:31:28:60:cb:a3:fa:05:ea:38:77:b7:95:06:
         7b:b6:3d:09:6a:d5:02:fe:8f:88:11:a3:d3:67:05:c1:05:fc:
         c4:fa:2f:fe:7b:64:8b:4e:be:fb:61:34:8e:2d:95:f5:61:aa:
         f5:ee:95:a4:55:96:e5:0c:82:ce:da:de:e0:6d:ae:4c:d3:05:
         99:43:e5:dd:fb:89:f0:9a:2f:a9:71:70:b3:d2:60:96:bd:c7:
         5d:91:17:8f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBa9Zho/jPqG7WLZu465RZcCy7iQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzI5MDAwMDAwWhcNMjMwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NWIyMGRiM2M2YmMzNzUyZjY2YTQ4M2FiNzg3NGJmNzI4
ZTg1NGViYmZhYmVjNzBhMDY5ODk3M2ZlMDQzODdkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/iStgEbUzpt55Lc7jAvul9al0UvxH1HXm18dVs+TfEitZ
m2V6wLqzTJVQYvPZNBvifRHNcD+4tnun0255iS5hhJBglIIkCohswwh+zsh8TGq5
DcdqYIuSoi6pJtxiVv/pXCsEyFwuyW+SN50tKaFKnxZeQfGEuSsDaJ735zW6BZhT
hG5dGPNi+F28hHVusK0legnoljE8AGRa5Q8wG4P6rQl3cYW1+xAbC+C0oiBAkQ1f
8MEQsZZlBXeH8krzvSqGetjgyL+7omDkh6S3suoDZYJ2Sw5EjdCXduyg/FIi7983
H6TYaB5JtewYE605g8beAwpVVceW7Fmmw/NQVBlnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkdchM6tGwHKmfGSiauLLz+WPiicwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJiZmUzODgzLWUyMzItNGY1NS1hOGM2LTkzM2U0MTEwZmE4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAKOMxMJ2yaFlM3AHoYHiSoI6Edb
NOkLwrnMZcUUQcuZgkxuqTerxu8DcKgEwf2AWKNc5HKQ8YpACC9G+Zjhxzf6Vp+F
PVBUcn8DCKlFRBnV4Y/XDUCsjvuF13PAtjmLsvIRTuR65haqUbxvmg7hjrhr0ZAY
EB0npBiVEZYNYyuksPpxCpRC7vAEMzQyLMcrfuMbMwo67gl4IQ/PdSojuas0Y7rN
mNo/MShgy6P6Beo4d7eVBnu2PQlq1QL+j4gRo9NnBcEF/MT6L/57ZItOvvthNI4t
lfVhqvXulaRVluUMgs7a3uBtrkzTBZlD5d37ifCaL6lxcLPSYJa9x12RF48=
-----END CERTIFICATE-----