Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/730521c3-26c4-46ec-89bc-9a1447f405d5.roa
File:                     730521c3-26c4-46ec-89bc-9a1447f405d5.roa (raw, json)
Hash identifier:          li1UCa7OgRhEAu6tbnl5UMECF3Wc6jlk8ujjLjWyi0s=
Subject key identifier:   A8:B7:9C:D4:F6:57:8B:CF:AD:0B:83:B2:BF:F1:E1:19:28:65:63:D4
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       550A11FCDF60F16200DB5031BA37D2FA165E1996
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/730521c3-26c4-46ec-89bc-9a1447f405d5.roa
Signing time:             Tue 04 Jul 2023 00:00:00 +0000
ROA not before:           Tue 04 Jul 2023 00:00:00 +0000
ROA not after:            Tue 08 Aug 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:0a:11:fc:df:60:f1:62:00:db:50:31:ba:37:d2:fa:16:5e:19:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  4 00:00:00 2023 GMT
            Not After : Aug  8 23:59:59 2023 GMT
        Subject: serialNumber=40c251724e90b5f3aeaf545c8295d09df115d65551daa7d84ccbdbb1833d8b03, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ac:64:8e:d5:71:21:04:8b:6e:01:cb:c7:16:
                    58:94:02:4c:2c:eb:c1:f8:01:27:61:09:23:dc:ef:
                    d0:cc:ef:21:9e:d2:8d:38:50:ae:13:13:1b:22:d8:
                    67:da:cd:a5:08:ef:85:17:fb:b8:6c:7c:fd:4d:60:
                    84:94:47:0a:d5:7d:69:9d:b1:12:39:9f:e3:4a:4a:
                    66:7f:0e:55:21:f0:59:f2:fa:db:4c:25:0d:35:14:
                    c5:66:98:69:70:97:14:a8:a7:08:b8:18:ec:b7:22:
                    6a:ec:c8:2e:69:61:c0:a2:84:9a:a0:5b:25:5a:8b:
                    64:e2:a8:31:81:14:35:b2:87:f1:68:a2:5e:dc:b5:
                    09:af:54:3a:99:5c:4a:62:bd:78:c4:1f:f9:6e:29:
                    a5:8b:9b:7e:b0:a5:4b:d1:c9:95:ea:68:19:56:74:
                    48:9a:db:3e:90:79:f8:aa:95:e9:ca:a2:87:5c:c8:
                    cd:c9:f4:e1:81:65:34:4f:1b:01:89:4c:e5:32:ca:
                    e9:24:03:a2:39:60:d2:88:12:e2:11:85:26:d2:a7:
                    48:7c:e9:97:f1:bb:ad:21:37:14:c7:db:e7:73:4f:
                    6d:73:b8:06:69:16:e7:1d:6f:26:58:1e:24:04:d1:
                    e0:a4:be:d9:c4:2c:e1:d9:39:31:28:4f:4f:a6:3f:
                    aa:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:B7:9C:D4:F6:57:8B:CF:AD:0B:83:B2:BF:F1:E1:19:28:65:63:D4
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/730521c3-26c4-46ec-89bc-9a1447f405d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:d4:fb:78:3d:e1:ac:9f:0a:46:bb:34:d2:89:a0:93:bc:f2:
         71:06:0c:4c:2f:c5:ae:f3:50:36:f4:ae:ff:2b:ac:1b:92:79:
         45:13:a1:a9:f1:43:77:63:30:29:e5:10:31:eb:bc:75:a9:31:
         69:65:8a:1a:97:dd:a3:4e:98:0d:5c:83:17:db:e3:59:f1:30:
         db:0d:15:94:a5:96:cf:db:ee:ce:bb:6c:06:4f:5a:9d:6d:ab:
         e4:9e:1d:23:4f:5d:43:aa:49:92:43:92:02:2b:aa:05:54:b2:
         63:10:43:df:bb:0f:16:67:8f:29:ba:42:71:09:ec:df:e2:11:
         f7:c2:59:08:ce:e4:4b:db:27:17:8d:e3:33:27:34:cd:90:80:
         eb:70:cb:5c:b6:f8:fc:c8:69:0e:b3:d2:de:94:eb:72:db:64:
         e6:ad:d7:b8:42:35:35:75:60:b9:33:91:c6:36:b6:d5:59:5a:
         7d:b9:79:49:f2:73:1c:61:d5:ba:59:e5:fd:d7:9a:da:7b:7b:
         d8:e6:06:0e:db:c6:b4:cf:f3:f0:15:bf:5a:c6:eb:54:69:15:
         7d:4e:e8:cc:92:18:75:99:4f:1c:9d:10:b1:ae:91:a0:29:ab:
         95:20:67:56:24:8a:69:18:25:8d:95:52:52:72:24:33:97:a9:
         a8:66:3f:3d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVQoR/N9g8WIA21AxujfS+hZeGZYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzA0MDAwMDAwWhcNMjMwODA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MGMyNTE3MjRlOTBiNWYzYWVhZjU0NWM4Mjk1ZDA5ZGYx
MTVkNjU1NTFkYWE3ZDg0Y2NiZGJiMTgzM2Q4YjAzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCprGSO1XEhBItuAcvHFliUAkws68H4ASdhCSPc79DM7yGe
0o04UK4TExsi2GfazaUI74UX+7hsfP1NYISURwrVfWmdsRI5n+NKSmZ/DlUh8Fny
+ttMJQ01FMVmmGlwlxSopwi4GOy3ImrsyC5pYcCihJqgWyVai2TiqDGBFDWyh/Fo
ol7ctQmvVDqZXEpivXjEH/luKaWLm36wpUvRyZXqaBlWdEia2z6QefiqlenKoodc
yM3J9OGBZTRPGwGJTOUyyukkA6I5YNKIEuIRhSbSp0h86Zfxu60hNxTH2+dzT21z
uAZpFucdbyZYHiQE0eCkvtnELOHZOTEoT0+mP6rHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqLec1PZXi8+tC4Oyv/HhGShlY9QwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzczMDUyMWMzLTI2YzQtNDZlYy04OWJjLTlhMTQ0N2Y0MDVkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFHU+3g94ayfCka7NNKJoJO88nEG
DEwvxa7zUDb0rv8rrBuSeUUToanxQ3djMCnlEDHrvHWpMWllihqX3aNOmA1cgxfb
41nxMNsNFZSlls/b7s67bAZPWp1tq+SeHSNPXUOqSZJDkgIrqgVUsmMQQ9+7DxZn
jym6QnEJ7N/iEffCWQjO5EvbJxeN4zMnNM2QgOtwy1y2+PzIaQ6z0t6U63LbZOat
17hCNTV1YLkzkcY2ttVZWn25eUnycxxh1bpZ5f3Xmtp7e9jmBg7bxrTP8/AVv1rG
61RpFX1O6MySGHWZTxydELGukaApq5UgZ1YkimkYJY2VUlJyJDOXqahmPz0=
-----END CERTIFICATE-----