Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb448b03-7231-4ddb-8314-4c657e76421f.roa
File:                     fb448b03-7231-4ddb-8314-4c657e76421f.roa (raw, json)
Hash identifier:          dZMkMEPtCH9bzHqRLxzBonOMpq+tPByr+0vhua/mxvg=
Subject key identifier:   0C:8F:11:46:06:44:4B:F9:CC:79:63:59:15:73:0B:D0:2E:96:03:6C
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       75E256F894DCDA7D5CC713F11CE0736A40B6E804
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb448b03-7231-4ddb-8314-4c657e76421f.roa
Signing time:             Wed 25 Oct 2023 00:00:00 +0000
ROA not before:           Wed 25 Oct 2023 00:00:00 +0000
ROA not after:            Wed 29 Nov 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:e2:56:f8:94:dc:da:7d:5c:c7:13:f1:1c:e0:73:6a:40:b6:e8:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct 25 00:00:00 2023 GMT
            Not After : Nov 29 23:59:59 2023 GMT
        Subject: serialNumber=55bea6cb5d8b719ba3de3150c670ac1b43292dc416d305a51f3042624f082d6e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d2:ad:94:23:0d:00:ff:38:6e:31:8a:19:c7:
                    19:d8:b5:5d:8f:4f:e8:8c:23:10:f7:fc:75:1e:c3:
                    fc:03:1b:5a:e6:de:83:42:59:63:d7:9c:bf:59:72:
                    ca:89:2c:ad:69:df:81:f9:06:32:cf:0e:c1:bb:a3:
                    97:b6:78:80:10:54:5b:b3:48:17:f7:96:37:39:cb:
                    ad:57:11:89:92:a5:bd:44:d9:18:82:f9:8b:30:a3:
                    0e:6d:d3:0c:a9:a6:2a:e2:e0:9c:c8:6b:b6:c8:d2:
                    76:c7:15:f2:41:ce:19:b6:ac:b2:96:6e:54:4f:38:
                    59:70:8a:49:12:10:23:f7:60:9d:6e:46:44:45:dc:
                    74:10:5b:11:6c:58:58:34:b6:90:6f:04:da:1f:3f:
                    9b:fb:69:c8:f7:26:64:ad:4b:72:ef:df:43:1f:54:
                    2a:7c:d0:d7:a9:b7:4e:53:3c:5e:d6:fb:60:8a:ea:
                    9b:e2:fd:af:ef:60:a7:d0:5e:a1:b3:9a:d8:52:0c:
                    db:b8:be:55:82:64:fe:2e:7f:7c:f7:7b:b4:7a:94:
                    a0:28:8c:2f:3d:8d:52:19:73:f6:87:44:86:ed:8b:
                    96:5d:69:32:18:ae:d1:73:38:8f:a0:14:01:81:de:
                    84:37:35:ff:00:cf:f9:7d:f8:49:e3:ff:47:18:8b:
                    69:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:8F:11:46:06:44:4B:F9:CC:79:63:59:15:73:0B:D0:2E:96:03:6C
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fb448b03-7231-4ddb-8314-4c657e76421f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:cc:d5:04:62:70:1b:ab:a2:9d:5f:26:73:0e:42:ca:f3:19:
         81:c7:fc:b2:c9:79:06:20:a1:c1:2c:0d:fb:6d:34:cd:9e:48:
         22:49:84:47:3f:8b:c5:c2:3a:c8:59:43:cd:63:80:7c:0b:61:
         c2:bf:25:7a:25:73:55:1e:02:c2:6d:11:93:75:78:81:d6:dd:
         ab:30:ed:4d:f0:2f:b0:31:9d:5e:72:a7:cc:ae:7a:98:af:32:
         0e:a2:82:1a:4a:54:83:89:58:2c:d6:23:74:a9:b8:8b:a3:ec:
         7b:a0:3d:5c:be:7f:bf:79:83:7d:ea:74:23:50:ae:a2:00:f7:
         d4:0e:9b:38:ec:a9:a7:ed:4d:a7:79:3d:db:ff:ec:7a:ea:aa:
         76:f5:33:df:a9:2f:0b:0b:b3:ba:e7:28:6f:36:46:a7:1d:12:
         57:7b:1d:c7:17:7a:f1:fa:12:04:a6:0d:c6:ae:fc:50:1d:43:
         b5:7f:4d:4d:68:6b:47:3f:d1:a1:51:c3:30:cf:d8:77:4e:76:
         e0:71:dc:fe:42:0b:65:55:69:3d:1c:0b:5f:5b:ff:27:c5:dd:
         7e:cb:d9:44:21:8b:c0:26:95:08:ca:88:ab:92:3c:ea:b5:2f:
         e0:2f:a3:65:42:0d:ac:6c:36:fb:69:46:c5:6d:cc:38:51:f8:
         d9:12:89:f5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdeJW+JTc2n1cxxPxHOBzakC26AQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDI1MDAwMDAwWhcNMjMxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NWJlYTZjYjVkOGI3MTliYTNkZTMxNTBjNjcwYWMxYjQz
MjkyZGM0MTZkMzA1YTUxZjMwNDI2MjRmMDgyZDZlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr0q2UIw0A/zhuMYoZxxnYtV2PT+iMIxD3/HUew/wDG1rm
3oNCWWPXnL9ZcsqJLK1p34H5BjLPDsG7o5e2eIAQVFuzSBf3ljc5y61XEYmSpb1E
2RiC+Yswow5t0wyppiri4JzIa7bI0nbHFfJBzhm2rLKWblRPOFlwikkSECP3YJ1u
RkRF3HQQWxFsWFg0tpBvBNofP5v7acj3JmStS3Lv30MfVCp80Nept05TPF7W+2CK
6pvi/a/vYKfQXqGzmthSDNu4vlWCZP4uf3z3e7R6lKAojC89jVIZc/aHRIbti5Zd
aTIYrtFzOI+gFAGB3oQ3Nf8Az/l9+Enj/0cYi2lPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDI8RRgZES/nMeWNZFXML0C6WA2wwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZiNDQ4YjAzLTcyMzEtNGRkYi04MzE0LTRjNjU3ZTc2NDIxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAK3M1QRicBurop1fJnMOQsrzGYHH
/LLJeQYgocEsDfttNM2eSCJJhEc/i8XCOshZQ81jgHwLYcK/JXolc1UeAsJtEZN1
eIHW3asw7U3wL7AxnV5yp8yuepivMg6ighpKVIOJWCzWI3SpuIuj7HugPVy+f795
g33qdCNQrqIA99QOmzjsqaftTad5Pdv/7Hrqqnb1M9+pLwsLs7rnKG82RqcdEld7
HccXevH6EgSmDcau/FAdQ7V/TU1oa0c/0aFRwzDP2HdOduBx3P5CC2VVaT0cC19b
/yfF3X7L2UQhi8AmlQjKiKuSPOq1L+Avo2VCDaxsNvtpRsVtzDhR+NkSifU=
-----END CERTIFICATE-----