Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fcd0ff0c-fed8-4d72-b30b-10e4b131ea50.roa
File:                     fcd0ff0c-fed8-4d72-b30b-10e4b131ea50.roa (raw, json)
Hash identifier:          enqPksBaJ/NjjJtTuXlWUEr8QyG0OoMrGntBHNT588c=
Subject key identifier:   83:85:20:A8:36:9D:99:63:45:F8:AF:2E:00:80:B7:1E:10:24:EC:67
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       52B54D5DC396B46C54FD01916F6DE2DEF6E7DCB4
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fcd0ff0c-fed8-4d72-b30b-10e4b131ea50.roa
Signing time:             Fri 13 Oct 2023 00:00:00 +0000
ROA not before:           Fri 13 Oct 2023 00:00:00 +0000
ROA not after:            Fri 17 Nov 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:b5:4d:5d:c3:96:b4:6c:54:fd:01:91:6f:6d:e2:de:f6:e7:dc:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct 13 00:00:00 2023 GMT
            Not After : Nov 17 23:59:59 2023 GMT
        Subject: serialNumber=3cbd9eb17e1e3e02c64f19927f50e8b520329a39cc40d1c7074de883fe9a3404, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:04:a0:a1:c4:6d:3b:f5:e5:65:dd:be:ff:0b:
                    68:55:aa:bd:f0:6a:83:ca:2f:44:7f:9a:e9:e3:b5:
                    75:62:8e:18:85:fd:4d:94:48:c6:5a:a4:3d:4a:65:
                    2e:fe:fa:3e:84:8d:bb:b0:70:ea:ed:a2:e6:c1:6e:
                    9c:8f:3a:58:d7:24:07:d3:13:dc:f6:34:8f:b6:18:
                    70:25:ea:4d:92:ea:b9:5b:1b:23:61:2f:db:72:15:
                    e7:1a:9b:a5:f4:8b:24:18:6f:a4:f4:20:89:fc:56:
                    64:5c:04:b1:59:07:9d:ad:02:eb:2c:dd:56:c1:0d:
                    d3:d2:da:2a:74:bb:69:e6:d9:b7:67:71:b5:01:4e:
                    50:00:d3:27:2e:61:c3:d8:f4:c9:54:fa:d7:71:86:
                    11:83:f9:92:b1:72:5c:f1:b8:37:a2:83:76:1a:6d:
                    3b:23:f0:97:6c:56:7b:5f:ab:1d:69:91:ab:cb:e8:
                    9d:6b:e5:84:30:6c:81:d4:d1:0d:07:67:59:b8:d4:
                    fa:91:f6:c1:c5:42:14:39:2f:51:96:68:4d:7d:82:
                    81:cd:02:30:e1:d2:b1:57:45:68:6e:7e:de:3b:b9:
                    ae:cf:6e:ae:3c:a0:1a:a8:1c:83:51:ca:8e:43:89:
                    a7:43:87:f7:91:17:c7:0e:71:f5:61:5b:83:a8:b0:
                    2b:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:85:20:A8:36:9D:99:63:45:F8:AF:2E:00:80:B7:1E:10:24:EC:67
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fcd0ff0c-fed8-4d72-b30b-10e4b131ea50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:af:06:06:4e:79:fd:90:7f:7e:a3:f4:88:08:e4:74:12:86:
         3a:7b:23:bf:39:da:4e:f8:bd:22:65:1c:f7:c8:9a:7f:de:8e:
         f5:5e:c9:fe:4d:76:87:04:7e:6a:81:4b:88:d5:ee:80:fe:bf:
         ee:a2:21:13:f5:6c:2d:6b:4d:ba:e0:8f:96:02:ee:16:d3:39:
         c6:1a:36:a9:bc:f4:32:7b:0e:b7:5f:fa:65:0a:e1:c5:ee:e1:
         2e:75:8b:fe:9d:af:91:2d:98:61:f7:c2:7e:f4:b6:77:b6:48:
         f9:c0:79:d1:bd:2b:a3:7b:d2:3e:f7:5f:ea:da:a8:30:23:6a:
         c4:81:cd:cb:eb:aa:76:b2:40:be:5f:ef:f2:c2:af:48:b6:00:
         91:73:73:a5:b7:10:69:5f:6b:7d:a2:73:8b:74:40:b4:69:a7:
         86:a3:c6:ce:a0:0f:b5:91:99:e0:3f:2d:05:8b:b5:fd:8f:57:
         61:a3:2f:6a:0a:97:72:fa:fd:e3:2c:c5:9d:35:76:a1:ad:35:
         00:dd:41:9f:4f:e3:29:e9:52:fe:52:f3:51:41:45:25:14:ea:
         ae:41:58:67:38:65:26:41:55:44:17:9e:4f:aa:78:9e:05:27:
         f4:fe:2a:9d:10:37:b5:28:61:dc:41:fd:5a:1d:f0:f2:21:f7:
         f8:3d:11:a8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUrVNXcOWtGxU/QGRb23i3vbn3LQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMDEzMDAwMDAwWhcNMjMxMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzY2JkOWViMTdlMWUzZTAyYzY0ZjE5OTI3ZjUwZThiNTIw
MzI5YTM5Y2M0MGQxYzcwNzRkZTg4M2ZlOWEzNDA0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZBKChxG079eVl3b7/C2hVqr3waoPKL0R/munjtXVijhiF
/U2USMZapD1KZS7++j6EjbuwcOrtoubBbpyPOljXJAfTE9z2NI+2GHAl6k2S6rlb
GyNhL9tyFecam6X0iyQYb6T0IIn8VmRcBLFZB52tAuss3VbBDdPS2ip0u2nm2bdn
cbUBTlAA0ycuYcPY9MlU+tdxhhGD+ZKxclzxuDeig3YabTsj8JdsVntfqx1pkavL
6J1r5YQwbIHU0Q0HZ1m41PqR9sHFQhQ5L1GWaE19goHNAjDh0rFXRWhuft47ua7P
bq48oBqoHINRyo5DiadDh/eRF8cOcfVhW4OosCutAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUg4UgqDadmWNF+K8uAIC3HhAk7GcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZjZDBmZjBjLWZlZDgtNGQ3Mi1iMzBiLTEwZTRiMTMxZWE1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHavBgZOef2Qf36j9IgI5HQShjp7
I7852k74vSJlHPfImn/ejvVeyf5NdocEfmqBS4jV7oD+v+6iIRP1bC1rTbrgj5YC
7hbTOcYaNqm89DJ7Drdf+mUK4cXu4S51i/6dr5EtmGH3wn70tne2SPnAedG9K6N7
0j73X+raqDAjasSBzcvrqnayQL5f7/LCr0i2AJFzc6W3EGlfa32ic4t0QLRpp4aj
xs6gD7WRmeA/LQWLtf2PV2GjL2oKl3L6/eMsxZ01dqGtNQDdQZ9P4ynpUv5S81FB
RSUU6q5BWGc4ZSZBVUQXnk+qeJ4FJ/T+Kp0QN7UoYdxB/Vod8PIh9/g9Eag=
-----END CERTIFICATE-----