Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e58152a-9a50-462b-994b-ee9da0b6363c.roa
File:                     2e58152a-9a50-462b-994b-ee9da0b6363c.roa (raw, json)
Hash identifier:          kSJxMki9D24pvdWSWPhsDsky8qIoI5BALutpI4oxU2Q=
Subject key identifier:   C2:F6:2E:E4:42:D4:A0:22:1B:13:09:0C:9B:24:67:86:F6:83:1D:B9
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       090419B28DE86CE534D5564DD4E63CCE18A74EE2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e58152a-9a50-462b-994b-ee9da0b6363c.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da60:40c0::/46 maxlen: 46
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:04:19:b2:8d:e8:6c:e5:34:d5:56:4d:d4:e6:3c:ce:18:a7:4e:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=aee2a33d6aab518bdc5d7bdcc32e10a035e5a328ab91330ef4432d91055f554f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:88:a0:e8:5e:96:8e:0e:fe:09:42:a2:f9:39:
                    5e:86:57:f6:77:7b:c0:29:40:d9:cd:b0:75:ac:5f:
                    10:c6:fd:32:17:60:42:14:68:ff:d9:19:92:be:61:
                    f2:fe:1d:9d:f0:3b:4b:ff:96:2a:61:4b:4b:b8:c2:
                    68:6f:14:1f:a7:37:42:2d:9d:3c:0f:a1:23:c1:aa:
                    c0:69:f4:f5:2a:5c:ad:a0:6f:c3:31:45:b4:b4:a5:
                    89:90:28:eb:f6:5c:a5:44:1c:1f:86:15:87:37:96:
                    c8:68:2d:66:52:57:10:6c:85:14:79:8e:fa:de:53:
                    30:33:be:82:df:d1:ac:63:79:05:9a:25:95:ca:2f:
                    ae:70:0b:c9:22:6e:30:f9:99:85:67:87:5c:3d:11:
                    ad:99:f5:ac:e1:d8:e5:5c:c4:98:f9:11:30:eb:f1:
                    5a:72:44:21:fa:0d:c2:7f:2e:3e:2d:8b:6c:b6:e1:
                    7e:28:93:12:6d:a3:75:5f:92:10:06:09:9c:1c:f6:
                    d5:b7:34:d4:44:45:8f:93:d4:34:bf:38:c5:a1:9f:
                    ab:dc:3e:42:83:74:12:e8:88:1b:27:bf:19:7c:7b:
                    2a:dd:3b:32:af:a0:0c:53:4c:ed:e9:62:56:b6:77:
                    6a:0f:dc:61:ae:24:99:de:77:84:2d:dc:f4:8e:98:
                    d4:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:F6:2E:E4:42:D4:A0:22:1B:13:09:0C:9B:24:67:86:F6:83:1D:B9
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e58152a-9a50-462b-994b-ee9da0b6363c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da60:40c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         65:86:96:49:5e:2f:d5:03:90:7d:3b:86:d9:35:d4:a5:2e:04:
         a4:79:22:19:f1:22:a8:58:b9:50:1a:70:25:3e:ed:22:9b:fc:
         6d:a7:7e:22:5b:42:e1:6b:4a:57:65:5f:b6:2c:12:2a:d1:f4:
         df:5e:c3:0c:95:cb:f3:bb:27:50:73:40:d3:42:8a:86:48:80:
         ba:9b:09:9b:0a:26:7e:e4:cd:e4:85:f7:07:93:21:4e:c5:b3:
         71:72:de:6c:e5:27:65:e8:b6:01:3d:8b:6f:8a:ba:09:53:43:
         88:4a:0e:bd:fa:f2:27:7a:d8:49:53:2f:bc:91:4f:25:a5:0c:
         ca:f0:d6:6c:f5:9a:a4:21:b5:54:5c:c4:fe:d8:12:dd:92:88:
         8a:91:61:a3:cc:29:70:49:ef:8d:76:c1:64:e0:89:a3:7e:dc:
         d5:93:87:13:31:6f:95:8f:9e:82:78:c5:6d:77:50:d3:60:35:
         b7:3a:a2:48:c7:95:2c:6f:ea:9c:bd:1d:cb:93:61:8d:fa:96:
         9c:e7:0a:e0:5c:8e:e9:22:fd:44:4b:b1:cd:56:81:3a:fc:99:
         41:0f:fd:92:9d:c5:3a:ef:bd:83:41:34:27:51:c2:32:82:8a:
         e8:62:87:be:44:1e:12:0d:c5:85:f9:4c:01:38:55:1a:9e:c8:
         06:9f:41:d3
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUCQQZso3obOU01VZN1OY8zhinTuIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYWVlMmEzM2Q2YWFiNTE4YmRjNWQ3
YmRjYzMyZTEwYTAzNWU1YTMyOGFiOTEzMzBlZjQ0MzJkOTEwNTVmNTU0ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4ig6F6Wjg7+CUKi+Tlehlf2d3vA
KUDZzbB1rF8Qxv0yF2BCFGj/2RmSvmHy/h2d8DtL/5YqYUtLuMJobxQfpzdCLZ08
D6EjwarAafT1KlytoG/DMUW0tKWJkCjr9lylRBwfhhWHN5bIaC1mUlcQbIUUeY76
3lMwM76C39GsY3kFmiWVyi+ucAvJIm4w+ZmFZ4dcPRGtmfWs4djlXMSY+REw6/Fa
ckQh+g3Cfy4+LYtstuF+KJMSbaN1X5IQBgmcHPbVtzTUREWPk9Q0vzjFoZ+r3D5C
g3QS6IgbJ78ZfHsq3Tsyr6AMU0zt6WJWtndqD9xhriSZ3neELdz0jpjUQwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFML2LuRC1KAiGxMJDJskZ4b2gx25MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJlNTgxNTJhLTlhNTAtNDYyYi05OTRiLWVlOWRhMGI2MzYzYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYEDAMA0GCSqGSIb3DQEBCwUAA4IBAQBlhpZJXi/VA5B9O4bZ
NdSlLgSkeSIZ8SKoWLlQGnAlPu0im/xtp34iW0Lha0pXZV+2LBIq0fTfXsMMlcvz
uydQc0DTQoqGSIC6mwmbCiZ+5M3khfcHkyFOxbNxct5s5Sdl6LYBPYtviroJU0OI
Sg69+vInethJUy+8kU8lpQzK8NZs9ZqkIbVUXMT+2BLdkoiKkWGjzClwSe+NdsFk
4ImjftzVk4cTMW+Vj56CeMVtd1DTYDW3OqJIx5Usb+qcvR3Lk2GN+pac5wrgXI7p
Iv1ES7HNVoE6/JlBD/2SncU6772DQTQnUcIygoroYoe+RB4SDcWF+UwBOFUansgG
n0HT
-----END CERTIFICATE-----