Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ad0aec9-ac7b-4f85-b6af-50823ad22500.roa
File:                     3ad0aec9-ac7b-4f85-b6af-50823ad22500.roa (raw, json)
Hash identifier:          //mo9Hc+QBgKppCnVJyIjJ6F1K9QaU2JhcNJqbW0lDk=
Subject key identifier:   C3:11:3F:A2:65:87:71:4E:E3:21:66:34:FF:7A:82:4E:F1:34:C3:B4
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       4AFBAFBD8F0B256304A8400F99627B3AE5408EE2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ad0aec9-ac7b-4f85-b6af-50823ad22500.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da60:8c0::/46 maxlen: 46
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:fb:af:bd:8f:0b:25:63:04:a8:40:0f:99:62:7b:3a:e5:40:8e:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=b7f0ef66b2353870274f54eddab91f282e3c1ab498ba7812953aae5b536beba5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:67:2c:cf:a4:b4:87:8a:f5:05:f0:37:e2:44:
                    fb:b7:73:8c:3a:0f:fa:27:ab:79:83:eb:14:55:ea:
                    83:eb:41:b4:15:5b:db:6d:d7:ce:8b:62:c4:a9:cd:
                    7f:34:d1:d8:81:95:e1:37:2a:39:a2:da:4f:eb:37:
                    c2:8a:14:82:fc:96:3d:32:cd:30:a1:56:f1:c9:72:
                    07:7e:0b:c3:56:56:dc:03:50:cb:98:e4:aa:dd:7a:
                    4f:50:c4:dd:8c:91:3f:85:18:30:bb:67:5a:a3:71:
                    d5:86:8f:9d:ba:88:b6:c1:d2:bf:09:c3:16:94:31:
                    c8:f3:68:38:c4:8e:a7:b2:f7:f9:d3:82:6a:87:d2:
                    f7:89:14:11:eb:71:59:2a:ee:3a:db:7f:aa:76:b8:
                    e3:21:72:b2:d4:7a:25:d2:84:37:ae:f3:ed:e9:08:
                    a7:7c:3c:81:90:9c:85:6a:48:74:77:16:17:79:c8:
                    53:2f:9b:af:19:6a:74:77:e1:cc:a7:e3:6c:60:fb:
                    fd:7c:fa:83:b7:d3:ae:8c:22:9f:19:7e:ee:2b:1f:
                    14:69:37:a8:2f:c2:a0:b7:2d:b4:d8:55:26:8a:9b:
                    cb:c5:16:89:2e:04:cb:6c:c8:35:25:bd:4f:6b:51:
                    47:36:ea:3a:e7:ef:0c:68:bc:e1:ab:f0:9c:ce:8f:
                    68:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:11:3F:A2:65:87:71:4E:E3:21:66:34:FF:7A:82:4E:F1:34:C3:B4
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ad0aec9-ac7b-4f85-b6af-50823ad22500.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da60:8c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         bc:63:53:78:90:c5:55:76:2b:4b:24:25:9d:92:e2:a7:a4:9a:
         e4:c8:b4:fb:c3:5b:a4:a8:9d:ad:64:11:a9:6b:50:0f:4a:be:
         1c:ed:70:50:c6:5b:0e:ed:82:51:ba:48:62:d4:9c:03:52:97:
         6d:17:fc:ad:4d:50:46:7c:4e:47:06:70:a8:fc:c4:85:e7:eb:
         a8:7d:61:38:90:5b:22:13:91:98:12:55:23:ee:81:6a:3c:e6:
         89:51:24:70:0e:98:0c:ad:ed:1c:16:95:04:33:00:10:bc:09:
         50:65:45:f0:80:34:eb:8b:eb:09:88:5e:08:26:5c:f5:64:2f:
         26:b6:e1:55:f4:6c:7b:4a:29:f8:43:aa:50:2c:f5:c4:19:53:
         81:4d:e7:d8:60:60:98:18:2d:1f:8a:48:fd:69:ee:5d:db:de:
         31:e8:37:01:55:53:a4:eb:47:73:8c:ee:78:a5:d3:0c:7e:00:
         2f:4a:ef:ea:5f:01:fa:37:19:8e:02:51:8f:1d:89:8d:1b:d1:
         90:72:e0:1c:38:49:f2:9d:ab:b3:e0:94:0b:3e:4f:91:92:f0:
         b4:c4:5b:2e:7d:98:5f:7c:c8:8a:ab:25:a5:ba:d7:35:4c:35:
         43:9a:53:ee:4f:2a:7d:08:a5:a8:9a:89:33:39:c1:c4:f0:04:
         c9:36:a6:a9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUSvuvvY8LJWMEqEAPmWJ7OuVAjuIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYjdmMGVmNjZiMjM1Mzg3MDI3NGY1
NGVkZGFiOTFmMjgyZTNjMWFiNDk4YmE3ODEyOTUzYWFlNWI1MzZiZWJhNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2csz6S0h4r1BfA34kT7t3OMOg/6
J6t5g+sUVeqD60G0FVvbbdfOi2LEqc1/NNHYgZXhNyo5otpP6zfCihSC/JY9Ms0w
oVbxyXIHfgvDVlbcA1DLmOSq3XpPUMTdjJE/hRgwu2dao3HVho+duoi2wdK/CcMW
lDHI82g4xI6nsvf504Jqh9L3iRQR63FZKu4623+qdrjjIXKy1Hol0oQ3rvPt6Qin
fDyBkJyFakh0dxYXechTL5uvGWp0d+HMp+NsYPv9fPqDt9OujCKfGX7uKx8UaTeo
L8Kgty202FUmipvLxRaJLgTLbMg1Jb1Pa1FHNuo65+8MaLzhq/Cczo9oFQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMMRP6Jlh3FO4yFmNP96gk7xNMO0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNhZDBhZWM5LWFjN2ItNGY4NS1iNmFmLTUwODIzYWQyMjUwMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYAjAMA0GCSqGSIb3DQEBCwUAA4IBAQC8Y1N4kMVVditLJCWd
kuKnpJrkyLT7w1ukqJ2tZBGpa1APSr4c7XBQxlsO7YJRukhi1JwDUpdtF/ytTVBG
fE5HBnCo/MSF5+uofWE4kFsiE5GYElUj7oFqPOaJUSRwDpgMre0cFpUEMwAQvAlQ
ZUXwgDTri+sJiF4IJlz1ZC8mtuFV9Gx7Sin4Q6pQLPXEGVOBTefYYGCYGC0fikj9
ae5d294x6DcBVVOk60dzjO54pdMMfgAvSu/qXwH6NxmOAlGPHYmNG9GQcuAcOEny
nauz4JQLPk+RkvC0xFsufZhffMiKqyWlutc1TDVDmlPuTyp9CKWomokzOcHE8ATJ
Nqap
-----END CERTIFICATE-----