Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0480264-f479-48e4-bdc3-cde8d6aa20e1.roa
File:                     d0480264-f479-48e4-bdc3-cde8d6aa20e1.roa (raw, json)
Hash identifier:          ORKhHtkwcWVdBPO9jcVAYd5Jcb9mZ6HEXaOOrrNBKdM=
Subject key identifier:   09:F6:2A:F2:D8:EB:D6:A6:48:E8:41:18:03:EE:EE:D9:15:ED:7B:FA
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6277D23B386DA0CA091AF409312D302D463015D6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0480264-f479-48e4-bdc3-cde8d6aa20e1.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da60:b080::/46 maxlen: 46
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:77:d2:3b:38:6d:a0:ca:09:1a:f4:09:31:2d:30:2d:46:30:15:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=17d5ececa2be3806c9564c57093c16c83bbc62fcadf6366ed1e0e3d85cc8c1cb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c5:e0:81:a7:75:c8:dd:53:b3:be:21:b8:75:
                    da:a4:51:84:69:18:24:b0:ed:75:e7:37:00:32:73:
                    a2:29:30:72:d1:d0:3b:65:7b:28:c0:cc:e0:36:84:
                    e3:7d:20:48:be:78:c3:e5:b5:fc:20:5f:3c:c4:4c:
                    dd:95:07:f9:1e:6d:2c:b1:7e:ff:11:80:58:99:5c:
                    38:4f:e1:d3:66:87:2f:3d:66:67:59:6d:80:9c:88:
                    65:3f:01:2f:d3:33:ad:3c:e7:88:9f:8d:68:60:88:
                    8e:fb:67:e0:cd:aa:e7:b9:9c:71:cd:81:ca:bd:0b:
                    27:9b:6d:4d:84:e5:ff:39:b9:7f:c9:6c:91:c1:7d:
                    a1:f9:54:0c:41:57:22:ba:92:fe:b9:53:b9:58:6b:
                    a7:54:e1:b5:fb:d2:b7:4a:f7:02:37:91:a1:b9:b4:
                    cf:03:d3:2c:5c:02:e1:aa:85:1d:3b:e0:dd:18:29:
                    f1:da:6f:f7:7f:7e:17:ba:85:74:0d:70:19:08:1f:
                    49:c0:ed:6a:d6:63:97:f0:2d:b0:82:d1:8d:14:29:
                    19:5e:f3:42:2d:ae:eb:44:57:24:61:2f:64:19:99:
                    97:63:fc:00:70:90:aa:42:bd:ae:d1:66:3d:12:ba:
                    a4:e5:c2:a7:04:23:65:20:7e:52:1f:cf:1c:ad:a7:
                    d0:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:F6:2A:F2:D8:EB:D6:A6:48:E8:41:18:03:EE:EE:D9:15:ED:7B:FA
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0480264-f479-48e4-bdc3-cde8d6aa20e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da60:b080::/46

    Signature Algorithm: sha256WithRSAEncryption
         46:0d:3d:a3:3c:f7:b6:c9:49:6e:5a:dd:7c:a0:c6:f5:c9:11:
         56:88:dc:52:95:2d:ec:9a:79:a2:a1:ad:61:6b:98:b0:4c:8e:
         bd:05:fe:0c:92:c7:86:a8:d4:45:84:60:6f:c0:a2:e1:3a:f7:
         1f:f5:83:a9:87:96:7f:fb:f6:ce:c7:67:ce:64:f0:9a:c2:d7:
         c7:51:4a:a7:ae:3b:ce:73:0d:0c:88:19:a0:61:99:99:bc:f1:
         cd:9d:48:6c:35:83:a0:e0:7d:a0:e9:c2:a4:93:7b:d3:71:e3:
         6c:c9:d5:26:eb:f8:bb:56:bf:0b:24:2c:40:f3:d1:ec:57:e3:
         0d:bb:e0:93:bc:4e:34:89:bd:5c:0b:49:86:cb:79:de:3f:51:
         5f:68:1c:3f:ed:e6:5c:0f:90:f5:08:2a:b1:36:96:47:c7:df:
         0e:6a:a3:a5:91:9e:39:24:6b:10:e6:07:ba:f9:ad:42:1e:f4:
         ba:a9:69:7b:99:29:44:d2:f1:5f:2c:f0:81:f8:f4:6e:6b:93:
         c9:c0:88:3c:cc:ee:33:7b:a4:eb:44:2d:3f:5a:89:9a:81:28:
         8f:38:94:a3:1c:6c:c4:dd:0d:c2:d9:52:cd:d2:ec:d2:ff:f1:
         a0:b3:2a:7f:63:eb:b3:f9:d0:52:8c:b4:f1:b8:78:a9:fb:8c:
         84:42:94:ea
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUYnfSOzhtoMoJGvQJMS0wLUYwFdYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMTdkNWVjZWNhMmJlMzgwNmM5NTY0
YzU3MDkzYzE2YzgzYmJjNjJmY2FkZjYzNjZlZDFlMGUzZDg1Y2M4YzFjYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsXggad1yN1Ts74huHXapFGEaRgk
sO115zcAMnOiKTBy0dA7ZXsowMzgNoTjfSBIvnjD5bX8IF88xEzdlQf5Hm0ssX7/
EYBYmVw4T+HTZocvPWZnWW2AnIhlPwEv0zOtPOeIn41oYIiO+2fgzarnuZxxzYHK
vQsnm21NhOX/Obl/yWyRwX2h+VQMQVciupL+uVO5WGunVOG1+9K3SvcCN5GhubTP
A9MsXALhqoUdO+DdGCnx2m/3f34XuoV0DXAZCB9JwO1q1mOX8C2wgtGNFCkZXvNC
La7rRFckYS9kGZmXY/wAcJCqQr2u0WY9Erqk5cKnBCNlIH5SH88crafQiwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAn2KvLY69amSOhBGAPu7tkV7Xv6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QwNDgwMjY0LWY0NzktNDhlNC1iZGMzLWNkZThkNmFhMjBlMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYLCAMA0GCSqGSIb3DQEBCwUAA4IBAQBGDT2jPPe2yUluWt18
oMb1yRFWiNxSlS3smnmioa1ha5iwTI69Bf4MkseGqNRFhGBvwKLhOvcf9YOph5Z/
+/bOx2fOZPCawtfHUUqnrjvOcw0MiBmgYZmZvPHNnUhsNYOg4H2g6cKkk3vTceNs
ydUm6/i7Vr8LJCxA89HsV+MNu+CTvE40ib1cC0mGy3neP1FfaBw/7eZcD5D1CCqx
NpZHx98OaqOlkZ45JGsQ5ge6+a1CHvS6qWl7mSlE0vFfLPCB+PRua5PJwIg8zO4z
e6TrRC0/WomagSiPOJSjHGzE3Q3C2VLN0uzS//Ggsyp/Y+uz+dBSjLTxuHip+4yE
QpTq
-----END CERTIFICATE-----