Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed641167-3f3b-4369-b64e-fafa09df7306.roa
File:                     ed641167-3f3b-4369-b64e-fafa09df7306.roa (raw, json)
Hash identifier:          gB69iN444EHlZYVs9y7Qk6iA2QMTgJznwLmYBIJZbMQ=
Subject key identifier:   C5:0E:55:42:4B:1E:88:BA:A1:75:3B:A5:E6:70:96:4B:69:68:7D:D4
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       03784BAA9E1D791DE951DEE5DBA16F4FC5D83763
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed641167-3f3b-4369-b64e-fafa09df7306.roa
Signing time:             Wed 18 Dec 2024 00:00:00 +0000
ROA not before:           Wed 18 Dec 2024 00:00:00 +0000
ROA not after:            Wed 22 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf2:9000::/40 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:78:4b:aa:9e:1d:79:1d:e9:51:de:e5:db:a1:6f:4f:c5:d8:37:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Dec 18 00:00:00 2024 GMT
            Not After : Jan 22 23:59:59 2025 GMT
        Subject: serialNumber=474864d80c14f38cc687453a541ced5c370ae6a89f0b699683a5e0a7a3aa3015, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:49:df:2e:20:76:b1:6b:f4:e6:5c:c0:78:9d:
                    2b:70:2a:86:59:73:78:2d:ee:ae:f8:57:71:f4:75:
                    8a:36:c3:2e:5f:a0:4a:87:ac:89:66:8f:08:d9:63:
                    20:6f:a1:3c:06:62:fb:9a:a3:97:50:e4:24:a6:1c:
                    b5:02:91:54:a5:bc:ff:e9:dc:d4:df:66:b2:37:19:
                    84:91:2f:44:1e:52:85:bb:62:e4:58:01:02:53:09:
                    a9:c3:c4:19:d1:95:5d:e6:41:ee:53:5f:77:16:d1:
                    d6:22:cb:ff:06:da:d3:41:29:b7:32:13:15:03:36:
                    f6:f3:49:4e:fd:22:72:82:34:59:90:23:0d:ef:da:
                    76:22:cc:77:b3:7a:ea:8e:a7:3f:a8:34:9a:d3:8a:
                    6a:88:65:18:a7:47:20:d4:73:17:71:dd:d7:e9:d4:
                    a0:ef:a1:91:e7:87:b3:1b:c8:40:7f:86:7f:4c:8d:
                    14:9e:eb:d1:0d:c7:23:a3:99:e3:0b:00:1f:47:1b:
                    b5:bb:ad:71:91:c1:87:e4:76:e6:f9:d7:ad:2f:7f:
                    17:51:85:47:b7:c2:53:8d:f4:cb:74:c0:3a:7a:92:
                    c5:12:1f:51:5f:b3:41:06:27:91:90:a1:79:98:87:
                    4d:e2:67:67:0a:38:5e:2e:e1:e3:2f:07:09:34:22:
                    1a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:0E:55:42:4B:1E:88:BA:A1:75:3B:A5:E6:70:96:4B:69:68:7D:D4
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed641167-3f3b-4369-b64e-fafa09df7306.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf2:9000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a3:10:38:82:72:01:bd:9c:49:e7:51:15:e7:6a:2d:39:ca:64:
         87:55:03:3c:03:d0:95:1c:09:00:ba:cf:51:a5:65:f5:fd:64:
         46:39:f4:e3:06:32:64:8f:3e:16:45:44:69:d5:d7:8f:35:94:
         18:c0:ac:51:27:df:44:62:05:d8:28:bb:45:10:a5:f5:7e:3c:
         10:e8:c7:b8:e8:ec:69:49:db:ba:31:93:c3:4e:56:04:89:6d:
         67:13:05:ae:b2:86:53:f3:0f:a8:84:83:e1:65:68:07:f0:f3:
         ed:0a:61:73:ab:eb:c5:72:3c:35:d6:62:df:b7:3b:bc:51:01:
         f9:a5:5d:c3:4d:9e:8a:79:13:8d:90:8a:8c:52:e4:15:33:43:
         fe:bf:4c:14:3d:cf:2f:e6:73:71:2b:d7:9c:50:3d:8e:08:ff:
         54:2f:08:bb:1b:71:95:b3:fe:06:8a:01:1a:de:3f:21:91:89:
         63:80:57:11:e1:9e:15:75:95:e3:f9:f7:34:60:a7:f6:f2:27:
         1d:3a:56:26:fd:1b:bd:e9:36:ab:95:c7:5c:e1:84:c1:46:a6:
         fb:42:c1:de:d4:e5:82:9e:78:ce:70:ad:9e:97:a0:d9:98:11:
         1a:02:65:a4:ef:54:5e:59:7b:a8:23:cd:67:d7:b3:11:cf:af:
         f8:a6:a7:80
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUA3hLqp4deR3pUd7l26FvT8XYN2MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNANDc0ODY0ZDgwYzE0ZjM4Y2M2ODc0
NTNhNTQxY2VkNWMzNzBhZTZhODlmMGI2OTk2ODNhNWUwYTdhM2FhMzAxNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEnfLiB2sWv05lzAeJ0rcCqGWXN4
Le6u+Fdx9HWKNsMuX6BKh6yJZo8I2WMgb6E8BmL7mqOXUOQkphy1ApFUpbz/6dzU
32ayNxmEkS9EHlKFu2LkWAECUwmpw8QZ0ZVd5kHuU193FtHWIsv/BtrTQSm3MhMV
Azb280lO/SJygjRZkCMN79p2Isx3s3rqjqc/qDSa04pqiGUYp0cg1HMXcd3X6dSg
76GR54ezG8hAf4Z/TI0UnuvRDccjo5njCwAfRxu1u61xkcGH5Hbm+detL38XUYVH
t8JTjfTLdMA6epLFEh9RX7NBBieRkKF5mIdN4mdnCjheLuHjLwcJNCIaYQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMUOVUJLHoi6oXU7peZwlktpaH3UMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VkNjQxMTY3LTNmM2ItNDM2OS1iNjRlLWZhZmEwOWRmNzMwNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8pAwDQYJKoZIhvcNAQELBQADggEBAKMQOIJyAb2cSedRFedq
LTnKZIdVAzwD0JUcCQC6z1GlZfX9ZEY59OMGMmSPPhZFRGnV1481lBjArFEn30Ri
Bdgou0UQpfV+PBDox7jo7GlJ27oxk8NOVgSJbWcTBa6yhlPzD6iEg+FlaAfw8+0K
YXOr68VyPDXWYt+3O7xRAfmlXcNNnop5E42QioxS5BUzQ/6/TBQ9zy/mc3Er15xQ
PY4I/1QvCLsbcZWz/gaKARrePyGRiWOAVxHhnhV1leP59zRgp/byJx06Vib9G73p
NquVx1zhhMFGpvtCwd7U5YKeeM5wrZ6XoNmYERoCZaTvVF5Ze6gjzWfXsxHPr/im
p4A=
-----END CERTIFICATE-----