Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ecfc0e9c-9b4a-4750-8352-019dfef71402.roa
File:                     ecfc0e9c-9b4a-4750-8352-019dfef71402.roa (raw, json)
Hash identifier:          x+Uya8kQKpQyyu/vE2frRMEmID+gwYntQhp0aVR1KXk=
Subject key identifier:   D4:57:C8:16:9B:63:DE:C5:8C:42:EC:F4:F3:0D:53:4D:A7:EE:E8:2D
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       4B154796962051838C9D165CE801AFC8BB11E86B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ecfc0e9c-9b4a-4750-8352-019dfef71402.roa
Signing time:             Mon 16 Dec 2024 00:00:00 +0000
ROA not before:           Mon 16 Dec 2024 00:00:00 +0000
ROA not after:            Mon 20 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da12:8000::/36 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:15:47:96:96:20:51:83:8c:9d:16:5c:e8:01:af:c8:bb:11:e8:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Dec 16 00:00:00 2024 GMT
            Not After : Jan 20 23:59:59 2025 GMT
        Subject: serialNumber=8f5b4f42967796ed07a435f10fe5f8bb5bef3578dbf9559be7430a57aa4c4ce6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b8:75:93:db:53:03:4e:ff:e5:85:7d:bf:55:
                    99:ab:52:69:4b:47:e9:0b:15:75:70:2c:24:c0:2d:
                    f8:c6:92:e1:00:93:6a:fe:d0:83:bb:25:10:a3:09:
                    8f:63:48:a6:39:a0:fe:7b:d4:e6:16:bb:70:56:fa:
                    66:25:8e:64:7b:57:8f:9a:c6:0a:b2:d1:6c:10:6a:
                    7a:5d:f7:57:b1:06:13:4d:9b:54:c2:dd:4a:02:1b:
                    e2:ea:95:a2:4f:56:af:dc:b9:4d:9f:35:12:02:0b:
                    ae:31:9c:96:2e:d6:65:13:aa:29:bd:dc:cc:ce:fa:
                    e5:48:f8:55:82:06:e4:d7:f8:e8:c5:24:10:13:a4:
                    f2:a4:85:02:c7:e6:1f:c0:37:ff:71:f3:96:fb:7b:
                    f2:35:d5:ea:ff:0f:1b:66:aa:dc:3d:c6:ba:34:06:
                    3f:b6:af:a8:6e:49:61:c7:02:e4:0a:bd:5c:9e:5a:
                    10:57:45:8d:5c:eb:0c:cc:a8:13:43:ed:24:b2:8f:
                    4d:a7:b8:1b:43:c3:9e:e7:18:0c:69:16:ef:e5:0b:
                    c4:37:8c:11:e9:50:f1:f2:1f:10:ba:72:fb:3a:bd:
                    10:29:92:0b:4e:e9:d7:5f:e6:c4:f1:eb:6e:8c:b3:
                    ea:e2:9f:4e:83:25:06:56:17:d6:02:0c:fa:63:0c:
                    8c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:57:C8:16:9B:63:DE:C5:8C:42:EC:F4:F3:0D:53:4D:A7:EE:E8:2D
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ecfc0e9c-9b4a-4750-8352-019dfef71402.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da12:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         c0:24:6b:2b:00:3d:a0:81:25:84:6c:96:9a:3e:79:58:f8:c8:
         8e:3c:8e:17:50:cf:2b:c7:34:e6:90:b5:1e:ec:69:3b:c7:3d:
         12:41:23:18:d7:17:d3:e2:67:12:4b:5f:bb:3f:a0:63:02:bc:
         29:f8:d4:c1:04:36:d4:33:66:f2:10:02:fe:ba:c3:dc:c5:79:
         98:7b:87:95:25:8c:72:23:0b:ac:94:67:ae:65:2e:b1:c6:e3:
         14:cf:8a:99:5c:32:f4:25:07:9f:0b:c4:0d:2d:cd:b3:44:9a:
         8d:c7:9e:e6:f0:fd:5a:ed:88:92:70:0b:e6:c9:38:a7:6a:e0:
         ee:eb:9d:1a:f8:ea:c9:62:a9:e5:be:27:56:8d:df:71:bf:3f:
         b7:d8:61:0b:39:1a:b8:f9:6a:32:48:a5:8b:51:cf:40:ba:33:
         1b:19:f3:7e:8c:96:f6:74:73:02:19:0e:ca:82:00:8a:4f:46:
         e9:ca:6f:28:d8:88:8e:4c:89:9c:0f:c6:04:53:d9:96:b7:cc:
         21:00:35:91:f6:54:78:cb:f6:d1:bd:6a:d5:9c:58:1d:54:1e:
         77:ea:a7:9a:2d:f7:6a:6a:f2:ce:50:ca:07:ab:46:60:6b:0c:
         89:0e:10:ec:66:1e:ab:13:bc:3e:a9:c8:c2:bb:7f:b4:a4:5c:
         06:d6:73:0b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUSxVHlpYgUYOMnRZc6AGvyLsR6GswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAOGY1YjRmNDI5Njc3OTZlZDA3YTQz
NWYxMGZlNWY4YmI1YmVmMzU3OGRiZjk1NTliZTc0MzBhNTdhYTRjNGNlNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Lh1k9tTA07/5YV9v1WZq1JpS0fp
CxV1cCwkwC34xpLhAJNq/tCDuyUQowmPY0imOaD+e9TmFrtwVvpmJY5ke1ePmsYK
stFsEGp6XfdXsQYTTZtUwt1KAhvi6pWiT1av3LlNnzUSAguuMZyWLtZlE6opvdzM
zvrlSPhVggbk1/joxSQQE6TypIUCx+YfwDf/cfOW+3vyNdXq/w8bZqrcPca6NAY/
tq+obklhxwLkCr1cnloQV0WNXOsMzKgTQ+0kso9Np7gbQ8Oe5xgMaRbv5QvEN4wR
6VDx8h8QunL7Or0QKZILTunXX+bE8etujLPq4p9OgyUGVhfWAgz6YwyMewIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNRXyBabY97FjELs9PMNU02n7ugtMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VjZmMwZTljLTliNGEtNDc1MC04MzUyLTAxOWRmZWY3MTQwMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaEoAwDQYJKoZIhvcNAQELBQADggEBAMAkaysAPaCBJYRslpo+
eVj4yI48jhdQzyvHNOaQtR7saTvHPRJBIxjXF9PiZxJLX7s/oGMCvCn41MEENtQz
ZvIQAv66w9zFeZh7h5UljHIjC6yUZ65lLrHG4xTPiplcMvQlB58LxA0tzbNEmo3H
nubw/VrtiJJwC+bJOKdq4O7rnRr46sliqeW+J1aN33G/P7fYYQs5Grj5ajJIpYtR
z0C6MxsZ836MlvZ0cwIZDsqCAIpPRunKbyjYiI5MiZwPxgRT2Za3zCEANZH2VHjL
9tG9atWcWB1UHnfqp5ot92pq8s5QygerRmBrDIkOEOxmHqsTvD6pyMK7f7SkXAbW
cws=
-----END CERTIFICATE-----