Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f1263cb7-868b-454e-9249-688018baa633.roa
File:                     f1263cb7-868b-454e-9249-688018baa633.roa (raw, json)
Hash identifier:          mbKngs2eH/OkBzazKr6jEBVk9tzV5hK6KAG7YTcoYJs=
Subject key identifier:   3F:F9:AC:D7:D5:3A:4A:2D:E3:A4:0D:14:8B:C9:F4:9D:4C:0E:A2:50
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6CA505B5E5A9BCEC9138A052642052CAFD45CA3C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f1263cb7-868b-454e-9249-688018baa633.roa
Signing time:             Wed 18 Dec 2024 00:00:00 +0000
ROA not before:           Wed 18 Dec 2024 00:00:00 +0000
ROA not after:            Wed 22 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da16::/36 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:a5:05:b5:e5:a9:bc:ec:91:38:a0:52:64:20:52:ca:fd:45:ca:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Dec 18 00:00:00 2024 GMT
            Not After : Jan 22 23:59:59 2025 GMT
        Subject: serialNumber=f379a963f779b3374ec74e1fa9e7c8a09e45a4a8706239045672931c668e832e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5b:e7:29:a7:7c:f2:70:b9:65:9c:36:20:72:
                    09:dd:c7:d8:3e:61:28:9b:d2:dd:c8:f4:54:d4:74:
                    44:ca:96:61:3d:3b:e0:f7:e7:67:e7:29:0d:a2:4c:
                    df:b0:a2:2f:42:a0:cd:31:6d:2c:ed:9a:10:6f:66:
                    8f:53:52:e8:13:d9:08:1d:c7:33:93:a2:9a:c2:69:
                    f1:50:46:af:70:ad:79:39:e1:16:6b:e8:43:31:47:
                    fa:b5:d1:a5:a1:73:e7:74:0e:c4:36:0b:c8:b0:29:
                    e0:3e:57:c1:d7:a1:72:fa:3d:98:bc:ef:46:42:f4:
                    06:35:ce:b3:4b:3d:e9:60:b2:2c:9e:05:be:25:42:
                    db:e7:65:a9:bc:ec:cb:d0:0c:d9:bd:73:58:40:98:
                    ac:57:50:81:34:77:d2:e0:03:9e:6b:87:52:00:f3:
                    f1:8c:46:ea:04:7d:a4:07:db:ef:7c:3e:6c:1b:2a:
                    a7:cb:a6:b5:3c:47:83:8b:08:b7:f0:4e:43:e5:2a:
                    40:e5:a9:91:66:bc:c5:ef:7f:1c:2a:de:30:f9:89:
                    62:84:4e:fc:bd:7f:b1:c8:2b:be:3a:c6:bb:e2:21:
                    13:58:5e:65:26:e3:76:7d:e2:23:be:45:d5:18:1a:
                    0a:73:2b:0d:c0:45:a4:59:fc:18:1f:dd:ab:a4:1e:
                    1f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:F9:AC:D7:D5:3A:4A:2D:E3:A4:0D:14:8B:C9:F4:9D:4C:0E:A2:50
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f1263cb7-868b-454e-9249-688018baa633.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da16::/36

    Signature Algorithm: sha256WithRSAEncryption
         1d:99:3b:f8:02:7e:9f:42:f0:3e:8f:11:2e:ba:ef:85:1a:0e:
         c1:05:43:dc:89:1b:4f:87:4b:ef:5a:d1:06:4f:59:f5:26:e1:
         7e:cb:5e:30:ad:c4:f8:91:12:86:46:80:0b:f5:aa:ef:02:a2:
         6a:79:d6:06:d5:0a:d6:4c:4f:db:ec:d5:c5:84:62:0c:5c:f2:
         bd:78:eb:eb:c4:a8:5e:00:3b:75:c7:49:8d:5e:52:76:ea:4d:
         f3:b1:0b:e3:b2:22:a6:3c:76:eb:ed:27:ad:6d:37:a0:29:8d:
         fd:7f:01:59:fd:44:d7:99:6f:bc:9b:83:22:bf:dc:bd:f5:36:
         3c:47:39:01:a7:13:1d:e6:a1:5c:7a:31:58:43:f2:6e:50:3a:
         23:d9:f8:0d:a7:fa:7f:6f:bb:5c:57:dd:a6:81:8a:59:0d:17:
         44:1b:c8:e2:a5:10:da:0c:f9:69:6d:f4:42:42:3d:79:1c:69:
         29:a1:a4:77:01:55:b4:0d:4d:2e:3d:8c:4f:ff:3a:3e:9d:ea:
         50:a5:87:e9:4f:aa:9b:81:46:b1:f8:d9:9b:9f:22:5f:6e:8b:
         1c:d7:a9:bb:de:f4:44:d8:1d:61:4c:5d:d8:7f:04:07:71:8b:
         42:68:ab:2e:e0:88:d7:95:30:40:7a:b1:45:8c:de:ed:a7:b4:
         ee:ed:81:c0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbKUFteWpvOyROKBSZCBSyv1FyjwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAZjM3OWE5NjNmNzc5YjMzNzRlYzc0
ZTFmYTllN2M4YTA5ZTQ1YTRhODcwNjIzOTA0NTY3MjkzMWM2NjhlODMyZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlvnKad88nC5ZZw2IHIJ3cfYPmEo
m9LdyPRU1HREypZhPTvg9+dn5ykNokzfsKIvQqDNMW0s7ZoQb2aPU1LoE9kIHccz
k6KawmnxUEavcK15OeEWa+hDMUf6tdGloXPndA7ENgvIsCngPlfB16Fy+j2YvO9G
QvQGNc6zSz3pYLIsngW+JULb52WpvOzL0AzZvXNYQJisV1CBNHfS4AOea4dSAPPx
jEbqBH2kB9vvfD5sGyqny6a1PEeDiwi38E5D5SpA5amRZrzF738cKt4w+YlihE78
vX+xyCu+Osa74iETWF5lJuN2feIjvkXVGBoKcysNwEWkWfwYH92rpB4f+QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFD/5rNfVOkot46QNFIvJ9J1MDqJQMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YxMjYzY2I3LTg2OGItNDU0ZS05MjQ5LTY4ODAxOGJhYTYzMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaFgAwDQYJKoZIhvcNAQELBQADggEBAB2ZO/gCfp9C8D6PES66
74UaDsEFQ9yJG0+HS+9a0QZPWfUm4X7LXjCtxPiREoZGgAv1qu8Comp51gbVCtZM
T9vs1cWEYgxc8r146+vEqF4AO3XHSY1eUnbqTfOxC+OyIqY8duvtJ61tN6Apjf1/
AVn9RNeZb7ybgyK/3L31NjxHOQGnEx3moVx6MVhD8m5QOiPZ+A2n+n9vu1xX3aaB
ilkNF0QbyOKlENoM+Wlt9EJCPXkcaSmhpHcBVbQNTS49jE//Oj6d6lClh+lPqpuB
RrH42ZufIl9uixzXqbve9ETYHWFMXdh/BAdxi0Joqy7giNeVMEB6sUWM3u2ntO7t
gcA=
-----END CERTIFICATE-----