Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbe634bd-91d9-4786-a244-0783a5787526.roa
File:                     fbe634bd-91d9-4786-a244-0783a5787526.roa (raw, json)
Hash identifier:          mI60rRWl2kvOWoRGPkboMsyzDjFdXnZIiXmQIe9KlBs=
Subject key identifier:   C3:44:1F:F9:C3:07:20:9A:B1:B2:3B:91:28:DB:C7:7C:DD:0C:73:EA
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       397FA9B3C0D7DB43A72B9D7BDA4E8633C66F2454
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbe634bd-91d9-4786-a244-0783a5787526.roa
Signing time:             Wed 18 Dec 2024 00:00:00 +0000
ROA not before:           Wed 18 Dec 2024 00:00:00 +0000
ROA not after:            Wed 22 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:6000::/40 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:7f:a9:b3:c0:d7:db:43:a7:2b:9d:7b:da:4e:86:33:c6:6f:24:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Dec 18 00:00:00 2024 GMT
            Not After : Jan 22 23:59:59 2025 GMT
        Subject: serialNumber=1928717501cff69bccebdbd4848b0d5a853628d06513110c2fb329c29f107dff, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:66:4a:9b:79:5f:6a:95:e1:0f:3b:37:62:ed:
                    71:ca:a1:0a:c5:32:83:74:ed:a3:85:cd:87:73:cb:
                    da:df:86:5f:30:d9:b5:06:d6:05:a6:32:2a:c6:0b:
                    a2:3c:1d:b1:4f:3f:b6:0c:cf:10:f8:f8:0d:2a:53:
                    86:27:b0:72:81:44:ef:62:8c:f1:e4:53:bc:3b:48:
                    2e:af:10:85:69:d8:e0:da:4c:17:fa:40:88:c7:ce:
                    3e:d6:3c:45:9e:5a:72:c1:80:4f:a4:7c:b5:68:7a:
                    e5:13:29:18:7e:50:4c:75:c4:ac:bf:42:92:37:66:
                    8b:32:a2:57:d8:a7:e5:b5:10:cc:f1:e2:40:57:99:
                    6f:c9:4e:f1:72:22:a0:60:e3:36:dd:a1:61:c1:ae:
                    05:57:5f:c9:75:80:2c:75:7e:ab:60:da:9b:b3:8a:
                    dd:a6:f5:2d:1d:73:07:ba:b0:cf:0e:45:34:34:c4:
                    c3:92:c8:9d:b1:5e:2c:8a:e2:84:f8:30:6f:39:d8:
                    da:aa:f4:56:3f:8b:b3:31:07:58:6d:02:a3:0f:96:
                    e6:52:8d:16:31:71:a7:66:1d:ed:9a:03:b2:e4:28:
                    4b:61:24:ac:ae:fa:5f:48:a2:33:3f:f3:a9:42:52:
                    6f:f6:fa:43:38:4b:ca:2c:bd:df:18:0a:19:b2:dc:
                    3f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:44:1F:F9:C3:07:20:9A:B1:B2:3B:91:28:DB:C7:7C:DD:0C:73:EA
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbe634bd-91d9-4786-a244-0783a5787526.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2e:6e:6d:4a:d1:d2:a5:55:60:c2:b4:40:55:ea:be:a8:d5:22:
         18:13:3a:1d:dc:88:b5:7a:35:c1:5e:1a:87:6e:8c:cd:4b:95:
         16:1e:66:be:f8:df:88:f5:dd:b3:da:30:50:f1:15:9e:3d:e7:
         3b:19:fe:fc:fe:af:6f:f8:63:70:cd:ed:44:5f:2c:78:dc:4e:
         20:d8:01:7c:61:55:ca:b2:4d:98:26:31:ce:23:09:ce:7c:5b:
         98:66:a6:66:2f:0f:43:e9:10:a7:38:26:05:52:d7:e9:aa:99:
         26:49:47:52:5d:3f:0b:3a:5e:15:64:04:bb:a5:b2:44:64:f7:
         c5:4d:2e:a2:6b:96:f1:5a:9a:fb:7f:b3:4f:8e:30:39:cb:ce:
         de:aa:64:ac:0d:bf:5b:4f:be:b8:ee:51:15:4f:26:29:4d:58:
         17:7b:b8:55:3c:7d:7d:6f:d3:32:c0:01:8b:fc:a7:7d:d3:de:
         f1:d0:d0:35:f3:4b:18:db:fb:58:d6:b8:d7:2b:02:8f:b7:50:
         c2:db:a0:8b:58:bf:76:df:7d:c2:bd:f1:e9:58:ef:20:47:b2:
         8a:93:a7:aa:f6:7c:67:b7:66:fe:74:ec:ba:3f:fc:e3:f6:b0:
         5e:05:06:65:95:90:fe:68:6e:d7:47:76:c2:34:7e:14:e9:13:
         b6:ef:c4:51
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOX+ps8DX20OnK5172k6GM8ZvJFQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAMTkyODcxNzUwMWNmZjY5YmNjZWJk
YmQ0ODQ4YjBkNWE4NTM2MjhkMDY1MTMxMTBjMmZiMzI5YzI5ZjEwN2RmZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GZKm3lfapXhDzs3Yu1xyqEKxTKD
dO2jhc2Hc8va34ZfMNm1BtYFpjIqxguiPB2xTz+2DM8Q+PgNKlOGJ7BygUTvYozx
5FO8O0gurxCFadjg2kwX+kCIx84+1jxFnlpywYBPpHy1aHrlEykYflBMdcSsv0KS
N2aLMqJX2KfltRDM8eJAV5lvyU7xciKgYOM23aFhwa4FV1/JdYAsdX6rYNqbs4rd
pvUtHXMHurDPDkU0NMTDksidsV4siuKE+DBvOdjaqvRWP4uzMQdYbQKjD5bmUo0W
MXGnZh3tmgOy5ChLYSSsrvpfSKIzP/OpQlJv9vpDOEvKLL3fGAoZstw/GQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMNEH/nDByCasbI7kSjbx3zdDHPqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZiZTYzNGJkLTkxZDktNDc4Ni1hMjQ0LTA3ODNhNTc4NzUyNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba92AwDQYJKoZIhvcNAQELBQADggEBAC5ubUrR0qVVYMK0QFXq
vqjVIhgTOh3ciLV6NcFeGodujM1LlRYeZr7434j13bPaMFDxFZ495zsZ/vz+r2/4
Y3DN7URfLHjcTiDYAXxhVcqyTZgmMc4jCc58W5hmpmYvD0PpEKc4JgVS1+mqmSZJ
R1JdPws6XhVkBLulskRk98VNLqJrlvFamvt/s0+OMDnLzt6qZKwNv1tPvrjuURVP
JilNWBd7uFU8fX1v0zLAAYv8p33T3vHQ0DXzSxjb+1jWuNcrAo+3UMLboItYv3bf
fcK98elY7yBHsoqTp6r2fGe3Zv507Lo//OP2sF4FBmWVkP5obtdHdsI0fhTpE7bv
xFE=
-----END CERTIFICATE-----