Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa
File:                     b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa (raw, json)
Hash identifier:          12VLgwF0qT3xyBidSo7IuqgAbtTy16Lc6rmnI1Qh5eU=
Subject key identifier:   9F:E1:C1:76:F0:23:5C:9E:0A:26:D8:28:64:0B:7D:8D:40:E5:EC:F3
Certificate issuer:       /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial:       3A10DBCC10E4B9B50083EED788378A774A3BFAE3
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa
Signing time:             Fri 13 Dec 2024 00:00:00 +0000
ROA not before:           Fri 13 Dec 2024 00:00:00 +0000
ROA not after:            Fri 17 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        240f:8014::/36 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:10:db:cc:10:e4:b9:b5:00:83:ee:d7:88:37:8a:77:4a:3b:fa:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
        Validity
            Not Before: Dec 13 00:00:00 2024 GMT
            Not After : Jan 17 23:59:59 2025 GMT
        Subject: serialNumber=4c9c00973596f16cffc089eed74dcd459d25d95f4bf0a54dca4b38cf617482ad, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:28:54:cc:71:a0:89:e3:69:0e:c8:42:40:54:
                    ee:73:c6:35:6f:c3:0c:62:ae:c2:f3:e3:e6:99:c3:
                    6c:e7:fb:12:78:cf:1c:af:71:1c:e8:6f:44:8a:5c:
                    b5:c4:f6:6a:7a:88:9c:2e:63:02:53:6f:6a:bc:5a:
                    1d:ba:e1:dc:48:4a:82:ae:81:5e:49:0c:a7:47:13:
                    17:b2:3b:84:6e:43:bc:6f:bd:24:c4:3d:e9:a0:25:
                    a7:0c:25:8e:e4:ea:f2:fe:b8:05:f0:7d:4a:1b:5b:
                    6d:57:16:97:87:19:23:49:5d:df:48:c5:81:18:dd:
                    41:07:9f:a9:a4:01:b3:4d:32:f4:56:d5:e8:78:f0:
                    fe:4f:6a:31:8c:34:9b:9b:e3:d9:04:c7:ca:3c:ac:
                    2e:b1:37:db:7d:b0:50:62:81:36:7e:80:dc:e2:55:
                    34:42:42:e8:dc:7b:bb:e7:d5:fe:69:e3:d2:fb:c1:
                    28:b7:a8:76:18:78:24:38:73:79:81:50:01:5b:34:
                    03:4b:d3:ce:28:b3:92:0b:3a:80:1b:82:c0:37:54:
                    57:54:c8:75:8e:7c:9b:38:15:b8:5e:f0:f2:8c:37:
                    66:61:02:6c:ae:b6:fc:8b:76:7b:68:7c:8a:49:0a:
                    38:0f:d9:4d:b2:ea:11:20:44:6a:99:68:44:0f:0c:
                    31:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:E1:C1:76:F0:23:5C:9E:0A:26:D8:28:64:0B:7D:8D:40:E5:EC:F3
            X509v3 Authority Key Identifier:
                keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b46597ac-06b0-4ab7-aa80-8ed6514ffe89.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  240f:8014::/36

    Signature Algorithm: sha256WithRSAEncryption
         ac:a6:5c:32:e3:de:8c:79:06:29:20:56:33:cc:cc:7b:15:74:
         b4:ad:87:4c:fb:f9:fb:20:59:20:05:05:90:83:e2:8e:65:e7:
         75:ce:ff:ef:9b:6c:97:79:0c:d5:9d:50:f7:51:73:cb:a4:0f:
         57:81:d9:a1:e9:42:30:be:6a:8c:6e:dd:0e:36:61:52:a9:3c:
         b2:73:65:f0:fd:1b:aa:93:e7:69:bd:fd:5d:f7:d4:63:f5:78:
         35:ca:e2:80:39:37:22:76:ce:a9:fb:eb:73:3a:97:51:87:ff:
         0b:0b:3c:3e:2a:92:db:a2:c2:dd:ef:08:e2:89:87:4e:97:e2:
         40:7e:9c:29:3f:22:59:c0:12:69:53:a5:14:31:8d:f9:1f:18:
         04:a9:dd:5f:7b:13:8d:c3:c5:8b:68:18:e8:37:3e:69:45:f6:
         1e:d0:ec:b5:f7:54:aa:3e:f8:aa:b4:e8:14:b8:a9:59:8e:d0:
         1d:8b:f7:fd:48:8f:6b:60:49:87:79:80:c2:6a:a1:1c:bc:1c:
         d9:d6:ff:65:c0:f9:39:9d:b2:bf:72:38:15:0c:d5:ee:28:2f:
         4a:b5:1d:5a:b0:8d:35:23:f5:fd:dc:62:05:7e:9f:d0:7d:7a:
         05:f8:89:ad:5c:04:b4:3a:f5:86:af:0c:59:7b:23:3f:4b:38:
         3b:b6:26:15
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOhDbzBDkubUAg+7XiDeKd0o7+uMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNANGM5YzAwOTczNTk2ZjE2Y2ZmYzA4
OWVlZDc0ZGNkNDU5ZDI1ZDk1ZjRiZjBhNTRkY2E0YjM4Y2Y2MTc0ODJhZDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuihUzHGgieNpDshCQFTuc8Y1b8MM
Yq7C8+PmmcNs5/sSeM8cr3Ec6G9Eily1xPZqeoicLmMCU29qvFoduuHcSEqCroFe
SQynRxMXsjuEbkO8b70kxD3poCWnDCWO5Ory/rgF8H1KG1ttVxaXhxkjSV3fSMWB
GN1BB5+ppAGzTTL0VtXoePD+T2oxjDSbm+PZBMfKPKwusTfbfbBQYoE2foDc4lU0
QkLo3Hu759X+aePS+8Eot6h2GHgkOHN5gVABWzQDS9POKLOSCzqAG4LAN1RXVMh1
jnybOBW4XvDyjDdmYQJsrrb8i3Z7aHyKSQo4D9lNsuoRIERqmWhEDwwxhQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJ/hwXbwI1yeCibYKGQLfY1A5ezzMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2I0NjU5N2FjLTA2YjAtNGFiNy1hYTgwLThlZDY1MTRmZmU4OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJA+AFAAwDQYJKoZIhvcNAQELBQADggEBAKymXDLj3ox5BikgVjPM
zHsVdLSth0z7+fsgWSAFBZCD4o5l53XO/++bbJd5DNWdUPdRc8ukD1eB2aHpQjC+
aoxu3Q42YVKpPLJzZfD9G6qT52m9/V331GP1eDXK4oA5NyJ2zqn763M6l1GH/wsL
PD4qktuiwt3vCOKJh06X4kB+nCk/IlnAEmlTpRQxjfkfGASp3V97E43DxYtoGOg3
PmlF9h7Q7LX3VKo++Kq06BS4qVmO0B2L9/1Ij2tgSYd5gMJqoRy8HNnW/2XA+Tmd
sr9yOBUM1e4oL0q1HVqwjTUj9f3cYgV+n9B9egX4ia1cBLQ69YavDFl7Iz9LODu2
JhU=
-----END CERTIFICATE-----