Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c98730bc-a0cd-432d-9952-237d62bcfe53.roa
File:                     c98730bc-a0cd-432d-9952-237d62bcfe53.roa (raw, json)
Hash identifier:          uCn5kv2C61BM1eH8oRTxW27woPd5dXxQiC0GU+d+KwA=
Subject key identifier:   13:29:12:33:EE:32:C2:7F:FF:5B:BC:06:CF:B7:07:45:5F:95:7B:B9
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       448300CCA83A1C33D8DC071EFD36C0D2EBD0B888
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c98730bc-a0cd-432d-9952-237d62bcfe53.roa
Signing time:             Tue 25 Mar 2025 00:41:34 +0000
ROA not before:           Tue 25 Mar 2025 00:41:34 +0000
ROA not after:            Tue 29 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:1000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Wed 16 Apr 2025 18:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:83:00:cc:a8:3a:1c:33:d8:dc:07:1e:fd:36:c0:d2:eb:d0:b8:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Mar 25 00:41:34 2025 GMT
            Not After : Apr 29 23:59:59 2025 GMT
        Subject: serialNumber=9c7a74e17249cf83a4d1a7032f95b955f6cd33633155b61f1f28f3f86c3576c2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e3:ea:4c:aa:36:7f:19:38:d9:b9:57:48:de:
                    ef:34:78:74:0a:5b:f6:25:cd:eb:99:bb:5e:09:0d:
                    51:10:ac:a4:b5:53:a3:a6:43:38:55:50:0b:0b:49:
                    a2:b1:a2:fc:61:89:e2:8b:65:b7:87:55:8a:20:89:
                    70:4c:84:d7:d5:e7:68:33:83:4c:80:9f:91:d8:38:
                    c6:bc:5d:95:b7:91:85:1a:3a:20:ea:16:bf:94:3c:
                    ea:57:06:af:90:77:a9:d2:48:e2:7c:1a:90:eb:49:
                    e2:4a:4a:e8:87:b9:84:a0:b1:b8:a2:5a:e9:d6:57:
                    6a:3b:74:bb:70:39:d9:f0:fa:43:56:01:f2:87:55:
                    f1:d5:a2:79:3b:cb:cb:ac:63:ee:70:95:81:94:6b:
                    a5:e7:84:c3:e8:ce:23:23:2b:54:19:5f:b2:fc:21:
                    ca:26:cb:cb:cf:a5:42:92:00:0b:6b:b9:50:23:7f:
                    6d:0a:92:77:07:ed:f1:56:09:9f:39:1f:7e:58:fa:
                    97:ba:f6:78:71:71:b1:8d:bd:b9:f5:0e:5c:a6:26:
                    f7:8c:99:e4:71:2d:e3:71:6d:f2:a7:bd:24:c5:e5:
                    05:e2:d2:65:c1:7b:13:1b:7f:75:7a:e4:1e:80:94:
                    23:75:25:ed:ec:c2:60:d0:da:e6:b7:e8:2b:38:3f:
                    6d:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:29:12:33:EE:32:C2:7F:FF:5B:BC:06:CF:B7:07:45:5F:95:7B:B9
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c98730bc-a0cd-432d-9952-237d62bcfe53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         19:f6:7a:17:0d:b5:4e:47:ec:9c:77:c1:49:ed:5d:b6:f3:6e:
         df:b1:fc:ed:49:33:3e:13:ef:86:d3:14:64:11:6e:38:10:b8:
         d5:65:ab:49:72:58:94:75:2f:37:57:d6:1d:02:3b:75:e3:59:
         d9:bf:ec:af:7c:00:58:02:1c:1a:88:ae:87:4a:96:51:e3:aa:
         79:bc:e1:aa:af:24:27:79:c9:55:46:fd:df:43:8a:ee:e2:32:
         67:6f:eb:77:1e:0e:18:3a:4e:bb:da:aa:a2:f5:d7:ef:02:62:
         3c:83:10:39:e2:d2:b3:5d:f0:d7:ec:6b:00:46:56:22:fd:be:
         3f:e1:12:5d:20:e3:b0:59:12:1e:1d:3f:7c:78:70:a2:66:c8:
         94:fb:54:ad:50:88:07:7d:e8:2e:e6:78:5e:08:d5:e2:e9:58:
         b7:b0:4a:0a:44:07:4e:e8:a6:11:4a:6f:07:6c:54:83:43:8a:
         ff:f6:84:62:e1:3e:a5:0c:39:6e:53:29:06:65:86:9f:a7:62:
         ad:c9:56:9f:3b:07:a5:dc:e3:be:dc:24:27:75:95:10:8b:d6:
         97:e4:19:c7:79:97:27:1e:98:c3:b9:b7:c9:34:88:70:c7:2d:
         4f:45:0a:a8:6d:ee:73:99:df:03:f4:08:05:bb:65:12:eb:66:
         f5:c4:8f:a2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIURIMAzKg6HDPY3Ace/TbA0uvQuIgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNDEzNFoX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAOWM3YTc0ZTE3MjQ5Y2Y4M2E0ZDFh
NzAzMmY5NWI5NTVmNmNkMzM2MzMxNTViNjFmMWYyOGYzZjg2YzM1NzZjMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+PqTKo2fxk42blXSN7vNHh0Clv2
Jc3rmbteCQ1REKyktVOjpkM4VVALC0misaL8YYnii2W3h1WKIIlwTITX1edoM4NM
gJ+R2DjGvF2Vt5GFGjog6ha/lDzqVwavkHep0kjifBqQ60niSkroh7mEoLG4olrp
1ldqO3S7cDnZ8PpDVgHyh1Xx1aJ5O8vLrGPucJWBlGul54TD6M4jIytUGV+y/CHK
JsvLz6VCkgALa7lQI39tCpJ3B+3xVgmfOR9+WPqXuvZ4cXGxjb259Q5cpib3jJnk
cS3jcW3yp70kxeUF4tJlwXsTG391euQegJQjdSXt7MJg0Nrmt+grOD9tRwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBMpEjPuMsJ//1u8Bs+3B0VflXu5MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M5ODczMGJjLWEwY2QtNDMyZC05OTUyLTIzN2Q2MmJjZmU1My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9BAwDQYJKoZIhvcNAQELBQADggEBABn2ehcNtU5H7Jx3wUnt
Xbbzbt+x/O1JMz4T74bTFGQRbjgQuNVlq0lyWJR1LzdX1h0CO3XjWdm/7K98AFgC
HBqIrodKllHjqnm84aqvJCd5yVVG/d9Diu7iMmdv63ceDhg6TrvaqqL11+8CYjyD
EDni0rNd8NfsawBGViL9vj/hEl0g47BZEh4dP3x4cKJmyJT7VK1QiAd96C7meF4I
1eLpWLewSgpEB07ophFKbwdsVINDiv/2hGLhPqUMOW5TKQZlhp+nYq3JVp87B6Xc
477cJCd1lRCL1pfkGcd5lycemMO5t8k0iHDHLU9FCqht7nOZ3wP0CAW7ZRLrZvXE
j6I=
-----END CERTIFICATE-----