Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc5134c0-92f7-4dd8-8dbd-29f5d56d97d3.roa
File:                     cc5134c0-92f7-4dd8-8dbd-29f5d56d97d3.roa (raw, json)
Hash identifier:          wXDeEBRPlb8OJDibf1HgITA/wvACaXRB1xJoQhZpEss=
Subject key identifier:   CA:8A:93:DD:73:FD:56:BB:E8:24:E5:62:8C:70:8B:2B:47:35:83:BC
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       23790AD969F30F202DE3D56AC483B6D25B965D22
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc5134c0-92f7-4dd8-8dbd-29f5d56d97d3.roa
Signing time:             Tue 25 Mar 2025 15:11:11 +0000
ROA not before:           Tue 25 Mar 2025 15:11:11 +0000
ROA not after:            Tue 29 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:e080::/48 maxlen: 48
Validation:               Failed, certificate revoked on Wed 16 Apr 2025 18:54:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:79:0a:d9:69:f3:0f:20:2d:e3:d5:6a:c4:83:b6:d2:5b:96:5d:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Mar 25 15:11:11 2025 GMT
            Not After : Apr 29 23:59:59 2025 GMT
        Subject: serialNumber=18b0e571d293303b7364769cde832a6b664d765f88bad93e2b7e329c1fcfa746, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:85:f5:3e:9d:05:5c:2e:7b:e2:0b:ff:18:3f:
                    ef:d1:80:2c:5f:04:3d:97:68:d6:d9:06:ad:bc:44:
                    e5:af:00:11:cf:52:ea:1c:10:59:d0:f7:a6:3f:9d:
                    5d:48:c8:8c:6a:b4:8c:84:44:28:d1:18:29:3a:d8:
                    b1:6d:8c:a4:a6:cb:20:de:30:5f:91:91:bf:e0:b3:
                    51:46:ef:e2:a3:da:6e:4c:6a:8f:d1:88:43:1c:86:
                    16:42:61:3e:ff:c6:c2:7b:cf:df:5d:59:a8:e8:76:
                    88:f4:ce:2e:b4:c8:34:09:e7:84:ce:19:3f:03:1a:
                    69:44:d3:02:7f:77:97:c4:5f:68:cf:d4:10:f9:9b:
                    06:1f:99:af:88:5f:c4:da:47:fc:cd:9b:5e:cd:b8:
                    f8:ca:0a:ec:8e:97:c4:2f:a1:f7:ee:77:dd:6c:4b:
                    8b:60:36:4a:cb:0e:75:c6:9c:aa:5f:5f:a3:29:da:
                    04:93:e8:79:e8:e9:6a:86:03:ee:6c:be:62:6b:84:
                    06:7b:c4:08:26:1f:08:f0:ae:31:4e:77:ef:9f:37:
                    46:6f:89:32:d6:cf:b8:30:2b:78:e5:74:45:45:dd:
                    cc:e7:e6:f8:a3:ac:09:6c:4a:f0:7f:fa:66:32:a5:
                    a7:ae:86:ed:22:24:fe:51:b7:14:88:e6:22:02:a8:
                    0c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:8A:93:DD:73:FD:56:BB:E8:24:E5:62:8C:70:8B:2B:47:35:83:BC
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc5134c0-92f7-4dd8-8dbd-29f5d56d97d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:e080::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:1d:56:cc:74:84:6b:c2:22:4c:3b:ff:b0:3c:90:fe:69:12:
         4e:45:9d:93:99:86:51:db:e1:6b:0e:ff:7c:20:19:5a:32:ce:
         2c:24:0f:7c:c6:e9:02:53:ad:d3:07:42:fb:49:10:da:e2:25:
         34:1c:7b:a8:96:7d:be:a6:c9:69:0a:79:7d:15:36:da:30:eb:
         09:2b:8a:ad:bd:fc:05:28:4c:58:ac:fd:4c:fb:82:18:ec:65:
         f4:2b:10:22:a6:05:45:eb:0c:54:e8:dc:15:17:88:ef:a0:a5:
         62:63:1c:6b:89:6f:00:75:eb:2b:30:45:43:92:a9:2b:22:66:
         93:fb:13:d1:65:a2:02:b7:8b:fe:f2:b8:d5:89:18:ac:b2:fe:
         c8:5f:96:e4:e3:5b:bf:4f:f2:de:ce:6e:8b:4b:37:f8:79:e6:
         1d:6e:f9:b9:34:a1:48:e8:57:11:15:01:4c:96:c3:68:7e:40:
         ca:71:82:5f:aa:12:e3:ef:4b:85:dc:34:c7:6a:20:98:a4:6d:
         64:b6:a7:e1:8c:65:25:5a:f7:76:d4:91:6f:81:f2:ed:85:4f:
         ce:b4:87:60:70:ff:46:45:c4:2e:82:99:d1:b8:1c:02:e7:52:
         e1:65:86:ee:d1:d4:83:61:d7:cd:0e:e4:3d:23:11:0f:0e:45:
         29:3e:ed:28
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUI3kK2WnzDyAt49VqxIO20luWXSIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE1MTExMVoX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAMThiMGU1NzFkMjkzMzAzYjczNjQ3
NjljZGU4MzJhNmI2NjRkNzY1Zjg4YmFkOTNlMmI3ZTMyOWMxZmNmYTc0NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4X1Pp0FXC574gv/GD/v0YAsXwQ9
l2jW2QatvETlrwARz1LqHBBZ0PemP51dSMiMarSMhEQo0RgpOtixbYykpssg3jBf
kZG/4LNRRu/io9puTGqP0YhDHIYWQmE+/8bCe8/fXVmo6HaI9M4utMg0CeeEzhk/
AxppRNMCf3eXxF9oz9QQ+ZsGH5mviF/E2kf8zZtezbj4ygrsjpfEL6H37nfdbEuL
YDZKyw51xpyqX1+jKdoEk+h56OlqhgPubL5ia4QGe8QIJh8I8K4xTnfvnzdGb4ky
1s+4MCt45XRFRd3M5+b4o6wJbErwf/pmMqWnrobtIiT+UbcUiOYiAqgMlQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMqKk91z/Va76CTlYoxwiytHNYO8MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NjNTEzNGMwLTkyZjctNGRkOC04ZGJkLTI5ZjVkNTZkOTdkMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9OCAMA0GCSqGSIb3DQEBCwUAA4IBAQANHVbMdIRrwiJMO/+w
PJD+aRJORZ2TmYZR2+FrDv98IBlaMs4sJA98xukCU63TB0L7SRDa4iU0HHuoln2+
pslpCnl9FTbaMOsJK4qtvfwFKExYrP1M+4IY7GX0KxAipgVF6wxU6NwVF4jvoKVi
YxxriW8AdesrMEVDkqkrImaT+xPRZaICt4v+8rjViRissv7IX5bk41u/T/Lezm6L
Szf4eeYdbvm5NKFI6FcRFQFMlsNofkDKcYJfqhLj70uF3DTHaiCYpG1ktqfhjGUl
Wvd21JFvgfLthU/OtIdgcP9GRcQugpnRuBwC51LhZYbu0dSDYdfNDuQ9IxEPDkUp
Pu0o
-----END CERTIFICATE-----