Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1e6c409-dd69-486f-9207-60b9fd7a644e.roa
File:                     d1e6c409-dd69-486f-9207-60b9fd7a644e.roa (raw, json)
Hash identifier:          P4C+mAClgF9mwROuprzCZ89nyF4hLqBkhLSuVi6YYYc=
Subject key identifier:   03:81:1C:D7:22:0B:54:E0:93:E7:72:60:B6:E1:7A:98:E9:16:EA:3A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       02BFCDA49F5E4AAA4A52DB24F8470BF2828456F8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1e6c409-dd69-486f-9207-60b9fd7a644e.roa
Signing time:             Tue 25 Mar 2025 00:40:18 +0000
ROA not before:           Tue 25 Mar 2025 00:40:18 +0000
ROA not after:            Tue 29 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:1080::/48 maxlen: 48
Validation:               Failed, certificate revoked on Wed 16 Apr 2025 18:53:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:bf:cd:a4:9f:5e:4a:aa:4a:52:db:24:f8:47:0b:f2:82:84:56:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Mar 25 00:40:18 2025 GMT
            Not After : Apr 29 23:59:59 2025 GMT
        Subject: serialNumber=c892808fc3316358cff715f46e07b36aede99dce1364a31bfad4d67ad1dc06d7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ee:5b:f0:e7:84:e1:a8:43:26:74:97:ce:f1:
                    fc:91:53:96:1e:62:74:e8:50:59:b0:a3:7a:27:fd:
                    64:09:26:59:63:38:b7:56:5e:3a:b7:09:6f:86:b5:
                    38:f8:27:16:f1:9f:1f:6e:2d:a5:3d:9e:1f:83:56:
                    37:8e:0a:15:2c:80:83:70:8d:af:e7:49:4c:44:f6:
                    a4:ae:04:c8:58:b8:20:22:eb:f5:dc:28:76:52:5b:
                    9c:c0:d2:9b:6a:7c:59:c7:fd:47:e1:8c:a4:41:a0:
                    79:e7:9a:94:77:a3:e7:ca:b9:74:41:fd:f8:80:e6:
                    c9:cb:ca:50:84:7c:ee:1a:a2:2e:49:78:c6:bd:4a:
                    c1:9f:a2:67:75:2c:c5:e9:a3:1d:51:e2:64:a7:94:
                    1c:03:dc:ad:eb:b5:2b:27:c8:36:ba:9b:56:7f:21:
                    9d:a7:c7:99:74:2a:ab:2f:eb:19:16:20:8d:60:88:
                    8b:e8:06:8a:08:a7:77:a5:86:fa:33:f5:3c:32:80:
                    65:ba:18:f6:a5:2f:97:8c:15:e7:c5:b1:ff:6f:9a:
                    99:3f:86:0e:e6:9d:c9:28:e0:ae:21:38:76:33:47:
                    dc:2e:a2:c1:4a:f6:92:fc:b5:b7:74:80:35:23:33:
                    d1:3b:75:f1:2a:23:ef:62:9c:10:7f:4e:7f:42:2e:
                    ea:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:81:1C:D7:22:0B:54:E0:93:E7:72:60:B6:E1:7A:98:E9:16:EA:3A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1e6c409-dd69-486f-9207-60b9fd7a644e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:1080::/48

    Signature Algorithm: sha256WithRSAEncryption
         36:29:b9:da:50:55:f0:13:f3:89:e0:bf:ea:11:39:18:b8:91:
         a9:b1:53:e0:3b:6b:79:3d:96:9f:91:43:7c:cf:06:28:0a:65:
         18:84:02:f9:4e:a8:b7:07:ca:6c:f3:ae:5f:44:0d:3c:0a:65:
         c1:85:f2:d4:45:70:27:3b:32:a6:f6:1e:bb:a9:f0:57:7f:0e:
         05:36:e1:30:7d:fc:7e:1f:da:93:80:b6:83:22:fc:30:0c:72:
         ac:18:c5:73:19:01:73:8e:e1:12:1e:74:17:3c:b4:71:fc:5f:
         81:84:9e:ce:dc:a6:c0:85:88:13:59:17:71:6c:79:fd:b8:65:
         91:ac:39:ff:0c:09:1a:6a:2c:f2:01:8b:4f:37:9d:10:53:62:
         98:90:60:79:83:00:8d:ff:63:5f:e0:e7:c5:ab:a3:c8:23:6e:
         81:2d:c5:1b:1a:e8:a2:78:d2:0a:5f:6f:dd:ac:6c:34:f5:42:
         b0:12:7a:98:a9:cd:98:2d:19:ef:49:bd:42:64:89:3c:80:9b:
         02:1c:03:ec:44:78:15:b2:8c:1c:8c:6d:1a:c1:e8:9a:e7:42:
         64:ed:43:42:88:27:0b:9e:a9:81:9a:51:80:64:ea:e8:59:6c:
         20:f5:c4:76:3e:53:bf:49:c0:43:00:2d:44:7d:e3:11:af:02:
         6e:b7:2b:b5
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUAr/NpJ9eSqpKUtsk+EcL8oKEVvgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNDAxOFoX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYzg5MjgwOGZjMzMxNjM1OGNmZjcx
NWY0NmUwN2IzNmFlZGU5OWRjZTEzNjRhMzFiZmFkNGQ2N2FkMWRjMDZkNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO5b8OeE4ahDJnSXzvH8kVOWHmJ0
6FBZsKN6J/1kCSZZYzi3Vl46twlvhrU4+CcW8Z8fbi2lPZ4fg1Y3jgoVLICDcI2v
50lMRPakrgTIWLggIuv13Ch2UlucwNKbanxZx/1H4YykQaB555qUd6Pnyrl0Qf34
gObJy8pQhHzuGqIuSXjGvUrBn6JndSzF6aMdUeJkp5QcA9yt67UrJ8g2uptWfyGd
p8eZdCqrL+sZFiCNYIiL6AaKCKd3pYb6M/U8MoBluhj2pS+XjBXnxbH/b5qZP4YO
5p3JKOCuITh2M0fcLqLBSvaS/LW3dIA1IzPRO3XxKiPvYpwQf05/Qi7q+QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAOBHNciC1Tgk+dyYLbhepjpFuo6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QxZTZjNDA5LWRkNjktNDg2Zi05MjA3LTYwYjlmZDdhNjQ0ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9BCAMA0GCSqGSIb3DQEBCwUAA4IBAQA2KbnaUFXwE/OJ4L/q
ETkYuJGpsVPgO2t5PZafkUN8zwYoCmUYhAL5Tqi3B8ps865fRA08CmXBhfLURXAn
OzKm9h67qfBXfw4FNuEwffx+H9qTgLaDIvwwDHKsGMVzGQFzjuESHnQXPLRx/F+B
hJ7O3KbAhYgTWRdxbHn9uGWRrDn/DAkaaizyAYtPN50QU2KYkGB5gwCN/2Nf4OfF
q6PII26BLcUbGuiieNIKX2/drGw09UKwEnqYqc2YLRnvSb1CZIk8gJsCHAPsRHgV
sowcjG0aweia50Jk7UNCiCcLnqmBmlGAZOroWWwg9cR2PlO/ScBDAC1EfeMRrwJu
tyu1
-----END CERTIFICATE-----