Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/012992d6-3319-423f-a183-28c7dff20208.roa
File:                     012992d6-3319-423f-a183-28c7dff20208.roa (raw, json)
Hash identifier:          5wNggl7J7UB50QqyIxzp3zLLnknndf/3eMspnPPKPNs=
Subject key identifier:   C7:D5:18:12:38:33:12:F5:38:D0:F9:36:AE:C5:A2:D7:D4:5C:8E:A6
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       65FAAF6CC6C31D1492D79F6C846E202EE679197E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/012992d6-3319-423f-a183-28c7dff20208.roa
Signing time:             Thu 22 May 2025 00:38:35 +0000
ROA not before:           Thu 22 May 2025 00:38:35 +0000
ROA not after:            Thu 26 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab9:b0c0::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:52:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:fa:af:6c:c6:c3:1d:14:92:d7:9f:6c:84:6e:20:2e:e6:79:19:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 22 00:38:35 2025 GMT
            Not After : Jun 26 23:59:59 2025 GMT
        Subject: serialNumber=f2d4a747b2271e37f508fccbca2e22d3c899fb75d1cdc3df0e5fe3856dbeb79d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:fd:c9:49:a4:fe:5d:03:40:9c:c4:bd:30:03:
                    73:9a:04:f6:a2:20:db:23:f2:20:7d:07:3d:48:aa:
                    04:a3:3a:44:e2:f8:92:27:7c:c6:e5:fd:16:e5:35:
                    50:3c:01:bc:49:4c:42:34:ed:d1:81:20:67:88:a8:
                    44:bf:6a:73:8c:95:2f:17:93:6a:7e:e1:1d:a8:e0:
                    37:6e:b0:6b:d2:aa:21:9f:84:22:08:90:7a:af:2b:
                    1c:40:26:a6:ff:54:0e:dc:fa:11:e8:6d:e4:b0:e0:
                    e7:dd:9a:43:df:23:69:35:5f:a1:b1:8d:ff:ca:33:
                    c8:8d:98:6e:1d:3a:20:14:12:bb:2e:0a:07:2e:5c:
                    a0:5a:21:d0:37:d4:72:e3:ce:d0:d3:16:de:b1:6f:
                    46:eb:59:00:ad:52:a8:e9:f0:83:bd:b8:72:85:34:
                    4a:bb:27:2a:d2:39:2b:95:27:d6:be:b6:5a:0b:5e:
                    40:93:f8:9c:75:8f:d9:da:cf:76:21:30:01:24:07:
                    da:12:2b:36:95:17:51:b6:5c:82:be:7a:03:45:fa:
                    26:1a:cb:b5:23:b1:f0:55:6e:41:04:db:b8:02:72:
                    70:05:36:08:52:39:4d:97:18:89:44:26:6d:74:e0:
                    ff:26:a6:cf:90:dd:96:86:f0:ae:b9:3a:25:f2:3c:
                    8f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:D5:18:12:38:33:12:F5:38:D0:F9:36:AE:C5:A2:D7:D4:5C:8E:A6
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/012992d6-3319-423f-a183-28c7dff20208.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab9:b0c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         4e:3c:6b:3b:e2:80:be:7f:5f:cd:64:3c:53:22:fb:ab:92:be:
         b8:64:03:c2:f5:6b:ad:2c:d9:95:f9:fa:08:bc:28:1f:74:ed:
         35:36:f8:29:e5:1f:d3:5b:67:b2:5e:bf:88:f8:88:24:ce:63:
         db:8a:b4:03:16:45:7b:af:fc:c2:18:90:a4:1a:f2:fe:28:53:
         44:e4:e1:8f:65:ae:9a:12:29:a0:98:65:55:07:e7:dc:ce:d8:
         8f:82:22:b0:9c:a5:d8:91:8f:a7:2b:fe:f1:8d:a5:82:8d:62:
         52:bf:34:50:9e:25:b1:4f:4b:ba:d1:ce:ae:fb:d8:2c:13:25:
         e5:75:b3:5c:cf:60:b8:27:e3:f4:c3:2b:1d:90:93:7a:bf:45:
         61:49:f2:3f:03:73:21:f0:11:15:77:df:e2:0c:6e:b1:c1:dd:
         e2:f5:e8:4d:9e:1b:2a:d6:3f:60:3d:4d:3c:7f:34:5b:d9:0d:
         6e:2b:54:c2:b2:db:4b:6b:c4:d4:98:cb:f1:03:ad:6e:c8:0d:
         a1:a7:ac:b9:01:39:83:02:61:6d:d0:4a:ac:ed:2d:be:e5:9a:
         d1:0a:f4:09:aa:74:30:6c:33:eb:55:3d:3e:47:81:dd:90:37:
         c3:3c:fd:61:b1:cd:7a:da:c4:cb:ea:6f:32:cb:5b:47:19:dc:
         13:fc:31:a9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUZfqvbMbDHRSS159shG4gLuZ5GX4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwMzgzNVoX
DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNAZjJkNGE3NDdiMjI3MWUzN2Y1MDhm
Y2NiY2EyZTIyZDNjODk5ZmI3NWQxY2RjM2RmMGU1ZmUzODU2ZGJlYjc5ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv3JSaT+XQNAnMS9MANzmgT2oiDb
I/IgfQc9SKoEozpE4viSJ3zG5f0W5TVQPAG8SUxCNO3RgSBniKhEv2pzjJUvF5Nq
fuEdqOA3brBr0qohn4QiCJB6ryscQCam/1QO3PoR6G3ksODn3ZpD3yNpNV+hsY3/
yjPIjZhuHTogFBK7LgoHLlygWiHQN9Ry487Q0xbesW9G61kArVKo6fCDvbhyhTRK
uycq0jkrlSfWvrZaC15Ak/icdY/Z2s92ITABJAfaEis2lRdRtlyCvnoDRfomGsu1
I7HwVW5BBNu4AnJwBTYIUjlNlxiJRCZtdOD/JqbPkN2WhvCuuTol8jyPdQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMfVGBI4MxL1OND5Nq7FotfUXI6mMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzAxMjk5MmQ2LTMzMTktNDIzZi1hMTgzLTI4YzdkZmYyMDIwOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaubDAMA0GCSqGSIb3DQEBCwUAA4IBAQBOPGs74oC+f1/NZDxT
Ivurkr64ZAPC9WutLNmV+foIvCgfdO01Nvgp5R/TW2eyXr+I+IgkzmPbirQDFkV7
r/zCGJCkGvL+KFNE5OGPZa6aEimgmGVVB+fcztiPgiKwnKXYkY+nK/7xjaWCjWJS
vzRQniWxT0u60c6u+9gsEyXldbNcz2C4J+P0wysdkJN6v0VhSfI/A3Mh8BEVd9/i
DG6xwd3i9ehNnhsq1j9gPU08fzRb2Q1uK1TCsttLa8TUmMvxA61uyA2hp6y5ATmD
AmFt0Eqs7S2+5ZrRCvQJqnQwbDPrVT0+R4HdkDfDPP1hsc162sTL6m8yy1tHGdwT
/DGp
-----END CERTIFICATE-----