Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0439f997-2ab0-400d-bf76-71ab1d11d20b.roa
File:                     0439f997-2ab0-400d-bf76-71ab1d11d20b.roa (raw, json)
Hash identifier:          mS/J/XJEGgszCPuGF95aC5fCIYGKVcgnI+YP61bv/mk=
Subject key identifier:   91:EE:F6:30:72:DC:2F:14:AB:E4:20:00:AE:5E:A7:21:05:EA:B3:97
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       63AC5A76983A96E41B0392DE1626B16CFBFB9CB2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0439f997-2ab0-400d-bf76-71ab1d11d20b.roa
Signing time:             Wed 30 Jul 2025 00:41:45 +0000
ROA not before:           Wed 30 Jul 2025 00:41:45 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:6040::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:22:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:ac:5a:76:98:3a:96:e4:1b:03:92:de:16:26:b1:6c:fb:fb:9c:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:41:45 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=fa9455100bde496b395360afe062d33597e1226d5b1c2b32a26bd403d976533d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:13:1c:d7:5e:3f:19:c0:d3:f3:5a:1c:ce:dd:
                    b9:e3:c5:fe:14:1e:a2:1c:19:ce:cf:98:fa:9b:39:
                    f6:10:41:34:fe:bc:c2:aa:cd:6d:73:a0:18:23:60:
                    1c:d9:e0:f3:cc:05:3d:a6:6a:05:93:b5:82:a3:9d:
                    73:15:12:91:4a:20:6f:22:6f:69:c2:01:bf:fe:67:
                    52:85:30:d0:8b:a3:16:76:fa:a2:93:ac:c6:28:fa:
                    98:45:4f:4c:d2:d3:7c:b7:31:9a:69:1e:bd:8f:c2:
                    77:cb:fd:db:e6:1a:ea:93:87:38:9e:0b:61:95:3f:
                    1c:48:65:02:e6:de:25:44:8c:5c:40:6c:88:b4:c2:
                    52:71:ce:a7:d5:ce:68:f9:55:96:b4:f3:15:26:e4:
                    77:f9:3b:b6:e5:76:f3:ca:60:0c:66:6b:7a:c3:59:
                    23:54:6b:b3:1b:96:53:a2:35:a0:75:92:6d:c7:86:
                    e7:10:91:f3:1a:8d:5d:e0:47:2a:2e:fb:78:8a:63:
                    26:29:f0:18:2a:c8:58:99:21:2a:07:b3:97:ed:9b:
                    86:d6:ba:20:9d:43:49:52:a2:5a:f7:ac:d9:2a:ea:
                    d4:0a:27:f5:c0:5b:1b:d8:2d:10:ab:15:49:1e:c4:
                    56:fe:86:28:ea:45:00:90:a7:aa:1a:fa:6e:d2:bb:
                    93:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:EE:F6:30:72:DC:2F:14:AB:E4:20:00:AE:5E:A7:21:05:EA:B3:97
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0439f997-2ab0-400d-bf76-71ab1d11d20b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:6040::/46

    Signature Algorithm: sha256WithRSAEncryption
         51:5f:0f:39:a0:5f:d6:3e:3b:7f:52:74:ce:4d:05:86:06:ee:
         c8:a9:64:ef:60:3f:7d:0f:7e:21:2b:af:50:f0:a5:a8:7e:ff:
         5e:92:55:c3:5f:24:5d:7c:28:0a:61:63:92:4d:8d:dd:d4:2b:
         34:ea:64:5f:12:82:a3:24:62:c9:5f:7a:0e:05:cf:4f:2c:87:
         7a:34:19:5c:31:39:80:86:47:ad:92:69:9c:53:ae:58:0a:da:
         90:86:81:e0:3e:4d:ee:a8:b8:d6:f0:7e:23:84:32:8c:63:2d:
         b8:cd:25:63:fa:43:32:65:68:dd:10:05:ec:27:40:c5:fd:bd:
         a5:3d:13:cf:cc:da:74:2f:fc:ae:c2:b7:b1:7a:20:9d:5b:a7:
         87:c0:3f:2a:bd:ff:ee:89:0b:ba:fb:82:fc:53:2f:c1:13:ed:
         0d:fa:1d:62:40:60:f8:50:8c:5e:c3:f8:f0:d2:0a:b7:d4:e4:
         6a:11:a5:e0:de:81:08:fa:09:31:07:47:ae:7e:6f:34:74:df:
         e9:20:96:c8:e9:96:11:d6:57:76:a7:68:f7:b5:33:c9:11:69:
         16:05:e6:5e:9e:2a:18:e5:ae:67:5e:c4:76:c7:f7:9a:0a:8c:
         1c:bc:ba:d4:c0:88:69:ad:6b:97:28:5a:68:49:b2:e8:a2:ad:
         06:89:d3:b1
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUY6xadpg6luQbA5LeFiaxbPv7nLIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDE0NVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZmE5NDU1MTAwYmRlNDk2YjM5NTM2
MGFmZTA2MmQzMzU5N2UxMjI2ZDViMWMyYjMyYTI2YmQ0MDNkOTc2NTMzZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBMc114/GcDT81oczt2548X+FB6i
HBnOz5j6mzn2EEE0/rzCqs1tc6AYI2Ac2eDzzAU9pmoFk7WCo51zFRKRSiBvIm9p
wgG//mdShTDQi6MWdvqik6zGKPqYRU9M0tN8tzGaaR69j8J3y/3b5hrqk4c4ngth
lT8cSGUC5t4lRIxcQGyItMJScc6n1c5o+VWWtPMVJuR3+Tu25XbzymAMZmt6w1kj
VGuzG5ZTojWgdZJtx4bnEJHzGo1d4EcqLvt4imMmKfAYKshYmSEqB7OX7ZuG1rog
nUNJUqJa96zZKurUCif1wFsb2C0QqxVJHsRW/oYo6kUAkKeqGvpu0ruTKQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJHu9jBy3C8Uq+QgAK5epyEF6rOXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA0MzlmOTk3LTJhYjAtNDAwZC1iZjc2LTcxYWIxZDExZDIwYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba92BAMA0GCSqGSIb3DQEBCwUAA4IBAQBRXw85oF/WPjt/UnTO
TQWGBu7IqWTvYD99D34hK69Q8KWofv9eklXDXyRdfCgKYWOSTY3d1Cs06mRfEoKj
JGLJX3oOBc9PLId6NBlcMTmAhketkmmcU65YCtqQhoHgPk3uqLjW8H4jhDKMYy24
zSVj+kMyZWjdEAXsJ0DF/b2lPRPPzNp0L/yuwrexeiCdW6eHwD8qvf/uiQu6+4L8
Uy/BE+0N+h1iQGD4UIxew/jw0gq31ORqEaXg3oEI+gkxB0eufm80dN/pIJbI6ZYR
1ld2p2j3tTPJEWkWBeZenioY5a5nXsR2x/eaCowcvLrUwIhprWuXKFpoSbLooq0G
idOx
-----END CERTIFICATE-----