Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084c90dd-efab-414c-a838-24ba0e1082e3.roa
File:                     084c90dd-efab-414c-a838-24ba0e1082e3.roa (raw, json)
Hash identifier:          eMjZJAe63aNkYV76JIyRBSX3B2g/4wZqstk1rccJxbw=
Subject key identifier:   2F:96:75:D2:6D:03:09:BC:48:A0:46:B3:D9:FD:32:00:D4:61:DB:A9
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       77622701A47B82084646BC5455A23536E1D90103
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084c90dd-efab-414c-a838-24ba0e1082e3.roa
Signing time:             Wed 30 Jul 2025 00:10:53 +0000
ROA not before:           Wed 30 Jul 2025 00:10:53 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:4880::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:22:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:62:27:01:a4:7b:82:08:46:46:bc:54:55:a2:35:36:e1:d9:01:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:10:53 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=9c329e0a595aac1c3e84cd7fc968c4bd416c0e92f71a2b1b553521455421671e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:da:58:8b:b5:07:5e:d7:09:f9:36:12:19:d4:
                    fe:23:d0:75:33:f5:3a:c6:0f:f0:c7:c0:e7:57:05:
                    c0:dd:fa:83:bf:8f:8b:26:37:bf:88:b1:5b:86:70:
                    35:38:05:b5:38:47:ef:f8:b0:e0:b0:7e:9d:d8:f9:
                    49:72:b9:48:ae:cf:4a:ce:75:ae:d1:22:7d:0c:dd:
                    53:fd:8d:29:87:28:e7:75:c3:33:c1:1e:0e:24:09:
                    e1:17:ae:a5:b2:4c:c1:32:f0:79:f0:46:b5:c6:7b:
                    6e:2e:3b:32:a7:e4:a4:57:e7:b1:a8:44:31:2e:a6:
                    58:89:3f:be:92:1c:d3:2f:8f:35:bf:a5:4e:c3:fa:
                    33:21:4e:5a:04:50:26:1e:58:92:6e:5b:01:d6:d2:
                    19:00:36:0c:38:7a:17:bf:8e:93:8e:83:6f:c6:84:
                    43:27:27:c8:af:a6:77:2c:17:5b:f4:6b:1d:77:59:
                    e3:90:b2:37:67:7c:38:0c:c4:11:d7:b8:09:34:57:
                    0e:b2:36:37:cf:75:0e:aa:b3:58:58:76:12:68:b9:
                    98:32:98:03:a7:4c:1d:07:b4:d5:35:bb:54:11:8e:
                    81:9c:3c:0c:9a:2f:a1:08:b4:9f:54:dc:b1:01:ce:
                    aa:8a:49:14:bd:1b:00:83:28:dc:6c:19:1c:5c:55:
                    50:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:96:75:D2:6D:03:09:BC:48:A0:46:B3:D9:FD:32:00:D4:61:DB:A9
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084c90dd-efab-414c-a838-24ba0e1082e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:4880::/46

    Signature Algorithm: sha256WithRSAEncryption
         4c:e3:da:bc:48:fd:b4:65:01:ba:87:a3:65:a8:24:ec:61:df:
         ed:5b:d9:7a:d5:07:48:aa:a2:9c:ab:54:25:20:83:49:e0:72:
         87:58:15:ce:4b:22:f7:be:35:56:cd:b6:47:1e:2d:d6:7e:81:
         2b:83:2e:63:3e:9a:3f:58:5a:20:dd:45:ab:15:9a:05:27:b9:
         40:93:70:a2:7e:6a:1c:37:c8:cb:80:54:a2:56:44:6f:1a:b3:
         a0:d0:15:2d:ae:bf:f5:6c:59:ca:f0:06:3a:a3:cc:54:c1:1e:
         73:f8:2e:fd:e1:1c:36:64:12:c7:f6:32:71:32:9b:0d:61:e3:
         0a:c7:80:88:1e:2e:31:f3:33:b3:07:a3:0e:39:66:dc:c0:f1:
         c7:f3:df:a4:98:4d:f5:bd:be:55:2e:23:1c:43:4f:a3:88:4e:
         d3:7d:a6:0a:d2:5e:92:79:b5:8f:fd:20:d4:78:8b:85:bb:f4:
         30:d2:ae:12:a5:a1:66:16:c4:71:c0:64:c4:49:9a:85:2e:62:
         b3:5c:c1:2e:14:93:ae:85:54:35:c5:d1:01:8f:64:c4:82:c1:
         6b:44:b9:ee:67:a2:bc:c4:81:e7:b9:ef:5f:0e:1e:13:4a:54:
         cc:e8:d7:a2:06:23:e4:23:f2:93:a7:23:47:c5:05:27:22:1d:
         45:ca:6c:76
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUd2InAaR7gghGRrxUVaI1NuHZAQMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMTA1M1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAOWMzMjllMGE1OTVhYWMxYzNlODRj
ZDdmYzk2OGM0YmQ0MTZjMGU5MmY3MWEyYjFiNTUzNTIxNDU1NDIxNjcxZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNpYi7UHXtcJ+TYSGdT+I9B1M/U6
xg/wx8DnVwXA3fqDv4+LJje/iLFbhnA1OAW1OEfv+LDgsH6d2PlJcrlIrs9KznWu
0SJ9DN1T/Y0phyjndcMzwR4OJAnhF66lskzBMvB58Ea1xntuLjsyp+SkV+exqEQx
LqZYiT++khzTL481v6VOw/ozIU5aBFAmHliSblsB1tIZADYMOHoXv46TjoNvxoRD
JyfIr6Z3LBdb9Gsdd1njkLI3Z3w4DMQR17gJNFcOsjY3z3UOqrNYWHYSaLmYMpgD
p0wdB7TVNbtUEY6BnDwMmi+hCLSfVNyxAc6qikkUvRsAgyjcbBkcXFVQiQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFC+WddJtAwm8SKBGs9n9MgDUYdupMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA4NGM5MGRkLWVmYWItNDE0Yy1hODM4LTI0YmEwZTEwODJlMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba90iAMA0GCSqGSIb3DQEBCwUAA4IBAQBM49q8SP20ZQG6h6Nl
qCTsYd/tW9l61QdIqqKcq1QlIINJ4HKHWBXOSyL3vjVWzbZHHi3WfoErgy5jPpo/
WFog3UWrFZoFJ7lAk3CifmocN8jLgFSiVkRvGrOg0BUtrr/1bFnK8AY6o8xUwR5z
+C794Rw2ZBLH9jJxMpsNYeMKx4CIHi4x8zOzB6MOOWbcwPHH89+kmE31vb5VLiMc
Q0+jiE7TfaYK0l6SebWP/SDUeIuFu/Qw0q4SpaFmFsRxwGTESZqFLmKzXMEuFJOu
hVQ1xdEBj2TEgsFrRLnuZ6K8xIHnue9fDh4TSlTM6NeiBiPkI/KTpyNHxQUnIh1F
ymx2
-----END CERTIFICATE-----