Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fdd5bd4-d5a4-40d2-8a1b-6a006f1a5b1e.roa
File:                     0fdd5bd4-d5a4-40d2-8a1b-6a006f1a5b1e.roa (raw, json)
Hash identifier:          2/AbGaeTqusbBSzEihP/QULH6skUzryel4BqwqzpA5A=
Subject key identifier:   C3:B5:27:7F:92:77:BB:2F:E1:49:34:E0:4D:97:60:D0:64:07:B1:BA
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       4B2E2C4174B3F871E49FAA7DB4C9625F3DC822C2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fdd5bd4-d5a4-40d2-8a1b-6a006f1a5b1e.roa
Signing time:             Wed 30 Jul 2025 00:20:58 +0000
ROA not before:           Wed 30 Jul 2025 00:20:58 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:e0c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:08:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:2e:2c:41:74:b3:f8:71:e4:9f:aa:7d:b4:c9:62:5f:3d:c8:22:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:20:58 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=859ef2d672118dbdbd66a461f029758bd34b0c5161c28ec6578fc4c0bd30e302, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:a0:fd:22:06:33:fb:78:57:39:5a:68:2f:70:
                    5f:17:df:51:19:03:4e:94:00:81:11:f9:29:27:79:
                    6a:1e:f5:86:32:04:3f:cd:1e:19:e2:bb:e7:54:5a:
                    ff:7c:a2:97:9e:a5:b0:2a:4b:9a:75:fb:98:78:23:
                    c2:ce:d4:20:3c:1f:2c:e0:9a:64:fc:b1:f9:cc:9f:
                    ff:ae:b2:32:c8:db:21:9e:ee:6a:84:49:19:9a:3e:
                    1f:05:fd:7a:91:ac:25:c7:a0:74:9e:ec:c8:b9:0c:
                    0e:88:b9:69:bc:23:12:63:ed:bf:a7:de:0b:e0:36:
                    19:62:cb:61:15:2e:d2:c8:e5:a4:05:31:1d:bb:9b:
                    7a:18:98:be:18:e8:59:89:f3:e9:6e:56:23:ae:ab:
                    ac:a5:c6:0b:e7:3b:16:aa:c6:3d:0f:cc:2a:9b:85:
                    bd:44:39:a3:17:5b:2e:cf:71:af:a2:07:3d:06:ec:
                    53:3a:c8:d6:3e:6d:68:29:5b:b7:19:3d:a8:92:5e:
                    db:3b:db:d9:8c:43:6a:8f:ac:6a:81:67:b5:54:13:
                    8e:dc:2e:16:56:11:ff:70:75:e5:b1:bb:57:e7:6b:
                    77:42:7e:f3:d5:99:14:aa:80:50:02:f8:2d:4f:d1:
                    05:f7:49:47:1b:58:85:4a:ce:f6:d9:e4:44:81:9e:
                    eb:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:B5:27:7F:92:77:BB:2F:E1:49:34:E0:4D:97:60:D0:64:07:B1:BA
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fdd5bd4-d5a4-40d2-8a1b-6a006f1a5b1e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:e0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         21:fa:fe:8f:71:11:17:73:a4:7b:52:06:f5:42:81:38:3b:04:
         0f:a0:b3:4e:cd:0b:bb:97:b8:d1:fb:ce:da:f9:ee:98:eb:17:
         69:25:68:a0:b3:fe:a8:bc:c2:51:21:a5:9e:b8:2a:fa:1c:18:
         f9:98:d7:1e:e8:5d:4d:ca:15:2c:45:f7:9d:dc:43:88:61:8c:
         93:b5:56:c2:e5:59:36:4d:ab:b3:71:14:fe:95:af:8c:7c:be:
         55:c8:91:65:dd:7f:f2:59:b0:96:ff:df:5d:ac:24:91:db:85:
         8d:4d:42:d4:23:68:2a:e5:aa:b8:40:40:a7:52:5a:5e:36:f1:
         45:cc:f7:3d:65:fd:11:c9:bf:35:5b:2c:f2:a0:60:51:ce:4a:
         cf:7d:ef:f3:f9:d9:eb:03:5e:14:51:53:7c:f5:59:60:2d:df:
         4b:0f:65:60:7d:8d:f6:18:e4:47:e5:e4:de:85:f4:56:ac:0a:
         85:1d:30:5a:ab:88:8a:f6:20:46:9e:d0:86:74:9f:6b:6c:00:
         81:43:fb:c1:47:d8:fc:0a:9d:50:79:f8:ff:03:8a:af:2c:b4:
         a7:6b:84:f0:00:d4:f1:c9:db:a0:e0:15:0e:bf:b7:24:b3:ef:
         40:47:f9:af:2f:f6:78:cb:0f:e2:91:5b:cd:83:c0:c2:53:a9:
         f8:0c:ed:af
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUSy4sQXSz+HHkn6p9tMliXz3IIsIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjA1OFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAODU5ZWYyZDY3MjExOGRiZGJkNjZh
NDYxZjAyOTc1OGJkMzRiMGM1MTYxYzI4ZWM2NTc4ZmM0YzBiZDMwZTMwMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaD9IgYz+3hXOVpoL3BfF99RGQNO
lACBEfkpJ3lqHvWGMgQ/zR4Z4rvnVFr/fKKXnqWwKkuadfuYeCPCztQgPB8s4Jpk
/LH5zJ//rrIyyNshnu5qhEkZmj4fBf16kawlx6B0nuzIuQwOiLlpvCMSY+2/p94L
4DYZYsthFS7SyOWkBTEdu5t6GJi+GOhZifPpblYjrquspcYL5zsWqsY9D8wqm4W9
RDmjF1suz3Gvogc9BuxTOsjWPm1oKVu3GT2okl7bO9vZjENqj6xqgWe1VBOO3C4W
VhH/cHXlsbtX52t3Qn7z1ZkUqoBQAvgtT9EF90lHG1iFSs722eREgZ7rpwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMO1J3+Sd7sv4Uk04E2XYNBkB7G6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBmZGQ1YmQ0LWQ1YTQtNDBkMi04YTFiLTZhMDA2ZjFhNWIxZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaeDAMA0GCSqGSIb3DQEBCwUAA4IBAQAh+v6PcREXc6R7Ugb1
QoE4OwQPoLNOzQu7l7jR+87a+e6Y6xdpJWigs/6ovMJRIaWeuCr6HBj5mNce6F1N
yhUsRfed3EOIYYyTtVbC5Vk2TauzcRT+la+MfL5VyJFl3X/yWbCW/99drCSR24WN
TULUI2gq5aq4QECnUlpeNvFFzPc9Zf0Ryb81WyzyoGBRzkrPfe/z+dnrA14UUVN8
9VlgLd9LD2VgfY32GORH5eTehfRWrAqFHTBaq4iK9iBGntCGdJ9rbACBQ/vBR9j8
Cp1Qefj/A4qvLLSna4TwANTxydug4BUOv7cks+9AR/mvL/Z4yw/ikVvNg8DCU6n4
DO2v
-----END CERTIFICATE-----