Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1880d87b-8b73-4b4c-9740-2b1cb1a90041.roa
File:                     1880d87b-8b73-4b4c-9740-2b1cb1a90041.roa (raw, json)
Hash identifier:          XBR9vl+ejW05xJLV/lhaavKwGlN7upg7Ml3P7X/+dao=
Subject key identifier:   00:68:FE:97:8C:56:F4:93:A7:65:FE:16:A2:9F:81:3A:13:A3:70:8B
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       188B61BF933C719E7A1E0ACE070B0140E482A822
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1880d87b-8b73-4b4c-9740-2b1cb1a90041.roa
Signing time:             Wed 30 Jul 2025 00:31:34 +0000
ROA not before:           Wed 30 Jul 2025 00:31:34 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:4020::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 17:54:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:8b:61:bf:93:3c:71:9e:7a:1e:0a:ce:07:0b:01:40:e4:82:a8:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:31:34 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=25e9026ed85a24f980ce3eb2de12837d606d9fd9db489c69db73ef18d1a755e4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:97:7d:87:38:99:b4:8d:d8:6e:f0:2b:c1:c3:
                    2c:95:cb:16:89:fc:6e:bb:ae:f4:1c:af:2f:f0:22:
                    e3:4e:cb:ed:5e:dc:2c:2c:4b:8b:20:c8:f2:fb:6b:
                    69:2a:f7:b4:30:a6:c9:c2:ef:6c:40:68:11:f2:24:
                    df:a9:ed:eb:e6:44:b2:6c:a2:c2:b6:5a:b2:d7:95:
                    af:90:39:91:e6:8f:fd:57:dc:9d:37:9b:7a:55:19:
                    ed:c3:64:34:1d:07:ad:53:cf:d8:43:9d:82:1b:90:
                    31:ae:2d:82:12:dd:38:8a:49:1d:74:c6:a4:eb:b3:
                    1b:c3:b5:2e:8b:66:00:b7:8b:29:7a:80:76:35:97:
                    16:63:9a:0a:b7:e8:a6:1b:7d:9b:3e:6d:7a:ab:dc:
                    e0:b1:2f:06:0f:79:03:0f:d0:d7:7d:f8:7a:07:cd:
                    cf:7e:2d:95:bd:64:e3:5f:2b:0a:88:81:c8:e6:f1:
                    b7:95:82:a8:54:7d:88:6a:ba:26:bd:87:43:63:ae:
                    03:f8:a0:a5:53:c6:1a:56:7c:3c:f6:ef:ee:15:c7:
                    3e:39:3e:73:37:de:84:0a:59:6d:f6:fb:d8:f2:0e:
                    92:38:a2:0e:f1:9d:06:55:a8:60:ea:46:47:93:8f:
                    f7:e1:05:34:1a:fd:9d:59:2b:5a:c9:d5:75:da:7c:
                    05:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:68:FE:97:8C:56:F4:93:A7:65:FE:16:A2:9F:81:3A:13:A3:70:8B
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1880d87b-8b73-4b4c-9740-2b1cb1a90041.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:4020::/46

    Signature Algorithm: sha256WithRSAEncryption
         4c:8c:2a:e0:43:ab:12:41:cf:2a:a2:b9:b7:07:87:7a:43:c0:
         4a:46:c0:43:61:04:7e:7f:8f:ce:1b:de:dc:12:0f:2c:43:70:
         36:4b:d8:03:f6:4e:7f:a2:0e:cf:35:71:63:f4:cc:66:9c:2f:
         33:a7:95:87:c3:95:03:d4:07:c6:1c:5b:3f:58:e4:27:3c:cc:
         14:3b:6f:27:1f:5a:fe:fd:2e:b9:1a:b2:5c:ff:ea:50:5f:29:
         44:ee:d9:cc:ee:4f:af:0c:26:13:4b:11:ac:51:c2:df:3f:db:
         bf:05:e2:2b:12:0c:b1:a8:5a:59:4b:29:9f:e5:ac:90:21:80:
         75:05:92:e3:a9:43:e0:5c:35:92:4b:20:36:7d:e8:8c:12:63:
         1f:77:92:ab:a3:ad:0d:87:77:30:7a:af:39:48:df:9c:45:24:
         ef:13:f4:cc:7f:30:d5:0b:24:83:ea:1f:e0:04:a6:c1:f5:fb:
         b1:30:23:b1:c9:ac:08:ae:e5:67:8b:e1:f9:20:06:cd:3f:04:
         39:60:82:cc:be:9d:6e:ab:33:3b:39:fa:f6:77:77:e9:4b:aa:
         d7:2d:1f:39:d1:a6:a4:6a:c2:ec:28:3d:28:8b:23:d9:6a:22:
         8e:7a:f5:81:97:c1:dd:e6:6b:ba:54:18:81:e0:54:1b:b4:52:
         4b:5a:74:28
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUGIthv5M8cZ56HgrOBwsBQOSCqCIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzEzNFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMjVlOTAyNmVkODVhMjRmOTgwY2Uz
ZWIyZGUxMjgzN2Q2MDZkOWZkOWRiNDg5YzY5ZGI3M2VmMThkMWE3NTVlNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75d9hziZtI3YbvArwcMslcsWifxu
u670HK8v8CLjTsvtXtwsLEuLIMjy+2tpKve0MKbJwu9sQGgR8iTfqe3r5kSybKLC
tlqy15WvkDmR5o/9V9ydN5t6VRntw2Q0HQetU8/YQ52CG5Axri2CEt04ikkddMak
67Mbw7Uui2YAt4speoB2NZcWY5oKt+imG32bPm16q9zgsS8GD3kDD9DXffh6B83P
fi2VvWTjXysKiIHI5vG3lYKoVH2IaromvYdDY64D+KClU8YaVnw89u/uFcc+OT5z
N96ECllt9vvY8g6SOKIO8Z0GVahg6kZHk4/34QU0Gv2dWStaydV12nwF0QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFABo/peMVvSTp2X+FqKfgToTo3CLMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE4ODBkODdiLThiNzMtNGI0Yy05NzQwLTJiMWNiMWE5MDA0MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaUAgMA0GCSqGSIb3DQEBCwUAA4IBAQBMjCrgQ6sSQc8qorm3
B4d6Q8BKRsBDYQR+f4/OG97cEg8sQ3A2S9gD9k5/og7PNXFj9MxmnC8zp5WHw5UD
1AfGHFs/WOQnPMwUO28nH1r+/S65GrJc/+pQXylE7tnM7k+vDCYTSxGsUcLfP9u/
BeIrEgyxqFpZSymf5ayQIYB1BZLjqUPgXDWSSyA2feiMEmMfd5Kro60Nh3cweq85
SN+cRSTvE/TMfzDVCySD6h/gBKbB9fuxMCOxyawIruVni+H5IAbNPwQ5YILMvp1u
qzM7Ofr2d3fpS6rXLR850aakasLsKD0oiyPZaiKOevWBl8Hd5mu6VBiB4FQbtFJL
WnQo
-----END CERTIFICATE-----