Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa
File:                     27a80888-f443-40f4-b37a-77f84a697e07.roa (raw, json)
Hash identifier:          zU9V2TkWABs3RDSs86Px57MiA/G9wjj9zIsEmysrAmY=
Subject key identifier:   DE:1D:CE:A8:AF:D3:B1:6C:67:57:BB:5B:AE:1E:9C:A7:95:87:3E:A0
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       2CA5AFEF5F056DE85A73E291DEDC9EC263C7CD79
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa
Signing time:             Wed 30 Jul 2025 00:30:13 +0000
ROA not before:           Wed 30 Jul 2025 00:30:13 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:b080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:24:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:a5:af:ef:5f:05:6d:e8:5a:73:e2:91:de:dc:9e:c2:63:c7:cd:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:30:13 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=b053d76559eacaafd08ba2e2d947a338ad67c56eda6c76ffee06033b31e7318c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:9a:e7:f9:7a:5a:ec:6b:12:92:6b:f4:41:97:
                    8e:44:10:10:a1:bc:6e:36:b1:3c:18:59:18:96:ce:
                    0f:8f:b0:e7:90:94:5a:87:5e:c2:95:10:ac:e7:3d:
                    8c:59:f0:2b:5d:93:be:c8:28:5c:f9:3d:12:85:6d:
                    25:1f:be:92:9e:58:76:94:a6:ab:ad:b6:4b:b1:b6:
                    6b:04:35:a6:09:14:1c:49:65:4d:27:67:93:7d:0f:
                    b6:72:18:ed:66:24:98:e7:68:b0:5b:2b:c3:98:fa:
                    76:a2:e7:89:ab:e6:7f:3a:95:d3:96:13:09:a5:7f:
                    a1:25:60:a0:3e:f7:f3:5e:b7:ee:75:bd:34:29:f4:
                    47:1e:f8:fa:cb:f6:2a:30:88:1f:13:26:1f:4a:02:
                    73:a2:1b:f7:80:52:95:11:0e:ff:5f:44:a2:8c:72:
                    40:2b:0e:ce:68:8f:af:e9:6c:a6:71:30:12:8c:3f:
                    52:67:b7:1b:a9:94:96:a7:5c:82:5f:c4:e8:30:92:
                    2f:d0:a0:06:20:46:7e:4c:18:55:51:de:03:d8:40:
                    f7:8d:38:9f:c3:68:2d:a9:20:0d:a7:e1:41:2f:6e:
                    a6:32:83:b8:d2:42:e7:16:e2:9a:2b:63:b3:9c:9c:
                    8a:dd:00:8c:38:27:be:3c:04:13:66:d4:e0:83:1d:
                    8e:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:1D:CE:A8:AF:D3:B1:6C:67:57:BB:5B:AE:1E:9C:A7:95:87:3E:A0
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27a80888-f443-40f4-b37a-77f84a697e07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:b080::/46

    Signature Algorithm: sha256WithRSAEncryption
         bc:7b:e6:3b:11:c5:1b:21:5c:ee:05:cd:8b:11:58:97:0e:78:
         fc:c9:f7:4d:cb:10:b2:bc:fc:03:03:db:a6:59:93:ec:a5:ce:
         0e:48:7c:bc:26:c4:82:82:f8:73:9e:8e:e9:be:bb:94:52:53:
         fe:c8:90:e4:d6:a5:f5:91:d8:00:62:74:2c:d0:3f:69:92:c5:
         ae:f3:f0:de:0d:aa:38:b1:46:86:d0:d0:f2:72:21:d1:50:bf:
         83:66:ad:b6:e4:73:f5:95:cf:fc:62:d3:37:fd:75:d8:3a:a0:
         aa:14:e4:e2:e1:85:2b:3c:fc:8d:de:1b:13:22:b8:7d:84:e3:
         f7:e5:b7:d2:eb:4e:24:48:98:9d:54:cc:3d:22:34:87:06:94:
         c5:0a:c9:6e:e8:5d:5c:87:80:d1:66:0a:3e:66:4d:8c:1a:14:
         f5:b4:d4:5d:15:52:7a:cc:d7:e7:a9:76:56:f1:76:36:89:44:
         7b:a9:81:12:a6:b3:87:27:7a:71:fe:88:f5:eb:36:61:75:05:
         3d:15:34:0a:6a:35:b5:8a:10:10:75:fa:42:7a:56:bb:06:f7:
         34:4e:70:57:b4:7e:a1:7c:a5:7c:e4:4a:cd:97:25:4b:58:74:
         7c:20:b5:3c:01:09:9b:17:dd:e6:e1:e4:28:30:9e:91:e5:a7:
         5a:23:7e:f1
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIULKWv718Fbehac+KR3tyewmPHzXkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzAxM1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYjA1M2Q3NjU1OWVhY2FhZmQwOGJh
MmUyZDk0N2EzMzhhZDY3YzU2ZWRhNmM3NmZmZWUwNjAzM2IzMWU3MzE4YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5rn+Xpa7GsSkmv0QZeORBAQobxu
NrE8GFkYls4Pj7DnkJRah17ClRCs5z2MWfArXZO+yChc+T0ShW0lH76Snlh2lKar
rbZLsbZrBDWmCRQcSWVNJ2eTfQ+2chjtZiSY52iwWyvDmPp2oueJq+Z/OpXTlhMJ
pX+hJWCgPvfzXrfudb00KfRHHvj6y/YqMIgfEyYfSgJzohv3gFKVEQ7/X0SijHJA
Kw7OaI+v6WymcTASjD9SZ7cbqZSWp1yCX8ToMJIv0KAGIEZ+TBhVUd4D2ED3jTif
w2gtqSANp+FBL26mMoO40kLnFuKaK2OznJyK3QCMOCe+PAQTZtTggx2OPQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFN4dzqiv07FsZ1e7W64enKeVhz6gMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI3YTgwODg4LWY0NDMtNDBmNC1iMzdhLTc3Zjg0YTY5N2UwNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba97CAMA0GCSqGSIb3DQEBCwUAA4IBAQC8e+Y7EcUbIVzuBc2L
EViXDnj8yfdNyxCyvPwDA9umWZPspc4OSHy8JsSCgvhzno7pvruUUlP+yJDk1qX1
kdgAYnQs0D9pksWu8/DeDao4sUaG0NDyciHRUL+DZq225HP1lc/8YtM3/XXYOqCq
FOTi4YUrPPyN3hsTIrh9hOP35bfS604kSJidVMw9IjSHBpTFCslu6F1ch4DRZgo+
Zk2MGhT1tNRdFVJ6zNfnqXZW8XY2iUR7qYESprOHJ3px/oj16zZhdQU9FTQKajW1
ihAQdfpCela7Bvc0TnBXtH6hfKV85ErNlyVLWHR8ILU8AQmbF93m4eQoMJ6R5ada
I37x
-----END CERTIFICATE-----