Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa
File:                     289cedd6-78dc-4ef5-9358-e95987fd7c36.roa (raw, json)
Hash identifier:          rfjTDyf1LHpw0hpBahNj5BLpZiElnjbENS3VsZQM7vQ=
Subject key identifier:   4F:10:71:F7:4F:54:50:E4:02:93:BC:E2:28:B7:6C:36:48:4F:6C:3A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       22FDFA6EA8F7D732CC14D7AB65F37F2708DC7031
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa
Signing time:             Wed 30 Jul 2025 00:50:52 +0000
ROA not before:           Wed 30 Jul 2025 00:50:52 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:2080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:37:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:fd:fa:6e:a8:f7:d7:32:cc:14:d7:ab:65:f3:7f:27:08:dc:70:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:50:52 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=0911aa3c40a2f4a30160d60964bbdde8d2b1a2c3d6f973fbd540b97586da93ec, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:11:1b:77:0f:45:51:45:41:35:16:df:7d:ca:
                    8e:94:74:b7:62:dd:97:12:cb:b7:62:fe:26:d4:22:
                    4c:e8:6d:35:88:64:4f:74:b5:c9:a6:91:7f:42:f5:
                    5b:2a:0a:2a:c7:4f:b5:8a:74:e2:66:6a:94:5a:e1:
                    78:1e:ae:cb:25:29:71:86:e0:f2:6b:86:02:28:5f:
                    da:f4:9c:86:1e:30:64:3b:71:0d:7d:0a:5f:e4:05:
                    3d:72:b0:6a:12:ca:1a:10:21:61:d4:72:8b:83:f5:
                    c8:f2:0c:e5:73:f1:49:7d:0c:5b:cd:0a:93:db:17:
                    78:8b:37:d0:d5:ff:99:c8:f3:53:82:86:f1:65:48:
                    30:85:cc:4d:1e:85:9c:4b:72:13:b7:ec:96:89:47:
                    11:a1:34:1e:0a:cd:24:c6:c6:f6:65:b9:54:56:73:
                    16:e7:6a:3b:52:64:dd:2d:c7:1c:22:7b:cd:67:f5:
                    93:b8:24:09:5f:a3:1f:4f:29:a0:60:7f:dd:e7:95:
                    8e:91:6e:ba:c8:6d:ca:93:d6:63:bd:fb:8a:36:f0:
                    80:d2:20:a1:0d:54:f9:2f:ce:b2:ad:94:9e:3d:71:
                    38:9c:41:8c:5d:c4:7f:63:46:5c:38:d4:86:2f:df:
                    f9:51:64:db:67:cf:d2:c8:1e:c3:e3:05:68:b3:66:
                    7f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:10:71:F7:4F:54:50:E4:02:93:BC:E2:28:B7:6C:36:48:4F:6C:3A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:2080::/46

    Signature Algorithm: sha256WithRSAEncryption
         06:8a:a4:25:cf:53:f2:2d:f7:bf:dc:29:c3:b8:35:1d:0d:4c:
         2c:59:9d:86:dc:e6:86:b0:61:8f:a4:6c:1f:1d:7a:45:02:31:
         77:08:d8:65:4b:3c:fe:67:92:75:fc:11:df:c4:ed:08:93:18:
         95:45:8f:bc:7f:66:d1:ba:5b:fe:15:0a:11:ca:09:e5:bd:08:
         8c:c9:2a:9b:e4:4d:92:ff:52:4b:1b:51:52:ac:b1:6b:aa:c3:
         19:3b:f6:24:c5:03:b8:77:a1:ad:02:86:60:4b:37:b9:39:40:
         be:62:77:03:48:5c:31:03:40:f1:f8:54:a9:92:ea:e8:a3:4e:
         46:ca:d9:d5:f1:40:c6:4b:14:d0:49:cf:90:64:73:a9:da:13:
         de:4d:6d:c8:d5:61:5e:fb:1d:cf:1f:ea:19:24:3c:4e:10:15:
         74:16:10:13:95:09:d4:84:51:94:20:79:53:b5:b7:89:7c:93:
         96:e6:25:20:76:9c:76:45:17:8c:64:6b:ea:65:28:f0:51:62:
         a7:04:de:bb:30:47:bd:72:18:2e:5a:f5:b0:90:8c:23:9f:e2:
         5a:d1:5f:21:9e:4d:ca:2a:b8:4a:62:2b:5c:33:19:40:9c:ce:
         68:08:00:e9:ff:50:2c:b7:13:54:75:7b:44:e5:db:6a:6e:ed:
         31:dc:05:fd
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUIv36bqj31zLMFNerZfN/JwjccDEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTA1MloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMDkxMWFhM2M0MGEyZjRhMzAxNjBk
NjA5NjRiYmRkZThkMmIxYTJjM2Q2Zjk3M2ZiZDU0MGI5NzU4NmRhOTNlYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkREbdw9FUUVBNRbffcqOlHS3Yt2X
Esu3Yv4m1CJM6G01iGRPdLXJppF/QvVbKgoqx0+1inTiZmqUWuF4Hq7LJSlxhuDy
a4YCKF/a9JyGHjBkO3ENfQpf5AU9crBqEsoaECFh1HKLg/XI8gzlc/FJfQxbzQqT
2xd4izfQ1f+ZyPNTgobxZUgwhcxNHoWcS3ITt+yWiUcRoTQeCs0kxsb2ZblUVnMW
52o7UmTdLcccInvNZ/WTuCQJX6MfTymgYH/d55WOkW66yG3Kk9ZjvfuKNvCA0iCh
DVT5L86yrZSePXE4nEGMXcR/Y0ZcONSGL9/5UWTbZ8/SyB7D4wVos2Z/nQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFE8QcfdPVFDkApO84ii3bDZIT2w6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI4OWNlZGQ2LTc4ZGMtNGVmNS05MzU4LWU5NTk4N2ZkN2MzNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+yCAMA0GCSqGSIb3DQEBCwUAA4IBAQAGiqQlz1PyLfe/3CnD
uDUdDUwsWZ2G3OaGsGGPpGwfHXpFAjF3CNhlSzz+Z5J1/BHfxO0IkxiVRY+8f2bR
ulv+FQoRygnlvQiMySqb5E2S/1JLG1FSrLFrqsMZO/YkxQO4d6GtAoZgSze5OUC+
YncDSFwxA0Dx+FSpkuroo05GytnV8UDGSxTQSc+QZHOp2hPeTW3I1WFe+x3PH+oZ
JDxOEBV0FhATlQnUhFGUIHlTtbeJfJOW5iUgdpx2RReMZGvqZSjwUWKnBN67MEe9
chguWvWwkIwjn+Ja0V8hnk3KKrhKYitcMxlAnM5oCADp/1AstxNUdXtE5dtqbu0x
3AX9
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:03:57 2025 by rpki-client