Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa
File:                     3aaa4e98-35e7-4700-aa65-013387f5feae.roa (raw, json)
Hash identifier:          s2i9B05D4QwMzpq0KWlbyGZY4Zd5532GN2iwYCA+WlI=
Subject key identifier:   42:17:0B:24:AC:6F:58:AE:80:61:E0:FB:DE:04:D5:49:09:4D:73:CD
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6292C28063EE6A39027ECB1D4DAC7E48C4CF8484
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa
Signing time:             Wed 30 Jul 2025 00:50:21 +0000
ROA not before:           Wed 30 Jul 2025 00:50:21 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:b000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 17:52:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:92:c2:80:63:ee:6a:39:02:7e:cb:1d:4d:ac:7e:48:c4:cf:84:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:50:21 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=eec3fdf81b674237319c2ee5fe387f4552bd3be16fdb495323dc763978714dfe, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e2:94:70:15:3e:8e:14:dd:7b:84:9c:e4:e0:
                    e1:b9:6c:ba:42:23:66:63:80:2f:16:7e:f8:8c:9c:
                    f9:cc:89:30:84:01:fd:3c:a3:cb:fc:01:fe:db:87:
                    cd:0f:bf:70:06:11:c9:08:0a:a5:0f:bc:9b:27:45:
                    f9:1d:54:92:9b:82:7c:54:9e:03:f2:53:ec:5c:35:
                    db:65:8d:84:c8:52:a0:93:7c:2a:af:a4:7c:91:6f:
                    9d:54:89:c3:52:f0:d9:b4:43:1b:9a:fd:eb:6e:7c:
                    3a:d7:9b:22:2f:7a:cd:93:4e:6a:32:c3:b1:ec:2b:
                    c8:d9:23:ae:b1:0a:a1:fa:69:48:02:fa:6c:b4:b2:
                    b5:b4:80:7c:01:1f:45:67:ea:92:62:f7:53:cf:3e:
                    d8:56:78:bf:59:26:37:61:45:8e:41:17:2a:31:33:
                    d1:61:8a:dc:ac:49:f9:f5:f0:05:0f:88:f3:97:2b:
                    e4:9b:13:bd:c5:c2:62:fc:fb:12:3a:59:e5:fa:ed:
                    ce:2c:ac:b6:c6:20:dd:76:3b:b5:b2:49:aa:4b:3a:
                    3d:f8:4e:15:1e:e4:5a:ee:a8:64:2f:7a:e5:c2:4e:
                    44:6b:06:66:2a:64:65:02:a2:6b:a3:8c:6e:2f:d3:
                    1c:9e:9a:b1:80:63:7d:5f:e3:1d:24:81:96:6c:fa:
                    25:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:17:0B:24:AC:6F:58:AE:80:61:E0:FB:DE:04:D5:49:09:4D:73:CD
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:b000::/40

    Signature Algorithm: sha256WithRSAEncryption
         54:e7:fa:a4:e7:13:43:ba:9f:0f:85:60:e3:12:3d:7f:69:8e:
         e1:08:04:d5:a5:78:54:3f:bd:96:a3:f1:55:29:76:87:bb:bf:
         12:9c:40:7a:7c:30:f1:51:f4:86:75:b8:1d:18:43:29:64:77:
         0c:57:a7:71:25:98:5e:20:eb:6c:8e:1a:fa:14:83:0e:e1:c0:
         d5:75:ac:ac:bf:fd:a6:40:d2:4d:fa:de:fb:a2:da:8b:61:05:
         a8:25:49:c3:5c:29:88:7f:84:7c:00:a4:78:34:14:e5:cc:9a:
         ba:72:43:84:d1:14:fc:be:38:f3:bf:a9:d0:ad:a4:32:70:d1:
         7d:64:53:cc:44:de:5b:d4:ef:74:7e:83:f1:6c:2b:2d:8b:13:
         25:de:d9:03:2f:a4:e7:03:da:7d:d8:06:e6:f3:86:62:de:34:
         94:04:57:18:c2:cd:01:19:c0:dc:04:9d:bb:5b:d2:1f:d8:87:
         56:c2:31:dd:c9:b9:63:1e:3d:ba:9b:c8:4d:d5:ad:dd:f0:bb:
         ad:2c:65:f9:4a:30:8b:1d:dd:2c:96:f3:8b:c7:31:4a:46:bb:
         be:6d:d5:9b:c9:a8:ee:30:1a:bf:0b:69:9f:ac:56:6e:cf:dd:
         2f:a2:1e:42:0f:c6:6f:ab:38:c6:8b:08:b8:13:dc:ef:4c:b5:
         ee:12:f2:a4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYpLCgGPuajkCfssdTax+SMTPhIQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTAyMVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZWVjM2ZkZjgxYjY3NDIzNzMxOWMy
ZWU1ZmUzODdmNDU1MmJkM2JlMTZmZGI0OTUzMjNkYzc2Mzk3ODcxNGRmZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOKUcBU+jhTde4Sc5ODhuWy6QiNm
Y4AvFn74jJz5zIkwhAH9PKPL/AH+24fND79wBhHJCAqlD7ybJ0X5HVSSm4J8VJ4D
8lPsXDXbZY2EyFKgk3wqr6R8kW+dVInDUvDZtEMbmv3rbnw615siL3rNk05qMsOx
7CvI2SOusQqh+mlIAvpstLK1tIB8AR9FZ+qSYvdTzz7YVni/WSY3YUWOQRcqMTPR
YYrcrEn59fAFD4jzlyvkmxO9xcJi/PsSOlnl+u3OLKy2xiDddju1skmqSzo9+E4V
HuRa7qhkL3rlwk5EawZmKmRlAqJro4xuL9McnpqxgGN9X+MdJIGWbPol9wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEIXCySsb1iugGHg+94E1UkJTXPNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNhYWE0ZTk4LTM1ZTctNDcwMC1hYTY1LTAxMzM4N2Y1ZmVhZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+7AwDQYJKoZIhvcNAQELBQADggEBAFTn+qTnE0O6nw+FYOMS
PX9pjuEIBNWleFQ/vZaj8VUpdoe7vxKcQHp8MPFR9IZ1uB0YQylkdwxXp3ElmF4g
62yOGvoUgw7hwNV1rKy//aZA0k363vui2othBaglScNcKYh/hHwApHg0FOXMmrpy
Q4TRFPy+OPO/qdCtpDJw0X1kU8xE3lvU73R+g/FsKy2LEyXe2QMvpOcD2n3YBubz
hmLeNJQEVxjCzQEZwNwEnbtb0h/Yh1bCMd3JuWMePbqbyE3Vrd3wu60sZflKMIsd
3SyW84vHMUpGu75t1ZvJqO4wGr8LaZ+sVm7P3S+iHkIPxm+rOMaLCLgT3O9Mte4S
8qQ=
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:03:59 2025 by rpki-client