Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3db7215f-3224-4b67-ad00-eef647811243.roa
File:                     3db7215f-3224-4b67-ad00-eef647811243.roa (raw, json)
Hash identifier:          HwpHpKOutYFa5MAbNH950+ZyeJghqieCY00pv9W521k=
Subject key identifier:   F9:DE:3E:60:35:E5:48:70:BF:9B:F5:5D:72:F7:6C:91:87:29:46:C8
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3C87FA7054E9BEB9B35F8F32F875CB79682D6965
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3db7215f-3224-4b67-ad00-eef647811243.roa
Signing time:             Wed 14 May 2025 00:10:18 +0000
ROA not before:           Wed 14 May 2025 00:10:18 +0000
ROA not after:            Wed 18 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:b080::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:53:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:87:fa:70:54:e9:be:b9:b3:5f:8f:32:f8:75:cb:79:68:2d:69:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 14 00:10:18 2025 GMT
            Not After : Jun 18 23:59:59 2025 GMT
        Subject: serialNumber=80b39744d007c86cf0a49ea58b7ef4c9f09934cdad4757a04063996e80633a21, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:8e:56:14:67:77:94:2d:3b:a8:d2:89:7a:17:
                    79:f0:27:3e:81:93:c5:c5:ba:7b:70:3c:b0:3b:b4:
                    b8:7b:22:a8:08:e6:9a:e9:e2:a0:0e:e7:03:9a:88:
                    a1:5f:c5:13:70:ba:14:4f:03:0a:42:29:37:00:7a:
                    62:84:2e:ea:f8:f5:c9:c5:b6:6f:49:6e:3f:ab:c7:
                    2b:6f:04:b0:03:82:69:04:c4:23:f1:9e:e4:27:48:
                    17:06:4e:4e:d9:ea:bc:df:40:6f:b5:8a:4b:be:ea:
                    c6:a3:6f:4e:84:48:6d:2f:a4:1b:71:ce:da:ab:93:
                    75:19:a2:41:d7:75:af:a7:59:fe:70:1e:1c:e1:6c:
                    25:f4:30:57:40:86:14:3c:f0:1d:87:ae:c9:2f:97:
                    91:4b:06:c1:e3:e7:5e:1c:fd:bb:19:be:9e:06:8f:
                    a3:6c:5e:b6:c5:d7:93:07:ae:72:81:46:f7:65:69:
                    6a:b3:4c:8e:09:0a:88:89:c8:13:32:58:ee:00:74:
                    a8:a0:a9:83:89:ff:77:8c:2d:e3:d4:a6:ce:d1:7a:
                    9c:cc:a9:77:62:b2:14:e5:bb:24:32:81:96:23:75:
                    57:f0:ef:bc:79:29:cd:1e:6c:d3:70:ee:b6:af:da:
                    e3:c2:d2:35:c6:95:99:b4:89:5c:9a:ab:31:8b:51:
                    7c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:DE:3E:60:35:E5:48:70:BF:9B:F5:5D:72:F7:6C:91:87:29:46:C8
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3db7215f-3224-4b67-ad00-eef647811243.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:b080::/48

    Signature Algorithm: sha256WithRSAEncryption
         50:ee:4e:50:d6:9e:61:ab:a7:74:66:43:83:1d:9a:c4:f0:1c:
         30:f2:5d:76:b2:40:b8:50:a0:37:b4:cc:3c:56:98:b7:0a:a8:
         d8:b0:c4:4d:9f:ec:b2:17:3f:ef:e4:52:f6:80:94:a1:2e:a7:
         ff:04:ca:22:07:ac:27:4f:2c:23:cd:1c:b9:38:8d:01:4a:60:
         d3:87:29:f2:ca:82:3b:89:fa:7e:61:4e:02:69:f0:8b:20:3c:
         e3:bb:c7:85:80:70:22:44:83:b9:48:c3:ca:47:0f:36:60:3f:
         e3:fb:f1:3a:b7:7b:8e:f5:ad:de:69:4f:e6:7c:7c:0c:ee:af:
         38:73:ec:0e:9b:09:4e:0e:77:35:92:e9:82:87:a9:1f:21:b9:
         62:ba:55:c4:ff:a3:8f:c5:a1:a4:94:0a:c8:69:3c:a0:1c:17:
         38:91:28:d5:6c:c5:7e:40:99:f5:13:1f:73:c0:0d:27:52:63:
         16:b2:6c:b0:0c:c8:c2:e8:93:cc:6e:d5:f7:cc:39:b6:00:90:
         a8:6a:1d:04:2c:c3:23:8d:dd:b3:7b:f0:6c:b1:a2:e4:30:a9:
         c1:ab:97:58:3b:49:10:86:d9:83:da:f9:ab:28:14:7b:ff:69:
         cb:73:98:bc:d9:92:15:5b:55:b9:90:f6:09:3b:12:55:a4:52:
         dc:5c:18:d7
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUPIf6cFTpvrmzX48y+HXLeWgtaWUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMTAxOFoX
DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAODBiMzk3NDRkMDA3Yzg2Y2YwYTQ5
ZWE1OGI3ZWY0YzlmMDk5MzRjZGFkNDc1N2EwNDA2Mzk5NmU4MDYzM2EyMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno5WFGd3lC07qNKJehd58Cc+gZPF
xbp7cDywO7S4eyKoCOaa6eKgDucDmoihX8UTcLoUTwMKQik3AHpihC7q+PXJxbZv
SW4/q8crbwSwA4JpBMQj8Z7kJ0gXBk5O2eq830BvtYpLvurGo29OhEhtL6Qbcc7a
q5N1GaJB13Wvp1n+cB4c4Wwl9DBXQIYUPPAdh67JL5eRSwbB4+deHP27Gb6eBo+j
bF62xdeTB65ygUb3ZWlqs0yOCQqIicgTMljuAHSooKmDif93jC3j1KbO0XqczKl3
YrIU5bskMoGWI3VX8O+8eSnNHmzTcO62r9rjwtI1xpWZtIlcmqsxi1F83QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPnePmA15Uhwv5v1XXL3bJGHKUbIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNkYjcyMTVmLTMyMjQtNGI2Ny1hZDAwLWVlZjY0NzgxMTI0My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9LCAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ7k5Q1p5hq6d0ZkOD
HZrE8Bww8l12skC4UKA3tMw8Vpi3CqjYsMRNn+yyFz/v5FL2gJShLqf/BMoiB6wn
TywjzRy5OI0BSmDThynyyoI7ifp+YU4CafCLIDzju8eFgHAiRIO5SMPKRw82YD/j
+/E6t3uO9a3eaU/mfHwM7q84c+wOmwlODnc1kumCh6kfIbliulXE/6OPxaGklArI
aTygHBc4kSjVbMV+QJn1Ex9zwA0nUmMWsmywDMjC6JPMbtX3zDm2AJCoah0ELMMj
jd2ze/BssaLkMKnBq5dYO0kQhtmD2vmrKBR7/2nLc5i82ZIVW1W5kPYJOxJVpFLc
XBjX
-----END CERTIFICATE-----