Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/44d45390-c4cb-45b7-a2d0-183f37c05776.roa
File:                     44d45390-c4cb-45b7-a2d0-183f37c05776.roa (raw, json)
Hash identifier:          B4EuB8smmzD6KlJbLrv9rSVR3XBvAk0opjHsHMPcnQU=
Subject key identifier:   22:DA:84:55:BD:EF:5C:C2:E7:4D:D8:38:CC:1D:80:72:F2:86:DB:3B
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       2DC2EF45CB3248FB243574ECAAF4D346E9940EB3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/44d45390-c4cb-45b7-a2d0-183f37c05776.roa
Signing time:             Wed 30 Jul 2025 00:20:15 +0000
ROA not before:           Wed 30 Jul 2025 00:20:15 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:c840::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:52:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:c2:ef:45:cb:32:48:fb:24:35:74:ec:aa:f4:d3:46:e9:94:0e:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:20:15 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=cb89da389b807f1dfb86ec62222a37e61c2b0fb58c6ad6e2bc5c4e9b685d66c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:3a:65:52:16:05:b9:c1:3a:f6:9c:b5:71:d3:
                    af:90:e9:26:93:c9:c3:00:45:23:18:cb:e2:68:6b:
                    12:2b:be:a8:1d:9b:ec:34:c7:92:7b:b9:3f:f9:08:
                    a5:3a:2b:91:27:5f:0e:93:6b:ce:e6:c3:2f:de:4a:
                    03:ba:aa:b2:0d:cb:f5:7b:dd:85:fe:3b:e2:97:64:
                    18:c1:28:e2:d9:73:8c:20:8c:ce:d6:d1:6b:8f:96:
                    13:c4:b8:dc:6f:60:45:f6:51:2f:01:39:3d:5d:f0:
                    5a:4e:7f:22:1e:8c:26:19:c9:4b:84:6a:1c:bb:57:
                    b7:cb:46:25:4e:dd:e4:af:85:a1:2a:8e:d5:c8:70:
                    ee:3f:74:97:29:e8:9d:90:1c:93:fe:fa:41:91:01:
                    2b:78:a3:b3:5e:a1:63:90:8c:fb:a3:c6:44:d2:09:
                    54:a7:64:22:f5:e3:13:41:83:7a:4e:8f:a0:cf:57:
                    41:e2:c9:d8:2b:46:f2:2b:1d:ed:13:f4:97:a2:93:
                    32:8d:2d:ec:69:ae:47:42:66:ea:8f:ba:69:d7:f4:
                    a4:66:5b:06:79:50:fa:d7:30:79:76:74:34:7b:a8:
                    74:2f:59:bb:aa:9b:04:ce:30:af:80:c4:a0:b9:79:
                    24:f9:7c:76:4c:ff:24:1e:4c:af:33:13:af:0d:16:
                    ae:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:DA:84:55:BD:EF:5C:C2:E7:4D:D8:38:CC:1D:80:72:F2:86:DB:3B
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/44d45390-c4cb-45b7-a2d0-183f37c05776.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:c840::/46

    Signature Algorithm: sha256WithRSAEncryption
         12:40:67:21:f3:6d:05:bf:36:ee:11:1d:8e:e7:66:c2:97:8b:
         f8:ff:00:07:06:33:bc:1f:bf:22:2c:a8:7b:0b:b7:c9:f4:e7:
         1f:b7:0c:21:92:4e:53:72:f2:61:1b:ce:69:2c:12:8f:cd:f8:
         4b:bf:6c:be:b9:fd:7c:5f:0d:e7:ac:3a:41:17:08:cf:ed:9c:
         de:c6:d3:2f:ae:34:ca:7f:34:c9:12:6f:df:22:7b:f8:83:bc:
         15:39:c0:5d:4b:8b:9d:87:82:2b:42:69:29:87:f0:2a:dd:6d:
         ce:81:e9:aa:89:6d:48:89:b7:02:ad:65:87:38:48:cf:f7:cd:
         cd:e1:e3:1f:31:5c:36:61:f2:9e:7d:8b:ac:10:6e:c0:8a:17:
         8f:e9:ed:63:4e:27:1f:e6:93:dd:95:be:84:93:cc:d0:1d:19:
         1b:bb:cb:ed:fc:1a:33:3f:31:28:d4:5a:05:db:05:4f:5a:bc:
         ad:89:ed:55:11:73:4c:b5:35:25:17:48:89:b2:32:ad:1a:a8:
         8a:8a:08:52:b6:bf:e3:cf:53:6e:92:cb:20:d3:82:41:3b:86:
         41:56:19:3d:1f:dd:69:8d:96:bc:b6:5a:13:c8:2e:19:f8:29:
         51:b4:9d:1c:48:93:85:e8:28:7f:3f:b3:06:00:65:6a:b1:47:
         87:91:81:24
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIULcLvRcsySPskNXTsqvTTRumUDrMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjAxNVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAY2I4OWRhMzg5YjgwN2YxZGZiODZl
YzYyMjIyYTM3ZTYxYzJiMGZiNThjNmFkNmUyYmM1YzRlOWI2ODVkNjZjNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9TplUhYFucE69py1cdOvkOkmk8nD
AEUjGMviaGsSK76oHZvsNMeSe7k/+QilOiuRJ18Ok2vO5sMv3koDuqqyDcv1e92F
/jvil2QYwSji2XOMIIzO1tFrj5YTxLjcb2BF9lEvATk9XfBaTn8iHowmGclLhGoc
u1e3y0YlTt3kr4WhKo7VyHDuP3SXKeidkByT/vpBkQEreKOzXqFjkIz7o8ZE0glU
p2Qi9eMTQYN6To+gz1dB4snYK0byKx3tE/SXopMyjS3saa5HQmbqj7pp1/SkZlsG
eVD61zB5dnQ0e6h0L1m7qpsEzjCvgMSguXkk+Xx2TP8kHkyvMxOvDRau7QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCLahFW971zC503YOMwdgHLyhts7MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQ0ZDQ1MzkwLWM0Y2ItNDViNy1hMmQwLTE4M2YzN2MwNTc3Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+8hAMA0GCSqGSIb3DQEBCwUAA4IBAQASQGch820FvzbuER2O
52bCl4v4/wAHBjO8H78iLKh7C7fJ9Ocftwwhkk5TcvJhG85pLBKPzfhLv2y+uf18
Xw3nrDpBFwjP7ZzextMvrjTKfzTJEm/fInv4g7wVOcBdS4udh4IrQmkph/Aq3W3O
gemqiW1IibcCrWWHOEjP983N4eMfMVw2YfKefYusEG7AiheP6e1jTicf5pPdlb6E
k8zQHRkbu8vt/BozPzEo1FoF2wVPWrytie1VEXNMtTUlF0iJsjKtGqiKighStr/j
z1Nukssg04JBO4ZBVhk9H91pjZa8tloTyC4Z+ClRtJ0cSJOF6Ch/P7MGAGVqsUeH
kYEk
-----END CERTIFICATE-----