Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46a9243f-83f1-42ec-bf8b-cbcd0e65fe25.roa
File:                     46a9243f-83f1-42ec-bf8b-cbcd0e65fe25.roa (raw, json)
Hash identifier:          uDRjH+BRrFKdCMhq0v2T/LhDcIPte2+mP/IPzbC+hr8=
Subject key identifier:   8E:E9:59:F1:58:F6:10:49:B3:91:A8:5C:D0:3B:C3:E4:79:D8:F6:8E
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1E13A62436AA57B32DC3C5558A2BB953F3EE58D3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46a9243f-83f1-42ec-bf8b-cbcd0e65fe25.roa
Signing time:             Wed 30 Jul 2025 00:31:09 +0000
ROA not before:           Wed 30 Jul 2025 00:31:09 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:8c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:38:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:13:a6:24:36:aa:57:b3:2d:c3:c5:55:8a:2b:b9:53:f3:ee:58:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:31:09 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=0df2c67879a7166310d27c6e787a8c8e037878c60cdc3274934e5ee56b132f38, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:84:d7:2e:9f:fb:5a:21:ce:15:ec:2c:1b:74:
                    ad:fa:1d:6c:09:db:ec:16:81:f6:8e:11:7e:04:0f:
                    a3:2b:74:cc:5a:2e:b7:9b:7c:5f:43:ec:0a:be:c4:
                    9b:70:76:1f:bf:fb:95:96:16:6e:a6:bb:27:5f:b6:
                    e8:26:d0:bb:1b:82:f2:fe:27:44:78:37:6b:e4:23:
                    f0:29:cd:f5:ec:d6:ec:54:e5:c7:b8:73:70:c0:bc:
                    3b:87:5b:45:98:62:ec:9c:45:55:d9:87:8a:dc:00:
                    d3:0e:6c:61:da:4b:fd:9f:cb:14:cc:66:b2:1d:db:
                    8c:39:b0:0c:7b:45:f0:fc:29:6f:0c:49:e9:78:3f:
                    49:f4:fe:43:2c:d8:c4:72:2a:44:01:f5:c0:a1:ee:
                    23:56:a9:95:ab:e1:fe:5a:54:e4:b3:af:54:02:99:
                    09:ec:a2:70:dc:d2:f2:50:be:95:14:e4:ce:3b:f7:
                    fa:aa:77:de:1d:02:08:8f:56:f1:50:d2:79:02:22:
                    95:e1:bb:74:a3:73:a2:d0:1b:7a:2d:98:0b:be:76:
                    b8:ab:67:91:d2:0e:b9:29:06:59:a2:07:23:cf:a6:
                    fe:ea:f9:21:15:a2:f1:4a:d2:fe:e2:29:fb:74:ab:
                    00:ae:09:ad:a6:c7:77:61:62:43:97:ee:d8:92:09:
                    7d:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:E9:59:F1:58:F6:10:49:B3:91:A8:5C:D0:3B:C3:E4:79:D8:F6:8E
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46a9243f-83f1-42ec-bf8b-cbcd0e65fe25.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:8c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         36:63:27:7b:53:30:9d:9e:54:10:62:20:30:a9:65:ef:8f:40:
         0e:4f:0a:45:aa:7d:da:72:35:ad:4c:6a:b4:95:33:58:19:c9:
         ec:85:20:b3:86:fc:e1:0b:c0:9c:ce:c3:b6:8e:04:2e:71:83:
         ed:e9:56:90:76:dc:7d:b2:1a:c9:a6:af:32:99:dd:fc:e1:7d:
         81:1d:a6:ac:82:0d:dc:e3:3c:25:96:50:50:c1:ca:89:84:f1:
         55:ab:ed:1a:1f:3d:ab:a9:00:88:78:f5:37:16:48:32:7f:f2:
         fe:89:27:c7:b5:f1:ea:bc:f2:cc:2f:64:99:ce:1c:5b:c7:d8:
         41:da:1d:e0:fc:bb:a6:74:36:6b:5e:df:af:ec:57:26:44:b3:
         4e:f2:0c:13:2a:49:d6:37:55:b3:4a:26:e2:65:9b:89:3d:5a:
         bc:56:7d:e5:31:cb:32:cf:13:7b:49:42:db:ce:c0:74:41:0b:
         03:4e:8a:43:35:64:5e:f7:be:e6:d4:26:7c:85:fe:59:6d:f1:
         a0:64:a7:cf:85:a2:da:53:51:31:b9:42:31:85:db:69:00:fc:
         6e:57:7d:ee:6c:a6:fe:f6:09:3f:42:7b:6d:a4:1e:8f:9a:a4:
         52:b5:dc:31:86:7f:7d:7d:92:59:66:dc:59:55:fb:11:48:49:
         b1:2f:f3:9f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUHhOmJDaqV7Mtw8VViiu5U/PuWNMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzEwOVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMGRmMmM2Nzg3OWE3MTY2MzEwZDI3
YzZlNzg3YThjOGUwMzc4NzhjNjBjZGMzMjc0OTM0ZTVlZTU2YjEzMmYzODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4TXLp/7WiHOFewsG3St+h1sCdvs
FoH2jhF+BA+jK3TMWi63m3xfQ+wKvsSbcHYfv/uVlhZuprsnX7boJtC7G4Ly/idE
eDdr5CPwKc317NbsVOXHuHNwwLw7h1tFmGLsnEVV2YeK3ADTDmxh2kv9n8sUzGay
HduMObAMe0Xw/ClvDEnpeD9J9P5DLNjEcipEAfXAoe4jVqmVq+H+WlTks69UApkJ
7KJw3NLyUL6VFOTOO/f6qnfeHQIIj1bxUNJ5AiKV4bt0o3Oi0Bt6LZgLvna4q2eR
0g65KQZZogcjz6b+6vkhFaLxStL+4in7dKsArgmtpsd3YWJDl+7Ykgl9nQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFI7pWfFY9hBJs5GoXNA7w+R52PaOMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQ2YTkyNDNmLTgzZjEtNDJlYy1iZjhiLWNiY2QwZTY1ZmUyNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+wjAMA0GCSqGSIb3DQEBCwUAA4IBAQA2Yyd7UzCdnlQQYiAw
qWXvj0AOTwpFqn3acjWtTGq0lTNYGcnshSCzhvzhC8CczsO2jgQucYPt6VaQdtx9
shrJpq8ymd384X2BHaasgg3c4zwlllBQwcqJhPFVq+0aHz2rqQCIePU3Fkgyf/L+
iSfHtfHqvPLML2SZzhxbx9hB2h3g/LumdDZrXt+v7FcmRLNO8gwTKknWN1WzSibi
ZZuJPVq8Vn3lMcsyzxN7SULbzsB0QQsDTopDNWRe977m1CZ8hf5ZbfGgZKfPhaLa
U1ExuUIxhdtpAPxuV33ubKb+9gk/QnttpB6PmqRStdwxhn99fZJZZtxZVfsRSEmx
L/Of
-----END CERTIFICATE-----