Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/48aa80ac-6a51-4a77-ba96-8b86fa2e67a3.roa
File:                     48aa80ac-6a51-4a77-ba96-8b86fa2e67a3.roa (raw, json)
Hash identifier:          TIXxCFr7x4idcj8DubcHSduTmkwY0oYCHddapkAmUeM=
Subject key identifier:   C9:B6:ED:AA:32:50:8A:C7:69:23:47:12:DD:AD:B4:48:C7:B2:FA:33
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       78182AD7F3527BB9D658D65C7774DE0C1B0786D9
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/48aa80ac-6a51-4a77-ba96-8b86fa2e67a3.roa
Signing time:             Wed 30 Jul 2025 00:31:00 +0000
ROA not before:           Wed 30 Jul 2025 00:31:00 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:9080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:38:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:18:2a:d7:f3:52:7b:b9:d6:58:d6:5c:77:74:de:0c:1b:07:86:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:31:00 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=ced69d73f220f8b0e9cfde2402ccc86a61fe3171f492b0a11161032d2f90b22f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5b:a4:c3:20:17:1b:05:e7:4a:38:a0:f9:65:
                    68:e1:1d:ab:22:54:6e:45:f7:fe:3d:6e:ef:43:fc:
                    36:59:ec:6c:07:a8:73:69:2a:77:94:c9:58:e7:db:
                    92:86:fc:e7:54:26:81:71:48:55:da:6d:07:25:b9:
                    b6:89:f6:ef:d5:43:ca:21:32:8a:15:cf:56:b1:a6:
                    fd:2b:08:bb:6d:d8:94:8f:ac:ab:f6:61:9c:2f:ff:
                    00:b5:69:61:34:5b:0b:c5:2e:c1:1a:fc:69:ae:d5:
                    c7:f8:2d:fa:79:b5:d4:a2:1d:81:4b:69:e2:42:d4:
                    d4:cf:17:e6:04:1e:6a:00:a7:d6:72:12:82:1f:4b:
                    4d:47:ab:2c:e6:c3:0b:db:c8:41:24:ef:53:a2:bf:
                    dd:d2:a4:8d:d0:26:57:cf:d2:65:27:7a:5a:c7:33:
                    2c:52:fe:50:cd:be:57:e1:73:8c:e6:64:0b:28:b9:
                    42:32:55:ac:44:75:f4:bd:35:dd:92:a8:83:b5:3b:
                    a9:47:24:ee:14:76:1b:e0:c0:d5:70:7b:72:b1:60:
                    04:52:85:c6:35:d2:87:5d:7a:5b:09:54:ef:83:a3:
                    f7:cf:59:ac:dd:bf:40:a8:4f:cb:15:40:05:03:31:
                    d2:fb:ed:ac:83:f6:1c:bf:2c:50:9e:ee:66:fc:1d:
                    cc:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:B6:ED:AA:32:50:8A:C7:69:23:47:12:DD:AD:B4:48:C7:B2:FA:33
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/48aa80ac-6a51-4a77-ba96-8b86fa2e67a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:9080::/46

    Signature Algorithm: sha256WithRSAEncryption
         b8:61:a6:4c:d8:74:bb:60:56:4f:b8:19:7b:0e:2c:13:7e:8b:
         fb:31:c8:d2:eb:51:60:02:cd:c4:45:37:9b:e3:27:88:5e:7b:
         e8:13:0b:c3:75:74:6c:42:5f:ae:2d:82:be:b1:fc:af:d9:b3:
         b8:f7:f8:a6:1d:ce:be:c8:86:01:21:88:b8:45:12:24:f2:14:
         97:e0:57:a3:46:b2:be:4b:1f:9a:93:b4:c3:be:75:ff:0a:25:
         b1:2d:89:01:08:8f:c2:34:b5:a5:9c:16:91:39:6a:44:3c:ea:
         93:3f:6f:3a:33:61:02:9f:89:50:8a:ea:24:0b:6f:c4:b2:01:
         bc:f5:5f:4b:4f:cf:7a:a6:90:44:1a:89:20:a7:66:d4:53:c2:
         0f:99:11:08:01:d5:e6:06:a3:b4:e9:f0:b8:b5:dc:a8:c2:1d:
         fc:d8:17:c8:29:ae:4b:c3:95:32:54:a6:55:9d:78:4b:92:7a:
         15:c0:2d:0a:6b:4b:10:b2:b5:5c:33:84:2a:1d:b1:4f:0e:55:
         64:3b:c2:97:fc:0c:60:d4:32:16:21:06:cc:d2:17:dd:4b:03:
         78:2f:6b:72:3d:2e:28:c0:56:f5:d2:ab:45:d2:aa:2e:f0:f7:
         81:f5:f7:db:a7:0a:d3:9c:45:c5:07:5c:74:6d:22:5c:e5:0b:
         ee:6b:eb:2d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUeBgq1/NSe7nWWNZcd3TeDBsHhtkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzEwMFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAY2VkNjlkNzNmMjIwZjhiMGU5Y2Zk
ZTI0MDJjY2M4NmE2MWZlMzE3MWY0OTJiMGExMTE2MTAzMmQyZjkwYjIyZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1ukwyAXGwXnSjig+WVo4R2rIlRu
Rff+PW7vQ/w2WexsB6hzaSp3lMlY59uShvznVCaBcUhV2m0HJbm2ifbv1UPKITKK
Fc9Wsab9Kwi7bdiUj6yr9mGcL/8AtWlhNFsLxS7BGvxprtXH+C36ebXUoh2BS2ni
QtTUzxfmBB5qAKfWchKCH0tNR6ss5sML28hBJO9Tor/d0qSN0CZXz9JlJ3paxzMs
Uv5Qzb5X4XOM5mQLKLlCMlWsRHX0vTXdkqiDtTupRyTuFHYb4MDVcHtysWAEUoXG
NdKHXXpbCVTvg6P3z1ms3b9AqE/LFUAFAzHS++2sg/YcvyxQnu5m/B3MmwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMm27aoyUIrHaSNHEt2ttEjHsvozMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQ4YWE4MGFjLTZhNTEtNGE3Ny1iYTk2LThiODZmYTJlNjdhMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+5CAMA0GCSqGSIb3DQEBCwUAA4IBAQC4YaZM2HS7YFZPuBl7
DiwTfov7McjS61FgAs3ERTeb4yeIXnvoEwvDdXRsQl+uLYK+sfyv2bO49/imHc6+
yIYBIYi4RRIk8hSX4FejRrK+Sx+ak7TDvnX/CiWxLYkBCI/CNLWlnBaROWpEPOqT
P286M2ECn4lQiuokC2/EsgG89V9LT896ppBEGokgp2bUU8IPmREIAdXmBqO06fC4
tdyowh382BfIKa5Lw5UyVKZVnXhLknoVwC0Ka0sQsrVcM4QqHbFPDlVkO8KX/Axg
1DIWIQbM0hfdSwN4L2tyPS4owFb10qtF0qou8PeB9ffbpwrTnEXFB1x0bSJc5Qvu
a+st
-----END CERTIFICATE-----