Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e86a4a5-9f79-4fc2-890b-5e75f679f2ec.roa
File:                     4e86a4a5-9f79-4fc2-890b-5e75f679f2ec.roa (raw, json)
Hash identifier:          ALjVIasQZlzRzCCKom9wIwMYNVcpzJ2AaetXAp1xHWs=
Subject key identifier:   A2:19:32:8C:E6:84:6C:17:29:D0:AC:82:99:43:E5:4E:F3:A3:B6:6B
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6484BBA4F904971A866D0FE49802218AF97EEAA4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e86a4a5-9f79-4fc2-890b-5e75f679f2ec.roa
Signing time:             Wed 30 Jul 2025 00:40:08 +0000
ROA not before:           Wed 30 Jul 2025 00:40:08 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:f040::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:08:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:84:bb:a4:f9:04:97:1a:86:6d:0f:e4:98:02:21:8a:f9:7e:ea:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:40:08 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=666b45c336b61ec2f6f9522353696213bba7e5c2a0ea3a23595f35e8226f6507, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:17:5d:32:fc:83:e3:07:c4:ef:da:68:5b:33:
                    10:59:11:c0:90:2b:b2:7a:89:4b:ed:88:5c:19:aa:
                    14:1d:a7:d4:72:6a:ff:b8:a7:0e:07:65:60:0e:82:
                    49:9d:37:85:18:bd:00:c7:a7:17:0a:2b:60:ed:84:
                    03:9b:5f:b0:22:0b:6b:9f:de:fa:9b:c3:e0:f7:24:
                    23:6b:91:94:2a:85:53:ab:da:eb:25:c3:ab:20:68:
                    41:a5:e2:91:43:e7:14:9e:ce:31:a5:b9:6f:bf:cb:
                    cb:8e:c3:e2:f2:48:eb:ee:a4:53:e0:dd:11:ee:dc:
                    df:e0:b7:17:e5:33:15:83:11:e5:aa:b4:8d:3a:73:
                    ab:53:5d:d7:00:9d:3c:21:70:80:cb:58:1d:25:c0:
                    1b:1f:05:fa:8b:a9:e1:d1:3c:a9:38:ae:de:d7:85:
                    e3:d3:ec:f2:16:23:77:34:66:57:7a:03:f5:17:ff:
                    94:14:d9:0b:53:4a:57:d5:db:0a:7e:6e:14:0c:65:
                    80:f9:a4:38:d8:93:92:9e:55:8d:07:ad:c8:42:60:
                    7a:47:0a:f4:03:94:36:85:f9:6a:17:a0:50:e1:d1:
                    6c:67:d4:a9:6c:c2:64:d7:d9:e4:62:54:a9:80:ec:
                    50:b1:03:bd:b5:fc:a2:f1:83:b0:0b:01:d8:41:e2:
                    9d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:19:32:8C:E6:84:6C:17:29:D0:AC:82:99:43:E5:4E:F3:A3:B6:6B
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e86a4a5-9f79-4fc2-890b-5e75f679f2ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:f040::/46

    Signature Algorithm: sha256WithRSAEncryption
         b0:a1:09:a8:40:8f:e8:41:b2:ea:d7:fe:6f:11:df:b4:86:4e:
         59:1f:63:2b:98:93:02:28:7b:89:20:a2:83:36:13:9e:2c:72:
         9f:4f:43:e8:17:19:39:0c:6b:0a:d3:79:f6:c8:71:35:ed:d2:
         f7:2c:4f:7e:f4:9e:af:57:01:46:08:2c:f9:5e:6d:13:98:47:
         2a:2d:66:a8:1b:d3:a7:9d:6d:24:62:21:82:90:b7:e8:72:31:
         4e:7e:18:de:17:da:e7:92:29:51:68:32:e4:94:d3:2c:a5:6c:
         cc:78:f9:a9:61:74:03:8a:a8:b3:9c:c5:fd:0b:e4:a6:b3:6e:
         d7:3e:64:c3:41:e8:2f:98:c0:5c:e8:b9:ea:c0:a8:e8:fc:45:
         00:84:4b:6b:fb:c1:0e:f6:15:ea:5d:a6:2f:d6:2e:ba:5e:6d:
         72:f5:fc:be:90:a5:72:d3:4e:31:9c:02:34:0d:e9:96:b7:25:
         d0:7f:f9:72:2d:ef:fa:c9:4b:ac:9b:44:01:3a:ab:bf:cd:44:
         01:63:52:d7:ee:9b:76:8c:12:03:35:ce:7c:aa:50:5c:67:93:
         d9:12:33:7e:05:ed:cf:4f:79:0c:d0:fd:c3:db:32:9b:47:2a:
         ae:26:48:de:fd:86:e4:40:d2:d6:2a:2e:e4:72:20:d9:a2:45:
         0a:1d:d8:80
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUZIS7pPkElxqGbQ/kmAIhivl+6qQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDAwOFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANjY2YjQ1YzMzNmI2MWVjMmY2Zjk1
MjIzNTM2OTYyMTNiYmE3ZTVjMmEwZWEzYTIzNTk1ZjM1ZTgyMjZmNjUwNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RddMvyD4wfE79poWzMQWRHAkCuy
eolL7YhcGaoUHafUcmr/uKcOB2VgDoJJnTeFGL0Ax6cXCitg7YQDm1+wIgtrn976
m8Pg9yQja5GUKoVTq9rrJcOrIGhBpeKRQ+cUns4xpblvv8vLjsPi8kjr7qRT4N0R
7tzf4LcX5TMVgxHlqrSNOnOrU13XAJ08IXCAy1gdJcAbHwX6i6nh0TypOK7e14Xj
0+zyFiN3NGZXegP1F/+UFNkLU0pX1dsKfm4UDGWA+aQ42JOSnlWNB63IQmB6Rwr0
A5Q2hflqF6BQ4dFsZ9SpbMJk19nkYlSpgOxQsQO9tfyi8YOwCwHYQeKd1wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKIZMozmhGwXKdCsgplD5U7zo7ZrMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRlODZhNGE1LTlmNzktNGZjMi04OTBiLTVlNzVmNjc5ZjJlYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaafBAMA0GCSqGSIb3DQEBCwUAA4IBAQCwoQmoQI/oQbLq1/5v
Ed+0hk5ZH2MrmJMCKHuJIKKDNhOeLHKfT0PoFxk5DGsK03n2yHE17dL3LE9+9J6v
VwFGCCz5Xm0TmEcqLWaoG9OnnW0kYiGCkLfocjFOfhjeF9rnkilRaDLklNMspWzM
ePmpYXQDiqiznMX9C+Sms27XPmTDQegvmMBc6LnqwKjo/EUAhEtr+8EO9hXqXaYv
1i66Xm1y9fy+kKVy004xnAI0DemWtyXQf/lyLe/6yUusm0QBOqu/zUQBY1LX7pt2
jBIDNc58qlBcZ5PZEjN+Be3PT3kM0P3D2zKbRyquJkje/YbkQNLWKi7kciDZokUK
HdiA
-----END CERTIFICATE-----