Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/51a41624-b980-452b-a6a9-1f823c83f82a.roa
File:                     51a41624-b980-452b-a6a9-1f823c83f82a.roa (raw, json)
Hash identifier:          ck93LvgOC1ENIkEhsLfkqGi54n5sMRhO01J5w0dTzaU=
Subject key identifier:   9C:11:98:E9:1E:65:53:91:F7:D7:5B:43:DB:9D:93:A7:04:91:CF:45
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7CC751BFE1230E46AC107D955C95554592F6A7D4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/51a41624-b980-452b-a6a9-1f823c83f82a.roa
Signing time:             Fri 16 May 2025 00:20:59 +0000
ROA not before:           Fri 16 May 2025 00:20:59 +0000
ROA not after:            Fri 20 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:4800::/40 maxlen: 40
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:37:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:c7:51:bf:e1:23:0e:46:ac:10:7d:95:5c:95:55:45:92:f6:a7:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 16 00:20:59 2025 GMT
            Not After : Jun 20 23:59:59 2025 GMT
        Subject: serialNumber=793c1ea478cba17aea7e74ad79af94eef59b6879707cb4d2d0448d64dc38c32c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:33:a3:1a:56:22:24:55:75:6b:30:f6:6d:d9:
                    70:ac:33:1c:de:3e:b1:5b:53:a1:19:16:a9:23:ec:
                    dc:38:55:33:c1:cb:bf:9d:44:cf:06:bc:15:f5:1f:
                    e4:1c:1a:01:95:4a:ad:8b:c0:e6:a4:fe:69:90:ed:
                    2e:bb:09:8a:cc:9f:bd:2a:b4:10:12:41:3e:af:fc:
                    bc:7d:f1:fd:47:92:1d:f3:62:75:a2:81:aa:93:0b:
                    a3:01:26:42:2d:54:ee:91:22:48:8a:be:34:1f:0c:
                    b3:8e:fe:55:87:00:96:ac:c5:0d:5d:71:8b:0a:78:
                    1d:c2:05:9e:39:69:d9:db:6b:89:e3:17:bd:9c:11:
                    b3:ba:b3:9a:5c:35:f0:e3:86:e3:61:2c:1c:f8:92:
                    94:80:f0:c1:90:72:04:8a:55:fc:96:8d:bf:68:e0:
                    8d:e4:67:72:19:15:e5:b9:01:d2:9e:b4:74:da:91:
                    7d:27:eb:a0:4a:cb:e4:eb:c1:21:f0:63:01:9d:d1:
                    e0:bf:d1:18:cf:19:82:e6:bf:44:64:76:8f:d7:b0:
                    ed:af:bb:85:b1:cc:11:21:5d:b0:12:5a:57:2c:7e:
                    eb:51:85:46:5b:5d:bc:55:dc:69:18:92:f8:b3:99:
                    9f:ac:14:ba:a8:11:03:2e:77:80:2f:7a:54:22:f8:
                    fe:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:11:98:E9:1E:65:53:91:F7:D7:5B:43:DB:9D:93:A7:04:91:CF:45
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/51a41624-b980-452b-a6a9-1f823c83f82a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:4800::/40

    Signature Algorithm: sha256WithRSAEncryption
         1c:62:c5:8a:2f:79:18:e7:e3:de:23:3f:6a:2a:71:fc:a2:a6:
         fb:d5:23:68:3d:60:23:59:63:60:38:d8:dd:39:b0:83:63:4d:
         60:63:a3:76:ce:69:ae:36:a6:0f:0f:f4:f5:2a:d5:ec:41:24:
         45:ef:60:3e:df:3b:58:da:a9:ce:3a:45:4c:4a:a2:ac:56:1b:
         4a:eb:9f:c1:9b:a4:a8:94:33:9a:db:1f:cb:a2:30:1e:3d:07:
         1d:49:7d:f2:71:db:db:85:97:a3:b4:46:a0:fb:b5:28:16:d0:
         a4:29:07:ed:7d:7f:de:1d:16:39:da:b3:a0:4e:a5:5f:78:1e:
         55:8c:20:73:16:2c:58:dc:4d:b0:bd:b8:ed:c8:c2:bc:0c:74:
         6f:a3:b4:88:3b:2c:0b:a4:68:0d:39:d0:d5:ca:08:ab:dd:53:
         5d:fb:05:98:83:17:2a:3d:1a:2f:10:18:8f:fa:a4:88:3b:2f:
         77:4b:94:b0:98:e8:0c:d2:8c:a5:25:d6:2b:e6:77:49:26:ad:
         fc:c8:a3:2a:16:4a:b7:39:65:a1:95:b8:84:01:09:02:1d:2d:
         29:0e:b0:92:c8:d3:a6:60:70:4b:cc:14:86:e3:03:9e:b6:08:
         01:37:bf:3b:1f:49:6c:37:00:d4:0d:72:64:66:d4:11:6d:32:
         2e:d7:bd:6e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfMdRv+EjDkasEH2VXJVVRZL2p9QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjA1OVoX
DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANzkzYzFlYTQ3OGNiYTE3YWVhN2U3
NGFkNzlhZjk0ZWVmNTliNjg3OTcwN2NiNGQyZDA0NDhkNjRkYzM4YzMyYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDOjGlYiJFV1azD2bdlwrDMc3j6x
W1OhGRapI+zcOFUzwcu/nUTPBrwV9R/kHBoBlUqti8DmpP5pkO0uuwmKzJ+9KrQQ
EkE+r/y8ffH9R5Id82J1ooGqkwujASZCLVTukSJIir40Hwyzjv5VhwCWrMUNXXGL
CngdwgWeOWnZ22uJ4xe9nBGzurOaXDXw44bjYSwc+JKUgPDBkHIEilX8lo2/aOCN
5GdyGRXluQHSnrR02pF9J+ugSsvk68Eh8GMBndHgv9EYzxmC5r9EZHaP17Dtr7uF
scwRIV2wElpXLH7rUYVGW128VdxpGJL4s5mfrBS6qBEDLneAL3pUIvj+CwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJwRmOkeZVOR99dbQ9udk6cEkc9FMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzUxYTQxNjI0LWI5ODAtNDUyYi1hNmE5LTFmODIzYzgzZjgyYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9EgwDQYJKoZIhvcNAQELBQADggEBABxixYoveRjn494jP2oq
cfyipvvVI2g9YCNZY2A42N05sINjTWBjo3bOaa42pg8P9PUq1exBJEXvYD7fO1ja
qc46RUxKoqxWG0rrn8GbpKiUM5rbH8uiMB49Bx1JffJx29uFl6O0RqD7tSgW0KQp
B+19f94dFjnas6BOpV94HlWMIHMWLFjcTbC9uO3IwrwMdG+jtIg7LAukaA050NXK
CKvdU137BZiDFyo9Gi8QGI/6pIg7L3dLlLCY6AzSjKUl1ivmd0kmrfzIoyoWSrc5
ZaGVuIQBCQIdLSkOsJLI06ZgcEvMFIbjA562CAE3vzsfSWw3ANQNcmRm1BFtMi7X
vW4=
-----END CERTIFICATE-----