Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5226317b-a01e-43de-8d9f-d2d0e1e72a8e.roa
File:                     5226317b-a01e-43de-8d9f-d2d0e1e72a8e.roa (raw, json)
Hash identifier:          64gF0VUH+2WKek27E/25vf+hb90X+ktcySigMNZaDa4=
Subject key identifier:   82:4C:5F:12:28:C6:AF:45:59:14:F2:D7:1D:A6:25:E0:96:0E:5B:2F
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       662BAB84C0E592BAF5D5453BC8D3485298E9F176
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5226317b-a01e-43de-8d9f-d2d0e1e72a8e.roa
Signing time:             Mon 12 May 2025 15:10:45 +0000
ROA not before:           Mon 12 May 2025 15:10:45 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daee:2000::/40 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:08:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:2b:ab:84:c0:e5:92:ba:f5:d5:45:3b:c8:d3:48:52:98:e9:f1:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 12 15:10:45 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=57f17f41c98f866433ea725fcead017901ef98fb0b5799700023625c013ced3a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:20:e8:76:4d:de:2f:8d:31:68:28:5c:b8:21:
                    a3:d9:0a:04:87:56:fa:98:18:61:92:cf:36:50:21:
                    9f:22:94:0d:a6:2d:42:7f:0d:93:ef:be:23:37:c3:
                    90:0e:9a:15:33:ff:ed:68:ca:4a:7c:de:1d:a8:57:
                    5c:c8:7d:52:ae:ce:fd:be:ce:4b:aa:6e:62:36:d9:
                    e1:af:58:eb:d3:bc:ff:ee:da:e1:e3:23:48:d3:99:
                    8d:61:bf:98:d9:7b:8d:2b:cc:36:0b:af:a5:ec:b8:
                    e7:4a:29:d0:a3:a1:1d:90:ad:0a:93:2b:ea:40:56:
                    97:df:6f:fb:9c:aa:6e:00:56:60:a0:c8:07:ff:59:
                    3a:11:7c:0b:80:6c:6e:97:aa:59:a3:92:69:cb:42:
                    ed:95:55:56:f2:1e:b7:5c:4c:43:6b:78:ea:e6:55:
                    6b:a8:f8:90:89:46:8a:af:47:a1:af:62:3a:17:9d:
                    cd:43:7c:61:cf:5f:03:af:fa:35:4c:2b:e7:23:ef:
                    71:26:03:0a:af:9f:da:87:29:59:8f:0b:72:76:53:
                    98:65:ce:d7:e5:08:3c:07:8a:4f:6a:41:55:4f:cd:
                    8f:8e:ff:98:01:b2:48:a2:fb:b9:33:43:ea:81:d3:
                    08:69:a4:e3:b5:36:58:39:84:08:bd:de:07:9c:8c:
                    17:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:4C:5F:12:28:C6:AF:45:59:14:F2:D7:1D:A6:25:E0:96:0E:5B:2F
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5226317b-a01e-43de-8d9f-d2d0e1e72a8e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daee:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a3:77:c5:aa:f4:f0:62:83:c0:40:c3:21:a2:ba:68:2d:2c:23:
         48:ab:d6:c8:23:bc:06:10:4f:d4:ed:17:47:c4:24:c8:b3:4c:
         fe:bf:2d:0d:9e:06:02:9e:77:71:ca:99:d5:f9:40:c1:ec:90:
         ee:ee:3e:5b:07:98:13:8d:35:e0:c0:6a:13:a9:c1:58:21:d1:
         d6:4c:ab:bc:4f:f6:4c:47:fc:d8:43:03:ae:85:eb:3b:1d:b3:
         a9:a3:26:04:3e:bf:4b:6d:2f:03:35:66:e5:64:a0:2a:5f:f5:
         82:e1:4f:0d:83:b9:11:d0:9b:a7:c8:1c:f5:91:d7:b6:67:00:
         62:e5:30:fc:03:49:60:b2:13:54:ed:82:95:ba:59:a9:1a:70:
         69:69:a7:76:2f:32:65:73:0b:83:d6:e3:f3:11:bf:3e:25:70:
         9f:b1:7f:12:a8:b1:cb:46:bd:78:be:51:5b:a1:cc:14:46:a0:
         de:88:65:a2:ef:5c:b5:a3:e0:66:8c:96:ef:92:2d:b6:a1:22:
         df:c5:c6:aa:bd:fa:b1:f3:11:0d:9a:04:ec:83:d7:7b:0b:e8:
         0c:9a:d4:90:c3:79:7f:0b:91:6b:41:6c:0d:97:48:39:07:45:
         34:b8:46:8f:97:df:b2:ab:73:65:d6:73:83:85:4d:7d:68:7c:
         ff:3a:6f:f1
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUZiurhMDlkrr11UU7yNNIUpjp8XYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MTA0NVoX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNANTdmMTdmNDFjOThmODY2NDMzZWE3
MjVmY2VhZDAxNzkwMWVmOThmYjBiNTc5OTcwMDAyMzYyNWMwMTNjZWQzYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yDodk3eL40xaChcuCGj2QoEh1b6
mBhhks82UCGfIpQNpi1Cfw2T774jN8OQDpoVM//taMpKfN4dqFdcyH1Srs79vs5L
qm5iNtnhr1jr07z/7trh4yNI05mNYb+Y2XuNK8w2C6+l7LjnSinQo6EdkK0Kkyvq
QFaX32/7nKpuAFZgoMgH/1k6EXwLgGxul6pZo5Jpy0LtlVVW8h63XExDa3jq5lVr
qPiQiUaKr0ehr2I6F53NQ3xhz18Dr/o1TCvnI+9xJgMKr5/ahylZjwtydlOYZc7X
5Qg8B4pPakFVT82Pjv+YAbJIovu5M0PqgdMIaaTjtTZYOYQIvd4HnIwXpQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIJMXxIoxq9FWRTy1x2mJeCWDlsvMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzUyMjYzMTdiLWEwMWUtNDNkZS04ZDlmLWQyZDBlMWU3MmE4ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7iAwDQYJKoZIhvcNAQELBQADggEBAKN3xar08GKDwEDDIaK6
aC0sI0ir1sgjvAYQT9TtF0fEJMizTP6/LQ2eBgKed3HKmdX5QMHskO7uPlsHmBON
NeDAahOpwVgh0dZMq7xP9kxH/NhDA66F6zsds6mjJgQ+v0ttLwM1ZuVkoCpf9YLh
Tw2DuRHQm6fIHPWR17ZnAGLlMPwDSWCyE1TtgpW6WakacGlpp3YvMmVzC4PW4/MR
vz4lcJ+xfxKosctGvXi+UVuhzBRGoN6IZaLvXLWj4GaMlu+SLbahIt/Fxqq9+rHz
EQ2aBOyD13sL6Aya1JDDeX8LkWtBbA2XSDkHRTS4Ro+X37Krc2XWc4OFTX1ofP86
b/E=
-----END CERTIFICATE-----