Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa
File:                     542149ac-13e8-419c-b3c9-46274c8943df.roa (raw, json)
Hash identifier:          nLb9Ox1mLakkk0RCAJrtoa+M1Qcpp/wF88CKOfW+GFw=
Subject key identifier:   0E:3B:62:07:F4:56:F5:DD:4D:65:2E:7B:29:07:9F:0C:6F:27:16:1D
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       59AAA5C93BB1F1AF0C3FE30012959765BF13D275
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa
Signing time:             Wed 30 Jul 2025 00:50:50 +0000
ROA not before:           Wed 30 Jul 2025 00:50:50 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:8c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:aa:a5:c9:3b:b1:f1:af:0c:3f:e3:00:12:95:97:65:bf:13:d2:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:50:50 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=a32d761f9b64e86158fe41df4aefd050de78a983f29936903a204abafe10e4b9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:2b:63:8f:b9:6b:cd:82:96:d1:cf:2d:02:3e:
                    b9:1d:13:67:e3:b5:90:bf:c2:d4:0e:e4:e2:c6:ce:
                    07:f4:3a:44:7e:fc:cb:c9:74:20:5a:d8:ae:dc:92:
                    ca:cf:f3:fe:18:69:4f:c5:75:c8:a5:57:7c:14:e2:
                    50:d8:43:3b:f3:47:be:7a:4f:6a:6f:0f:e6:61:dd:
                    40:4f:69:9e:9e:d1:26:ee:af:bf:2a:e9:30:88:2b:
                    8d:94:5d:1e:8f:99:5f:41:9d:01:e5:b6:11:7a:cc:
                    7b:7b:24:2e:5a:7a:1b:a3:73:dc:39:e2:b3:d0:fd:
                    0b:11:9b:fd:7c:d9:6b:40:13:3c:1c:49:36:35:14:
                    a4:4a:19:d8:fc:5b:3e:0b:0e:cb:e5:ae:95:78:20:
                    d0:cb:f5:3a:34:63:98:bb:cc:30:ea:99:e5:b9:f6:
                    8c:46:61:7a:0c:72:6e:7b:6c:bb:b5:3f:92:78:78:
                    51:a4:9c:91:b4:41:30:be:40:0d:8e:04:b6:db:81:
                    77:26:98:d4:c1:26:02:a4:38:b1:56:86:ed:5d:c3:
                    7b:48:ef:04:91:ee:14:b2:a4:00:be:5a:d2:5f:49:
                    76:48:53:75:f2:6d:0a:09:8c:15:e0:18:56:8e:23:
                    01:02:1d:4a:a8:2e:4f:85:e8:9d:7b:9d:70:b5:23:
                    fd:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:3B:62:07:F4:56:F5:DD:4D:65:2E:7B:29:07:9F:0C:6F:27:16:1D
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:8c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         c5:b4:26:11:6f:c9:75:e3:19:19:19:05:44:28:16:da:49:fd:
         c3:21:da:c9:3f:49:74:31:e3:db:48:19:02:3d:c9:8f:24:22:
         22:01:53:79:c6:60:6a:67:d4:64:34:c8:82:a8:9b:cd:0e:6c:
         33:db:62:22:b6:7d:45:b9:bf:58:be:11:10:a0:ab:4d:f5:2d:
         ca:1a:29:16:81:fd:95:06:3e:34:53:ab:e3:d4:ac:9c:1f:b7:
         40:22:bb:98:53:89:7c:57:02:eb:38:d7:f7:1e:b0:99:41:63:
         1f:07:39:f1:39:e9:15:eb:76:69:23:cf:61:b9:e5:23:58:67:
         e6:1e:86:a2:a2:5f:79:24:4d:d8:7c:a9:88:ec:be:53:ca:06:
         c8:03:de:54:09:11:a6:7b:29:93:d9:83:d6:83:c3:09:c3:fe:
         e0:fe:ab:c7:93:94:85:0d:c0:c0:1d:b7:11:78:7a:d5:2d:9c:
         c4:ac:e8:56:0f:f0:e0:18:5a:2e:8b:72:b6:2e:3c:dd:47:1c:
         f3:4f:3f:44:cb:55:1f:a7:c4:f6:da:a9:4f:8f:d6:26:1a:d4:
         72:e6:ee:39:55:53:05:9e:73:39:6c:1e:a0:c2:c2:4f:15:b0:
         7a:d9:63:f4:ee:d2:2a:fc:66:3a:bb:22:26:a9:c1:fd:e1:f5:
         5c:c5:4f:b2
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWaqlyTux8a8MP+MAEpWXZb8T0nUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTA1MFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYTMyZDc2MWY5YjY0ZTg2MTU4ZmU0
MWRmNGFlZmQwNTBkZTc4YTk4M2YyOTkzNjkwM2EyMDRhYmFmZTEwZTRiOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtytjj7lrzYKW0c8tAj65HRNn47WQ
v8LUDuTixs4H9DpEfvzLyXQgWtiu3JLKz/P+GGlPxXXIpVd8FOJQ2EM780e+ek9q
bw/mYd1AT2mentEm7q+/KukwiCuNlF0ej5lfQZ0B5bYResx7eyQuWnobo3PcOeKz
0P0LEZv9fNlrQBM8HEk2NRSkShnY/Fs+Cw7L5a6VeCDQy/U6NGOYu8ww6pnlufaM
RmF6DHJue2y7tT+SeHhRpJyRtEEwvkANjgS224F3JpjUwSYCpDixVobtXcN7SO8E
ke4UsqQAvlrSX0l2SFN18m0KCYwV4BhWjiMBAh1KqC5Pheide51wtSP92QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFA47Ygf0VvXdTWUueykHnwxvJxYdMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU0MjE0OWFjLTEzZTgtNDE5Yy1iM2M5LTQ2Mjc0Yzg5NDNkZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaQjAMA0GCSqGSIb3DQEBCwUAA4IBAQDFtCYRb8l14xkZGQVE
KBbaSf3DIdrJP0l0MePbSBkCPcmPJCIiAVN5xmBqZ9RkNMiCqJvNDmwz22Iitn1F
ub9YvhEQoKtN9S3KGikWgf2VBj40U6vj1KycH7dAIruYU4l8VwLrONf3HrCZQWMf
BznxOekV63ZpI89hueUjWGfmHoaiol95JE3YfKmI7L5TygbIA95UCRGmeymT2YPW
g8MJw/7g/qvHk5SFDcDAHbcReHrVLZzErOhWD/DgGFoui3K2LjzdRxzzTz9Ey1Uf
p8T22qlPj9YmGtRy5u45VVMFnnM5bB6gwsJPFbB62WP07tIq/GY6uyImqcH94fVc
xU+y
-----END CERTIFICATE-----