Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa
File:                     5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa (raw, json)
Hash identifier:          YhQBCljlOQXdMu5qTUbKs/kN3mH4Kroly3ve1jrAP+w=
Subject key identifier:   FD:22:54:06:CE:28:BE:7B:E3:4D:3F:B1:1B:0F:4C:0F:91:37:63:45
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0EE638A474F389A0967C6DCAD481FEF149A20FCD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa
Signing time:             Wed 30 Jul 2025 00:41:39 +0000
ROA not before:           Wed 30 Jul 2025 00:41:39 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:60c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 17:54:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:e6:38:a4:74:f3:89:a0:96:7c:6d:ca:d4:81:fe:f1:49:a2:0f:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:41:39 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=32b3cdf96ee8d97d872dc08258083c8469ad3c2098468858813c1dfa46c9f32e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:81:13:45:90:94:08:ba:90:19:37:bd:d1:88:
                    e6:e7:79:ab:7f:bd:ab:74:10:54:b3:e8:c4:25:c5:
                    c9:80:0a:b7:4f:26:ed:0c:ec:7c:1f:d9:e1:27:93:
                    95:92:cd:2e:0b:64:58:f6:8e:41:e0:cd:d1:0b:61:
                    c5:03:91:65:58:2c:7b:28:27:9e:95:eb:f0:2a:5a:
                    b2:90:c5:c2:e6:09:b2:99:2e:67:08:92:ff:3c:a3:
                    78:12:6b:d1:c0:8d:72:d5:fa:9b:f6:a0:a6:90:36:
                    42:22:17:01:46:d2:9a:f6:5d:b8:c3:d6:62:9b:c1:
                    3d:06:cb:b9:92:cb:46:a1:3d:bc:fd:d9:05:b7:d8:
                    53:3c:76:25:9d:df:53:2a:c4:ac:cc:a5:c4:c1:b7:
                    52:0b:14:2e:7e:d6:ce:52:54:45:f6:a4:02:ab:8a:
                    66:fb:a9:7e:1a:f8:49:6d:3a:66:f3:14:e7:84:80:
                    13:3c:32:1b:22:39:15:5b:53:13:71:94:25:96:97:
                    8e:e0:ab:10:88:ff:56:8c:e6:13:af:ab:d2:36:9b:
                    37:70:c0:72:f4:54:84:1f:40:03:81:99:61:9c:6d:
                    2b:fc:1a:54:e2:35:04:26:66:47:0d:67:e4:f1:4e:
                    a6:ed:95:ca:d6:68:5a:fa:0c:ea:2d:af:21:f9:0e:
                    5e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:22:54:06:CE:28:BE:7B:E3:4D:3F:B1:1B:0F:4C:0F:91:37:63:45
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:60c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         0d:96:23:1e:f6:7d:49:68:e2:f4:92:3c:e1:3c:88:56:a8:eb:
         15:93:5d:8e:cf:6f:d5:f6:f8:e2:3b:ad:4f:6a:87:53:c2:3c:
         a2:5c:66:a5:74:18:5e:1a:d3:f3:69:5f:9d:ac:a3:3f:e2:cb:
         3d:33:e2:46:d3:dd:a5:2c:8a:00:86:46:02:06:4d:45:0e:da:
         37:4a:cd:3e:6b:67:cf:43:1e:c2:67:f7:5b:b6:25:02:5e:00:
         fc:14:3d:a1:28:3e:46:c0:bd:2e:ad:8d:c6:69:2f:8e:a9:4c:
         51:1a:40:c2:54:dc:33:f0:b0:39:35:05:24:0c:ba:e3:b1:57:
         a5:6d:46:3e:76:88:7a:e3:89:de:67:c7:ca:f9:d5:5c:c1:9e:
         b9:ae:5d:8d:84:da:e8:bd:69:2a:83:72:5c:e8:1a:a4:2c:d3:
         12:30:8c:e1:f7:51:a6:04:27:aa:b5:0f:d0:28:e8:52:d1:9e:
         c8:0b:9b:78:74:56:a3:fa:bd:6c:f2:31:04:68:5b:17:73:a2:
         97:55:1b:ac:a2:e0:30:59:b8:8f:1d:7f:1e:69:12:fe:f8:e7:
         5b:3c:a7:f1:aa:07:69:88:7c:32:be:d7:50:a3:93:b2:71:fc:
         ad:97:9b:02:84:58:82:ab:45:28:c5:57:1a:dd:0f:d7:c1:34:
         7f:39:86:40
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUDuY4pHTziaCWfG3K1IH+8UmiD80wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDEzOVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMzJiM2NkZjk2ZWU4ZDk3ZDg3MmRj
MDgyNTgwODNjODQ2OWFkM2MyMDk4NDY4ODU4ODEzYzFkZmE0NmM5ZjMyZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYETRZCUCLqQGTe90Yjm53mrf72r
dBBUs+jEJcXJgAq3TybtDOx8H9nhJ5OVks0uC2RY9o5B4M3RC2HFA5FlWCx7KCee
levwKlqykMXC5gmymS5nCJL/PKN4EmvRwI1y1fqb9qCmkDZCIhcBRtKa9l24w9Zi
m8E9Bsu5kstGoT28/dkFt9hTPHYlnd9TKsSszKXEwbdSCxQuftbOUlRF9qQCq4pm
+6l+GvhJbTpm8xTnhIATPDIbIjkVW1MTcZQllpeO4KsQiP9WjOYTr6vSNps3cMBy
9FSEH0ADgZlhnG0r/BpU4jUEJmZHDWfk8U6m7ZXK1mha+gzqLa8h+Q5euwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFP0iVAbOKL57400/sRsPTA+RN2NFMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVhYzc2Y2NiLTRmNTctNDE4NS1hZDJmLTA1YmYzMzhiYTM1ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaWDAMA0GCSqGSIb3DQEBCwUAA4IBAQANliMe9n1JaOL0kjzh
PIhWqOsVk12Oz2/V9vjiO61PaodTwjyiXGaldBheGtPzaV+drKM/4ss9M+JG092l
LIoAhkYCBk1FDto3Ss0+a2fPQx7CZ/dbtiUCXgD8FD2hKD5GwL0urY3GaS+OqUxR
GkDCVNwz8LA5NQUkDLrjsVelbUY+doh644neZ8fK+dVcwZ65rl2NhNrovWkqg3Jc
6BqkLNMSMIzh91GmBCeqtQ/QKOhS0Z7IC5t4dFaj+r1s8jEEaFsXc6KXVRusouAw
WbiPHX8eaRL++OdbPKfxqgdpiHwyvtdQo5Oycfytl5sChFiCq0UoxVca3Q/XwTR/
OYZA
-----END CERTIFICATE-----