Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d95593e-7533-4a62-bbd5-712342a000d1.roa
File:                     5d95593e-7533-4a62-bbd5-712342a000d1.roa (raw, json)
Hash identifier:          oe1JxKexr+0e/bGu1kbfoNc2EXJIjlgJx0yTXOmweMk=
Subject key identifier:   4B:F0:CD:7F:13:F0:59:99:AD:03:1E:DE:08:C0:34:34:07:F9:19:26
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       765812AC67CC9A2F98D82E5B936A8884486B14CC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d95593e-7533-4a62-bbd5-712342a000d1.roa
Signing time:             Wed 30 Jul 2025 00:20:13 +0000
ROA not before:           Wed 30 Jul 2025 00:20:13 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:2080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:08:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:58:12:ac:67:cc:9a:2f:98:d8:2e:5b:93:6a:88:84:48:6b:14:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:20:13 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=aadd335dde5d3a9b999438c13425c9af95a2bcdd2c99ecb4849e7f5657901bb7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:91:a4:ca:3b:f3:ce:c4:42:7c:ba:8e:ee:4b:
                    53:ad:eb:01:28:13:30:b6:0d:b7:9e:ed:58:12:bd:
                    92:cf:77:9b:2b:1e:7b:4c:5e:c1:d2:ac:89:28:79:
                    df:5e:b0:9f:b3:f6:1c:69:6b:fe:71:9d:e2:77:1d:
                    6f:5f:55:74:a6:fa:5d:60:96:f2:8e:9c:d2:ca:27:
                    28:56:70:d6:b8:40:d9:d6:e4:42:f9:5c:c8:85:b3:
                    f3:ea:21:eb:11:97:ca:3a:22:8e:3e:84:53:ce:c7:
                    43:fb:2a:b4:48:ab:19:b2:ec:28:3a:43:27:20:a0:
                    c2:92:2b:f6:6b:04:18:f4:86:6f:97:e9:3b:30:f0:
                    44:a0:2f:da:22:42:ca:1e:ea:71:16:8c:42:cd:6d:
                    3e:59:bf:99:4e:e4:17:92:7d:41:3d:31:7b:b0:3e:
                    f2:ea:12:3a:1a:ae:29:a9:18:8a:e9:f2:2d:6d:93:
                    d5:83:29:fd:40:bd:e4:df:79:f9:56:68:f7:f9:ed:
                    20:3e:c5:d2:56:10:70:85:7a:bf:76:ce:08:3b:15:
                    86:72:0c:e5:52:3a:b3:fc:4e:98:23:bd:cd:b6:5c:
                    a6:f2:6d:7c:1d:88:23:2d:0f:b1:15:42:60:1d:76:
                    ec:80:35:34:05:15:22:4b:58:76:4a:48:d6:bd:b3:
                    7b:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:F0:CD:7F:13:F0:59:99:AD:03:1E:DE:08:C0:34:34:07:F9:19:26
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d95593e-7533-4a62-bbd5-712342a000d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:2080::/46

    Signature Algorithm: sha256WithRSAEncryption
         02:33:23:45:78:e2:c2:70:80:0b:d2:98:59:21:22:29:9c:94:
         2c:4b:5e:3d:8c:a2:b7:49:6f:74:26:26:2b:9e:51:8f:e5:b9:
         71:e0:cc:ba:c1:e9:6e:85:38:77:0b:e5:89:b6:0f:b1:47:b8:
         a9:ce:0f:75:bc:cb:d8:7f:0a:f9:0e:bf:ab:53:33:a8:0c:c5:
         ef:30:76:5c:de:64:b9:f4:9b:f4:d4:94:ee:1e:df:9a:ce:e5:
         f0:c0:19:07:99:62:2a:65:2c:f3:de:92:d5:d5:93:f5:90:fb:
         a5:a0:0a:46:20:8d:e3:72:5b:0e:11:23:63:65:a2:d7:98:84:
         80:cb:ff:35:1d:b5:14:58:3b:02:7f:87:e4:31:e0:cc:83:11:
         6e:fc:95:fe:d5:19:e8:97:29:07:32:84:28:ec:af:7f:c9:f5:
         78:cf:8d:e3:ae:dd:98:00:b0:23:f6:b6:71:e2:44:0b:62:35:
         ca:10:28:cb:3e:f2:c3:de:c9:5f:bd:a9:54:2e:f5:d9:59:18:
         88:57:53:3f:28:71:c2:af:2d:ee:65:1b:4a:2c:7e:64:df:4d:
         a3:63:4a:99:f6:be:b2:ab:0c:f7:cc:a0:6f:c9:d2:b2:12:8c:
         33:d2:fb:4f:d6:fb:77:95:4f:dd:90:9d:ee:ac:34:9e:d7:a0:
         d7:12:0c:02
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUdlgSrGfMmi+Y2C5bk2qIhEhrFMwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjAxM1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYWFkZDMzNWRkZTVkM2E5Yjk5OTQz
OGMxMzQyNWM5YWY5NWEyYmNkZDJjOTllY2I0ODQ5ZTdmNTY1NzkwMWJiNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/JGkyjvzzsRCfLqO7ktTresBKBMw
tg23nu1YEr2Sz3ebKx57TF7B0qyJKHnfXrCfs/YcaWv+cZ3idx1vX1V0pvpdYJby
jpzSyicoVnDWuEDZ1uRC+VzIhbPz6iHrEZfKOiKOPoRTzsdD+yq0SKsZsuwoOkMn
IKDCkiv2awQY9IZvl+k7MPBEoC/aIkLKHupxFoxCzW0+Wb+ZTuQXkn1BPTF7sD7y
6hI6Gq4pqRiK6fItbZPVgyn9QL3k33n5Vmj3+e0gPsXSVhBwhXq/ds4IOxWGcgzl
Ujqz/E6YI73Ntlym8m18HYgjLQ+xFUJgHXbsgDU0BRUiS1h2SkjWvbN7awIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEvwzX8T8FmZrQMe3gjANDQH+RkmMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVkOTU1OTNlLTc1MzMtNGE2Mi1iYmQ1LTcxMjM0MmEwMDBkMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9yCAMA0GCSqGSIb3DQEBCwUAA4IBAQACMyNFeOLCcIAL0phZ
ISIpnJQsS149jKK3SW90JiYrnlGP5blx4My6weluhTh3C+WJtg+xR7ipzg91vMvY
fwr5Dr+rUzOoDMXvMHZc3mS59Jv01JTuHt+azuXwwBkHmWIqZSzz3pLV1ZP1kPul
oApGII3jclsOESNjZaLXmISAy/81HbUUWDsCf4fkMeDMgxFu/JX+1RnolykHMoQo
7K9/yfV4z43jrt2YALAj9rZx4kQLYjXKECjLPvLD3slfvalULvXZWRiIV1M/KHHC
ry3uZRtKLH5k302jY0qZ9r6yqwz3zKBvydKyEowz0vtP1vt3lU/dkJ3urDSe16DX
EgwC
-----END CERTIFICATE-----