Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0d2894-eaa1-4bae-b793-13a3b2528447.roa
File:                     5f0d2894-eaa1-4bae-b793-13a3b2528447.roa (raw, json)
Hash identifier:          O4IDeNzE+UKQ3d0n1zjrm/kowHg4B0iw1if67gsr4HA=
Subject key identifier:   14:80:F7:97:2A:AB:0C:BE:79:D2:00:3D:DA:FA:CF:86:0B:C0:F3:74
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       2802435C623D5E94BF0FB786F16CAA06C62F6692
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0d2894-eaa1-4bae-b793-13a3b2528447.roa
Signing time:             Mon 07 Jul 2025 15:00:06 +0000
ROA not before:           Mon 07 Jul 2025 15:00:06 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:e080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:52:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:02:43:5c:62:3d:5e:94:bf:0f:b7:86:f1:6c:aa:06:c6:2f:66:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul  7 15:00:06 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=5319f0d9eae59fc1293dd8a062da7171895f7b0df56ec91be94c35d44b8dc609, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:03:57:a1:60:59:4c:54:9a:55:6d:a8:4d:64:
                    94:57:da:a4:1a:69:ba:ca:a4:90:f1:08:89:06:d1:
                    a4:01:9d:40:c4:45:fd:b1:4c:50:09:5a:34:97:80:
                    ab:17:5e:2e:33:6a:bb:02:7e:00:f8:1b:da:fd:24:
                    66:23:fe:94:2f:73:b8:28:da:80:d3:88:b4:0b:ef:
                    2b:01:bc:46:b3:5c:e7:dc:06:b7:9d:cb:35:ab:f5:
                    2f:3a:9e:41:83:9b:1f:ba:28:c8:90:cd:3e:e1:e8:
                    01:cf:e7:6f:f1:e1:92:bd:48:f5:c8:62:ff:90:55:
                    ce:4d:76:6b:f4:62:9e:22:60:ca:45:3a:15:d4:0e:
                    c8:d4:c4:31:a4:bc:76:f8:9e:f7:f8:7b:db:11:3a:
                    5b:1f:c4:d0:f8:9a:c2:5c:cf:e8:3f:83:c7:0f:1e:
                    41:47:cb:b7:62:06:c3:12:64:b8:55:ff:a8:99:db:
                    96:36:a2:a6:38:59:20:2e:c2:25:23:4c:84:d5:5b:
                    fe:f2:f8:d2:e4:05:7f:e9:c8:74:fd:a5:af:11:b4:
                    f5:d0:eb:d5:a5:1a:15:c3:91:74:f3:3b:d2:b5:9e:
                    6d:b4:a3:bf:75:c3:ce:cf:20:2e:18:72:e1:24:f2:
                    a6:79:ea:1f:0c:a0:d6:78:16:c9:8c:d8:fc:32:71:
                    c2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:80:F7:97:2A:AB:0C:BE:79:D2:00:3D:DA:FA:CF:86:0B:C0:F3:74
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0d2894-eaa1-4bae-b793-13a3b2528447.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:e080::/46

    Signature Algorithm: sha256WithRSAEncryption
         22:10:ad:95:f1:2f:13:e9:58:f6:6d:ee:cd:3c:dc:6c:da:81:
         b6:07:88:79:c4:5c:31:84:20:53:32:f7:42:3f:b1:12:c0:dc:
         69:c1:43:8f:cc:57:b3:58:2c:f1:3e:af:cf:8f:6b:aa:fc:bc:
         3b:b5:5d:ef:64:28:1f:c8:28:cd:77:25:5c:cc:89:23:7d:a5:
         57:1a:1d:a3:1f:9d:63:d6:ec:cf:be:85:54:71:5a:9d:66:2b:
         a0:72:f7:b1:11:26:ee:02:7f:6f:13:fa:fe:70:d2:43:e6:4d:
         cc:1d:9c:32:63:34:2b:10:e3:54:f0:d7:39:b4:35:de:b2:f5:
         d0:fd:dc:63:88:1e:4f:8b:3e:a8:65:d9:93:c5:8b:d8:f9:e0:
         e4:2d:69:36:52:31:f4:e9:df:75:64:dd:3b:5d:45:f6:4d:b0:
         64:41:86:ec:7e:22:0d:b1:b2:3d:73:97:c8:11:4e:91:33:91:
         a0:fa:e3:ac:ea:f7:86:19:5f:f4:83:e3:6b:40:5c:bd:2d:74:
         6b:74:d7:14:5a:32:20:c5:23:8a:0c:45:2c:14:98:d7:d6:cd:
         87:27:01:5f:93:b8:7e:39:80:da:24:e7:59:39:41:94:79:c4:
         0b:db:52:77:07:8d:1c:e3:c8:14:71:d2:d3:0b:0b:2f:33:e5:
         3c:2b:8a:82
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUKAJDXGI9XpS/D7eG8WyqBsYvZpIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MDAwNloX
DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNANTMxOWYwZDllYWU1OWZjMTI5M2Rk
OGEwNjJkYTcxNzE4OTVmN2IwZGY1NmVjOTFiZTk0YzM1ZDQ0YjhkYzYwOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQNXoWBZTFSaVW2oTWSUV9qkGmm6
yqSQ8QiJBtGkAZ1AxEX9sUxQCVo0l4CrF14uM2q7An4A+Bva/SRmI/6UL3O4KNqA
04i0C+8rAbxGs1zn3Aa3ncs1q/UvOp5Bg5sfuijIkM0+4egBz+dv8eGSvUj1yGL/
kFXOTXZr9GKeImDKRToV1A7I1MQxpLx2+J73+HvbETpbH8TQ+JrCXM/oP4PHDx5B
R8u3YgbDEmS4Vf+omduWNqKmOFkgLsIlI0yE1Vv+8vjS5AV/6ch0/aWvEbT10OvV
pRoVw5F08zvStZ5ttKO/dcPOzyAuGHLhJPKmeeofDKDWeBbJjNj8MnHCnwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBSA95cqqwy+edIAPdr6z4YLwPN0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVmMGQyODk0LWVhYTEtNGJhZS1iNzkzLTEzYTNiMjUyODQ0Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba++CAMA0GCSqGSIb3DQEBCwUAA4IBAQAiEK2V8S8T6Vj2be7N
PNxs2oG2B4h5xFwxhCBTMvdCP7ESwNxpwUOPzFezWCzxPq/Pj2uq/Lw7tV3vZCgf
yCjNdyVczIkjfaVXGh2jH51j1uzPvoVUcVqdZiugcvexESbuAn9vE/r+cNJD5k3M
HZwyYzQrEONU8Nc5tDXesvXQ/dxjiB5Piz6oZdmTxYvY+eDkLWk2UjH06d91ZN07
XUX2TbBkQYbsfiINsbI9c5fIEU6RM5Gg+uOs6veGGV/0g+NrQFy9LXRrdNcUWjIg
xSOKDEUsFJjX1s2HJwFfk7h+OYDaJOdZOUGUecQL21J3B40c48gUcdLTCwsvM+U8
K4qC
-----END CERTIFICATE-----