Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/65af76ae-2e31-461f-a446-486317b9c9de.roa
File:                     65af76ae-2e31-461f-a446-486317b9c9de.roa (raw, json)
Hash identifier:          yZGqUBZhIO37ZFgBE0dQdmKkAneAC0hPn7E8Wqrp85A=
Subject key identifier:   21:8D:02:10:DA:A1:A7:2C:68:A0:BC:A9:2C:7B:9C:83:45:FE:2B:B7
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       278CE77B8BA420D8E243B6F157AEF47AB5CE921D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/65af76ae-2e31-461f-a446-486317b9c9de.roa
Signing time:             Wed 30 Jul 2025 00:31:26 +0000
ROA not before:           Wed 30 Jul 2025 00:31:26 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:a0c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:8c:e7:7b:8b:a4:20:d8:e2:43:b6:f1:57:ae:f4:7a:b5:ce:92:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:31:26 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=f70182a46255330efc8de1d3d34fa908507190e1c17dc826d3a4264d5df990d1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d0:ef:13:81:9a:28:3b:48:38:1d:0d:73:9f:
                    fd:be:0b:fd:4b:2d:7c:46:a4:8b:49:2e:e1:ce:37:
                    23:bb:1d:67:6a:dd:8e:38:49:9c:2f:5c:6a:a1:56:
                    75:12:76:f2:21:f2:c3:9b:29:76:83:23:60:61:a9:
                    87:3a:17:0c:99:5e:03:c5:99:90:5b:28:1f:3f:d4:
                    7e:91:1d:6f:ff:c6:d2:ca:1e:3c:b3:83:17:d7:39:
                    13:b4:bd:8e:0f:cd:7f:58:05:df:fb:e5:56:26:f4:
                    f7:ab:7f:62:ca:bd:4e:eb:92:cd:00:3b:23:47:65:
                    9f:29:e3:a6:c5:03:df:44:94:8c:32:19:c8:b3:90:
                    78:3c:cd:2f:ea:08:fb:17:60:3f:32:45:d5:53:e3:
                    0f:4a:89:86:96:d5:98:85:fe:96:8b:1f:fd:4f:2e:
                    8d:c8:61:f5:49:6c:eb:bd:2a:eb:ff:52:0f:cf:73:
                    30:ab:0a:f1:38:71:e5:a4:18:fc:79:6f:fb:b8:b9:
                    cc:6a:91:b6:e9:36:f6:8b:7a:be:db:29:be:b0:74:
                    13:ae:5e:19:00:69:cf:a0:92:d9:35:e8:26:de:7b:
                    7f:ae:d5:47:1e:9e:82:e8:34:a6:ab:68:2c:13:5c:
                    58:64:23:dd:bc:70:94:24:e5:10:2c:23:01:e3:27:
                    9c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:8D:02:10:DA:A1:A7:2C:68:A0:BC:A9:2C:7B:9C:83:45:FE:2B:B7
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/65af76ae-2e31-461f-a446-486317b9c9de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:a0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         bb:0d:0e:b1:e0:65:9e:9e:59:16:33:29:35:27:33:4e:4a:1a:
         ca:f1:ac:3c:29:8a:50:02:92:bd:7e:26:78:56:49:80:66:0c:
         8c:ef:73:c9:bb:eb:2c:7e:e1:33:9e:17:10:04:2c:b5:2b:cf:
         12:d0:f9:fe:8e:d1:85:1f:eb:58:2d:6b:da:7d:e1:05:60:c3:
         ce:e1:94:46:30:40:4c:f9:ab:30:f9:44:8a:db:1c:1f:81:a3:
         ec:e2:4d:ad:69:23:3e:59:54:d2:d6:c4:8e:d0:9a:16:fe:ec:
         01:03:bc:2a:e8:7f:db:76:e2:51:80:40:f4:71:26:38:5f:a7:
         1a:5a:86:90:4f:f5:61:91:1c:b4:cf:06:ca:09:4e:02:87:7c:
         17:58:a3:77:f5:d9:74:e8:07:3e:b4:4e:05:3d:e8:4e:42:28:
         6e:c2:01:ab:0b:60:83:ae:d5:67:22:7d:60:5f:38:1c:d3:df:
         fb:b6:7c:a4:6a:8c:9f:ff:42:49:5b:67:31:1e:59:67:cc:c7:
         5e:41:a3:f3:67:b8:5e:76:c7:c7:96:43:11:36:a2:f2:a5:e0:
         1c:7b:a9:e9:42:97:a8:95:b6:c9:63:34:74:d4:28:5d:f8:3e:
         1a:cc:5e:10:ae:cb:55:60:5f:c9:4b:1c:f2:8d:2e:b4:77:26:
         4b:8f:79:bd
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUJ4zne4ukINjiQ7bxV670erXOkh0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzEyNloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZjcwMTgyYTQ2MjU1MzMwZWZjOGRl
MWQzZDM0ZmE5MDg1MDcxOTBlMWMxN2RjODI2ZDNhNDI2NGQ1ZGY5OTBkMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNDvE4GaKDtIOB0Nc5/9vgv9Sy18
RqSLSS7hzjcjux1nat2OOEmcL1xqoVZ1EnbyIfLDmyl2gyNgYamHOhcMmV4DxZmQ
WygfP9R+kR1v/8bSyh48s4MX1zkTtL2OD81/WAXf++VWJvT3q39iyr1O65LNADsj
R2WfKeOmxQPfRJSMMhnIs5B4PM0v6gj7F2A/MkXVU+MPSomGltWYhf6Wix/9Ty6N
yGH1SWzrvSrr/1IPz3MwqwrxOHHlpBj8eW/7uLnMapG26Tb2i3q+2ym+sHQTrl4Z
AGnPoJLZNegm3nt/rtVHHp6C6DSmq2gsE1xYZCPdvHCUJOUQLCMB4yecTQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCGNAhDaoacsaKC8qSx7nINF/iu3MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzY1YWY3NmFlLTJlMzEtNDYxZi1hNDQ2LTQ4NjMxN2I5YzlkZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaaDAMA0GCSqGSIb3DQEBCwUAA4IBAQC7DQ6x4GWenlkWMyk1
JzNOShrK8aw8KYpQApK9fiZ4VkmAZgyM73PJu+ssfuEznhcQBCy1K88S0Pn+jtGF
H+tYLWvafeEFYMPO4ZRGMEBM+asw+USK2xwfgaPs4k2taSM+WVTS1sSO0JoW/uwB
A7wq6H/bduJRgED0cSY4X6caWoaQT/VhkRy0zwbKCU4Ch3wXWKN39dl06Ac+tE4F
PehOQihuwgGrC2CDrtVnIn1gXzgc09/7tnykaoyf/0JJW2cxHllnzMdeQaPzZ7he
dsfHlkMRNqLypeAce6npQpeolbbJYzR01Chd+D4azF4QrstVYF/JSxzyjS60dyZL
j3m9
-----END CERTIFICATE-----