Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b02b598-7174-4eb3-b1d6-2be76b0ac220.roa
File:                     6b02b598-7174-4eb3-b1d6-2be76b0ac220.roa (raw, json)
Hash identifier:          nW/Vf+2do1MB73tUrlXz8Tff+Q8oPJViPyP4R0D+joc=
Subject key identifier:   A0:D1:05:ED:82:0F:A0:BE:60:88:65:16:CF:76:21:80:0D:01:59:58
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       773B20377B52E513DC401EDCAA5671DF63EE18CD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b02b598-7174-4eb3-b1d6-2be76b0ac220.roa
Signing time:             Wed 30 Jul 2025 00:40:56 +0000
ROA not before:           Wed 30 Jul 2025 00:40:56 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:2040::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 17:52:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:3b:20:37:7b:52:e5:13:dc:40:1e:dc:aa:56:71:df:63:ee:18:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:40:56 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=4bb32181107371e071f34aeac6721ab0804d4efba76ae16fac8569b2f4183150, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:74:5b:96:51:1e:f4:4e:11:8b:c9:1e:80:aa:
                    bf:72:89:cb:c4:1a:8b:12:53:75:f2:2c:05:45:94:
                    3c:7f:af:9f:6f:43:54:57:ff:a3:f4:da:03:10:4a:
                    cf:24:90:7c:c0:cf:b9:ab:51:ee:8d:89:07:85:ef:
                    24:02:92:a3:77:85:0a:0e:fc:1c:93:42:ca:a6:78:
                    61:9e:76:fb:43:ec:6b:bd:32:7f:80:c7:e6:4a:d8:
                    6e:19:ce:90:64:63:9a:d0:4c:20:8a:17:58:58:e6:
                    22:f7:0e:3a:8b:3a:b2:91:92:17:4d:85:86:cf:c9:
                    3c:e3:dd:af:89:04:b9:51:e1:2d:8d:7a:a3:07:bb:
                    84:f9:08:ce:d8:13:e4:f8:f4:03:9a:09:8e:de:36:
                    59:bc:c2:56:e7:bc:22:2b:41:7a:e3:c6:86:3b:7d:
                    56:8a:65:77:8b:5b:3c:ef:db:3b:0d:d1:f7:e9:12:
                    0c:5f:aa:69:9f:89:63:4e:23:7b:da:40:f8:00:86:
                    20:7a:35:1a:e1:df:7f:8e:c0:43:86:d2:a3:60:48:
                    c2:b9:10:9a:b2:3c:be:8a:30:1a:2f:cb:9d:a9:b6:
                    4b:44:19:a3:66:0a:66:a1:40:09:51:6f:81:1e:29:
                    b0:f7:35:01:e1:0b:c4:11:1d:0d:c0:03:98:91:b2:
                    4f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:D1:05:ED:82:0F:A0:BE:60:88:65:16:CF:76:21:80:0D:01:59:58
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b02b598-7174-4eb3-b1d6-2be76b0ac220.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:2040::/46

    Signature Algorithm: sha256WithRSAEncryption
         73:d6:c7:10:cf:47:a3:aa:64:b3:54:38:ce:87:5d:46:92:6c:
         b6:0f:38:7b:8e:22:dc:c0:78:ef:ca:b1:85:e7:76:65:10:d8:
         1a:c4:78:60:5d:a8:3a:bf:09:37:a9:8e:35:91:c3:04:84:34:
         76:85:ef:ac:07:2d:c5:19:78:b5:5c:a7:15:fd:36:c7:5a:f2:
         82:8a:08:e0:7c:ae:d3:18:06:35:60:ce:a0:26:1e:0a:49:f0:
         00:ab:18:0b:5a:a2:5e:51:91:dd:f6:66:1b:ef:0f:07:61:c7:
         cb:57:81:87:f1:cc:1a:7a:19:1a:f7:0b:ae:f6:42:6d:c3:51:
         3a:c2:c2:ed:d0:1a:ee:cd:53:53:d1:4d:84:83:20:63:77:93:
         1b:32:38:0b:df:41:a2:45:59:4e:cc:ed:36:5d:84:97:c8:8b:
         25:22:00:f8:85:4f:13:72:ac:92:64:11:5b:96:22:89:a9:0b:
         2d:7c:ff:48:ce:40:4b:b1:b3:7e:4b:e8:19:5a:81:02:1a:54:
         b3:c2:e1:b5:c0:da:d8:e8:5b:48:c9:d3:81:47:69:3b:eb:01:
         80:59:cf:d6:ad:4c:fb:aa:32:65:57:13:cf:c1:bc:c6:60:0f:
         79:43:d0:e3:10:f5:80:c9:eb:6e:81:d4:97:86:4f:dc:ae:19:
         20:dc:21:b7
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUdzsgN3tS5RPcQB7cqlZx32PuGM0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDA1NloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANGJiMzIxODExMDczNzFlMDcxZjM0
YWVhYzY3MjFhYjA4MDRkNGVmYmE3NmFlMTZmYWM4NTY5YjJmNDE4MzE1MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXRbllEe9E4Ri8kegKq/conLxBqL
ElN18iwFRZQ8f6+fb0NUV/+j9NoDEErPJJB8wM+5q1HujYkHhe8kApKjd4UKDvwc
k0LKpnhhnnb7Q+xrvTJ/gMfmSthuGc6QZGOa0EwgihdYWOYi9w46izqykZIXTYWG
z8k8492viQS5UeEtjXqjB7uE+QjO2BPk+PQDmgmO3jZZvMJW57wiK0F648aGO31W
imV3i1s879s7DdH36RIMX6ppn4ljTiN72kD4AIYgejUa4d9/jsBDhtKjYEjCuRCa
sjy+ijAaL8udqbZLRBmjZgpmoUAJUW+BHimw9zUB4QvEER0NwAOYkbJPQwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKDRBe2CD6C+YIhlFs92IYANAVlYMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZiMDJiNTk4LTcxNzQtNGViMy1iMWQ2LTJiZTc2YjBhYzIyMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaSBAMA0GCSqGSIb3DQEBCwUAA4IBAQBz1scQz0ejqmSzVDjO
h11Gkmy2Dzh7jiLcwHjvyrGF53ZlENgaxHhgXag6vwk3qY41kcMEhDR2he+sBy3F
GXi1XKcV/TbHWvKCigjgfK7TGAY1YM6gJh4KSfAAqxgLWqJeUZHd9mYb7w8HYcfL
V4GH8cwaehka9wuu9kJtw1E6wsLt0BruzVNT0U2EgyBjd5MbMjgL30GiRVlOzO02
XYSXyIslIgD4hU8TcqySZBFbliKJqQstfP9IzkBLsbN+S+gZWoECGlSzwuG1wNrY
6FtIydOBR2k76wGAWc/WrUz7qjJlVxPPwbzGYA95Q9DjEPWAyetugdSXhk/crhkg
3CG3
-----END CERTIFICATE-----