Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d360aed-98af-4b86-84d2-f1b86117b0a2.roa
File:                     7d360aed-98af-4b86-84d2-f1b86117b0a2.roa (raw, json)
Hash identifier:          vk5BowLwCgGBhXqlQnPe2EnfDRp90nhwTmytLgMqtPs=
Subject key identifier:   0E:7A:2D:20:E1:59:57:6D:9F:33:19:A3:1D:6B:28:61:1D:48:77:EE
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5606E1A0A086E61EF4FD90C3AEDDDEEB5668A7FC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d360aed-98af-4b86-84d2-f1b86117b0a2.roa
Signing time:             Tue 29 Jul 2025 00:50:08 +0000
ROA not before:           Tue 29 Jul 2025 00:50:08 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:b0c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:06:e1:a0:a0:86:e6:1e:f4:fd:90:c3:ae:dd:de:eb:56:68:a7:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 29 00:50:08 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=138bda369f2d42ede12205e61b86e3c626213d752316d22f17fa58f48e08ec3c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:42:0d:5c:6a:ab:32:6e:dd:17:7e:95:90:bc:
                    bf:52:74:36:ff:83:d6:f4:d8:f1:34:d8:2f:91:dc:
                    a9:32:14:f1:69:86:a5:08:93:3d:41:7e:83:b9:b4:
                    f7:0b:35:77:23:d4:ec:fe:29:f2:0c:a3:46:be:f6:
                    c6:26:b7:70:bb:f4:fb:9a:ce:e8:87:0e:c0:2e:ec:
                    2a:a4:06:65:04:32:2c:f6:52:68:dc:d8:37:71:1b:
                    a6:5d:1d:d3:b9:a2:b0:3d:fc:88:6b:a2:54:9a:9e:
                    da:81:20:85:71:e6:eb:32:04:f5:ca:e9:ab:26:84:
                    a4:bf:c3:7f:b1:10:2b:c4:00:70:0e:ca:2a:91:5e:
                    03:6d:34:39:e9:27:ef:54:4a:25:8b:b6:91:6c:00:
                    4a:18:ec:3b:f1:d8:f7:83:94:6d:28:47:40:2c:3c:
                    62:14:f0:d0:56:be:01:37:d4:a5:63:c7:75:b0:ae:
                    ae:91:33:86:28:ef:a4:0d:bc:79:ce:5b:43:d9:c2:
                    03:d4:86:59:e5:2d:51:af:45:0c:ea:75:a1:f3:7d:
                    69:1a:9d:96:50:f5:c2:b2:12:fd:1d:65:d8:26:09:
                    a7:aa:5b:09:92:c5:4f:29:77:f6:43:67:d3:ac:98:
                    d0:de:46:be:90:a1:51:80:cb:bc:28:ef:f3:34:37:
                    5b:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:7A:2D:20:E1:59:57:6D:9F:33:19:A3:1D:6B:28:61:1D:48:77:EE
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d360aed-98af-4b86-84d2-f1b86117b0a2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:b0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         8b:c1:3b:1f:e8:ba:29:3a:cf:7b:78:3b:a2:43:ff:89:73:c2:
         79:02:83:a5:dc:90:8f:21:f9:de:c8:30:53:21:99:ad:0b:0b:
         6c:7e:c0:49:cf:06:4d:7b:fe:db:4c:f3:73:d0:2f:5c:c3:a3:
         b0:71:e5:ed:34:34:f1:19:48:13:2c:0f:f5:71:a0:f7:8a:b7:
         0c:b1:b6:06:fb:ef:95:6b:05:ef:92:3e:8c:5a:6d:92:86:9f:
         da:26:ce:14:5a:d6:9e:52:7d:c2:f6:a9:12:b8:ee:28:02:5a:
         b4:eb:a1:5a:33:37:7a:f2:b5:bc:95:6b:cb:e5:e7:8f:1a:a3:
         5b:a0:62:e5:66:2b:af:50:d4:3c:20:ea:12:16:1d:95:c6:13:
         76:31:89:a3:78:94:d3:b4:d6:63:1d:2a:51:53:77:a5:87:97:
         c2:bb:df:af:a4:c1:e1:ee:70:a0:a1:71:9e:ec:1a:a4:6e:14:
         63:85:e7:33:55:24:4b:ed:1f:60:ab:6c:2f:6c:8f:66:4a:9a:
         20:d7:61:3e:21:81:83:e5:25:cd:54:39:74:20:05:a4:f2:74:
         7b:6a:da:67:0b:f8:4a:c8:27:6d:8d:ef:25:96:64:b5:29:93:
         5b:b9:c9:25:a0:49:cd:31:91:57:b8:04:cc:b8:3c:b3:e5:d9:
         9e:86:b9:f3
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUVgbhoKCG5h70/ZDDrt3e61Zop/wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNTAwOFoX
DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMTM4YmRhMzY5ZjJkNDJlZGUxMjIw
NWU2MWI4NmUzYzYyNjIxM2Q3NTIzMTZkMjJmMTdmYTU4ZjQ4ZTA4ZWMzYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUINXGqrMm7dF36VkLy/UnQ2/4PW
9NjxNNgvkdypMhTxaYalCJM9QX6DubT3CzV3I9Ts/inyDKNGvvbGJrdwu/T7ms7o
hw7ALuwqpAZlBDIs9lJo3Ng3cRumXR3TuaKwPfyIa6JUmp7agSCFcebrMgT1yumr
JoSkv8N/sRArxABwDsoqkV4DbTQ56SfvVEoli7aRbABKGOw78dj3g5RtKEdALDxi
FPDQVr4BN9SlY8d1sK6ukTOGKO+kDbx5zltD2cID1IZZ5S1Rr0UM6nWh831pGp2W
UPXCshL9HWXYJgmnqlsJksVPKXf2Q2fTrJjQ3ka+kKFRgMu8KO/zNDdbJwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFA56LSDhWVdtnzMZox1rKGEdSHfuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdkMzYwYWVkLTk4YWYtNGI4Ni04NGQyLWYxYjg2MTE3YjBhMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaabDAMA0GCSqGSIb3DQEBCwUAA4IBAQCLwTsf6LopOs97eDui
Q/+Jc8J5AoOl3JCPIfneyDBTIZmtCwtsfsBJzwZNe/7bTPNz0C9cw6OwceXtNDTx
GUgTLA/1caD3ircMsbYG+++VawXvkj6MWm2Shp/aJs4UWtaeUn3C9qkSuO4oAlq0
66FaMzd68rW8lWvL5eePGqNboGLlZiuvUNQ8IOoSFh2VxhN2MYmjeJTTtNZjHSpR
U3elh5fCu9+vpMHh7nCgoXGe7BqkbhRjheczVSRL7R9gq2wvbI9mSpog12E+IYGD
5SXNVDl0IAWk8nR7atpnC/hKyCdtje8llmS1KZNbuckloEnNMZFXuATMuDyz5dme
hrnz
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:03:50 2025 by rpki-client