Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7dc5b0f6-f40d-4c11-899c-80612f7db3d7.roa
File:                     7dc5b0f6-f40d-4c11-899c-80612f7db3d7.roa (raw, json)
Hash identifier:          lf4lrs2OuBd4r2gYa7j4z3RKbMyqQndTglqU9n+OLVM=
Subject key identifier:   07:44:01:8F:54:21:4B:FC:1A:A4:A1:2F:B6:08:0F:5E:42:7F:63:3F
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5008C0A42161C39E9EC0A120913156BAB751AEB6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7dc5b0f6-f40d-4c11-899c-80612f7db3d7.roa
Signing time:             Mon 12 May 2025 15:10:46 +0000
ROA not before:           Mon 12 May 2025 15:10:46 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dabb:e000::/40 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:07:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:08:c0:a4:21:61:c3:9e:9e:c0:a1:20:91:31:56:ba:b7:51:ae:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 12 15:10:46 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=9d54aa6d212b80b464cb1ff2d85d783ac7bd8444122def8fc76fe21290e67b45, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d3:f0:e1:54:6c:9e:ea:69:10:e5:27:9a:1e:
                    d2:4c:ea:b5:aa:75:a7:43:b3:e7:cd:f7:28:6b:2b:
                    28:97:da:9a:d9:d4:28:fb:80:9d:b8:f6:98:c6:f5:
                    8c:e7:f7:e0:5d:5d:87:9e:7c:ea:bc:d1:44:cd:37:
                    4b:40:de:12:dd:76:10:0c:09:42:80:fe:d6:dd:65:
                    df:59:54:8a:0d:2a:60:a2:cb:29:aa:75:6f:0b:f6:
                    b3:67:5f:fd:00:06:a0:ae:68:2a:9e:f6:00:83:8c:
                    33:50:89:a6:d3:d7:39:57:3b:0e:81:39:5c:62:32:
                    53:66:c6:a6:99:be:13:bd:ed:bc:dd:7a:76:ad:8f:
                    f4:ad:b5:c0:64:0b:37:94:14:31:6c:38:d8:bc:37:
                    22:78:fe:b5:fb:b3:b3:a4:d1:77:68:34:57:25:e8:
                    ab:e4:49:ae:f0:a9:89:4a:c3:9b:a4:2c:96:85:e6:
                    68:fa:14:f4:ca:48:d0:68:21:79:08:80:cb:ec:eb:
                    74:b1:05:5b:bb:30:36:9f:99:f7:4e:5e:9b:1e:0b:
                    13:5c:94:9b:08:8e:44:ad:1c:79:f2:f9:17:7b:71:
                    ff:29:7a:90:5d:21:b1:bb:96:95:ea:95:37:c2:03:
                    a3:6d:d6:4c:ea:df:0e:a1:75:9e:04:7b:96:a6:aa:
                    f9:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:44:01:8F:54:21:4B:FC:1A:A4:A1:2F:B6:08:0F:5E:42:7F:63:3F
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7dc5b0f6-f40d-4c11-899c-80612f7db3d7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dabb:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         8e:b2:6e:2f:71:ea:2e:34:16:62:f6:0c:96:09:e3:8b:40:20:
         ad:13:99:b9:23:b0:6e:99:71:ef:f7:ae:90:2a:57:56:29:6b:
         6d:19:76:5d:97:c9:52:c4:ef:23:4b:ce:a7:c6:ec:c9:ec:e8:
         b3:cd:6a:b5:8f:a2:7c:21:42:42:34:22:f3:38:64:21:2d:75:
         75:49:0e:2d:31:ca:1e:e1:3b:b9:b8:c3:6e:f6:2d:15:a5:82:
         27:45:09:0f:99:f5:09:32:32:2d:8d:df:d4:4b:33:6c:09:b9:
         60:5b:89:c7:24:25:a8:8a:f1:1a:a2:0d:1f:34:dc:49:5f:d9:
         05:62:03:0f:4b:20:84:5f:fd:68:16:26:77:73:21:6c:2a:d3:
         02:24:4e:bc:87:88:a4:f6:9f:58:3a:33:c9:dd:52:53:d4:f2:
         20:a0:b9:3a:03:c5:86:08:5a:2f:3e:7a:16:23:10:4f:ac:05:
         a7:45:a5:55:82:92:18:71:f1:e7:1c:ce:ae:12:9f:74:ab:d7:
         88:8e:8f:9b:de:90:01:dc:01:03:66:51:f0:bc:6f:1f:61:89:
         1c:e4:65:4c:29:b9:18:b4:92:f3:5d:cc:4a:4a:cd:43:e0:ad:
         38:20:94:ef:a8:e2:6e:0a:04:89:5b:9a:6f:55:80:4f:46:76:
         71:e3:26:e5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUUAjApCFhw56ewKEgkTFWurdRrrYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MTA0NloX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAOWQ1NGFhNmQyMTJiODBiNDY0Y2Ix
ZmYyZDg1ZDc4M2FjN2JkODQ0NDEyMmRlZjhmYzc2ZmUyMTI5MGU2N2I0NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldPw4VRsnuppEOUnmh7STOq1qnWn
Q7Pnzfcoaysol9qa2dQo+4CduPaYxvWM5/fgXV2HnnzqvNFEzTdLQN4S3XYQDAlC
gP7W3WXfWVSKDSpgosspqnVvC/azZ1/9AAagrmgqnvYAg4wzUImm09c5VzsOgTlc
YjJTZsammb4Tve283Xp2rY/0rbXAZAs3lBQxbDjYvDcieP61+7OzpNF3aDRXJeir
5Emu8KmJSsObpCyWheZo+hT0ykjQaCF5CIDL7Ot0sQVbuzA2n5n3Tl6bHgsTXJSb
CI5ErRx58vkXe3H/KXqQXSGxu5aV6pU3wgOjbdZM6t8OoXWeBHuWpqr5PwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAdEAY9UIUv8GqShL7YID15Cf2M/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdkYzViMGY2LWY0MGQtNGMxMS04OTljLTgwNjEyZjdkYjNkNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbau+AwDQYJKoZIhvcNAQELBQADggEBAI6ybi9x6i40FmL2DJYJ
44tAIK0TmbkjsG6Zce/3rpAqV1Ypa20Zdl2XyVLE7yNLzqfG7Mns6LPNarWPonwh
QkI0IvM4ZCEtdXVJDi0xyh7hO7m4w272LRWlgidFCQ+Z9QkyMi2N39RLM2wJuWBb
icckJaiK8RqiDR803Elf2QViAw9LIIRf/WgWJndzIWwq0wIkTryHiKT2n1g6M8nd
UlPU8iCguToDxYYIWi8+ehYjEE+sBadFpVWCkhhx8ecczq4Sn3Sr14iOj5vekAHc
AQNmUfC8bx9hiRzkZUwpuRi0kvNdzEpKzUPgrTgglO+o4m4KBIlbmm9VgE9GdnHj
JuU=
-----END CERTIFICATE-----