Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa
File:                     80672242-3fdf-44d8-88c6-841fcfbe1251.roa (raw, json)
Hash identifier:          /9b2b2e5wig44Nu1q4SLrM8HFHtUMslA7goibdQNg7Y=
Subject key identifier:   6F:C3:BA:98:27:7E:70:75:87:37:8F:24:7E:D4:49:E3:D2:D7:BC:C1
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       43A814C0D1899C4AA09AAC0A93B824D6503C104E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa
Signing time:             Wed 30 Jul 2025 00:21:42 +0000
ROA not before:           Wed 30 Jul 2025 00:21:42 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:8800::/40 maxlen: 40
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 17:39:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:a8:14:c0:d1:89:9c:4a:a0:9a:ac:0a:93:b8:24:d6:50:3c:10:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:21:42 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=7ad72da762b0b382a51778ec8404b5cf3747bef2879dccd517d5d4b05067d209, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:8d:12:c3:99:e0:4c:37:8a:36:e2:23:16:f4:
                    12:62:01:9f:ad:e6:de:10:9b:f9:47:d3:ec:8a:3b:
                    3c:30:6e:4c:e8:7a:4e:bd:d7:aa:73:52:bc:8a:5c:
                    12:5e:f1:f7:fe:65:af:81:6a:e9:4d:ac:2d:d4:7c:
                    bf:0c:ea:0e:0e:71:7a:34:f0:c1:50:86:fc:c7:06:
                    d1:7b:dc:83:8b:75:41:32:a5:b7:56:a6:fd:e4:8d:
                    43:77:e3:cb:3b:4c:f4:83:0e:56:91:8a:e7:b3:d4:
                    eb:d2:fd:e4:88:2b:75:19:d9:36:7a:39:9d:e7:29:
                    eb:83:d2:a6:c0:36:af:fa:53:61:3a:bc:8e:2a:a5:
                    90:14:ba:d5:f6:fa:ad:92:6e:d9:1b:d5:f6:1a:d9:
                    72:fe:7f:47:45:fa:49:df:98:34:09:3b:47:92:e5:
                    c5:06:78:55:f1:2a:cc:64:1b:ef:be:3f:00:d1:c4:
                    04:82:f5:c0:d5:07:cc:61:86:9f:c9:ff:d1:b4:12:
                    01:22:6c:56:85:2f:e5:31:1f:45:fc:0a:31:b1:96:
                    28:80:6f:27:9a:68:05:6a:59:28:1e:93:e3:3f:96:
                    1d:eb:ef:bb:7f:7d:46:0d:ff:1f:8c:da:ae:08:f9:
                    ed:b2:a2:b4:1f:e1:4a:a5:f8:37:40:c6:a2:f1:0d:
                    6a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:C3:BA:98:27:7E:70:75:87:37:8F:24:7E:D4:49:E3:D2:D7:BC:C1
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:8800::/40

    Signature Algorithm: sha256WithRSAEncryption
         03:44:21:1c:61:5b:60:5e:c9:f4:69:cd:c9:90:20:20:99:b1:
         df:42:23:5d:32:eb:20:c7:80:f9:38:9e:3d:64:cc:7d:6d:a8:
         79:5e:46:24:e1:bd:75:92:a8:92:9e:32:27:72:ff:e9:80:62:
         fa:f5:78:8e:aa:af:fa:c0:d6:26:dd:08:fe:0c:6f:32:58:8a:
         4a:97:16:42:70:22:0a:79:f5:69:e7:33:6c:8a:aa:db:98:82:
         68:33:06:21:50:85:93:43:94:77:26:a2:c1:37:b2:c5:62:b8:
         c7:97:ed:c6:3c:db:7c:06:c8:a2:b0:2a:67:8b:4c:17:b1:c6:
         57:ff:af:82:cd:f3:43:a8:39:92:34:dd:b9:8c:0d:2a:22:83:
         c2:fc:f7:82:83:42:10:83:d1:d2:5d:89:5c:51:5c:cf:df:8c:
         86:22:5c:da:0e:eb:5d:81:d3:85:c9:95:1d:a5:d0:19:1d:ba:
         9c:a4:6c:37:ea:a9:1d:22:f4:5e:bd:39:6b:0c:c3:c7:50:68:
         37:a2:68:11:79:d4:c9:ac:76:83:4b:7a:62:41:9a:88:62:b8:
         3e:45:99:d1:ec:f3:67:89:f2:55:9f:2f:40:43:3a:01:cb:06:
         a0:fa:d6:b8:5f:1e:a3:88:dc:ea:20:39:11:11:02:ac:55:46:
         2d:3a:2d:a7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQ6gUwNGJnEqgmqwKk7gk1lA8EE4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjE0MloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAN2FkNzJkYTc2MmIwYjM4MmE1MTc3
OGVjODQwNGI1Y2YzNzQ3YmVmMjg3OWRjY2Q1MTdkNWQ0YjA1MDY3ZDIwOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I0Sw5ngTDeKNuIjFvQSYgGfrebe
EJv5R9Psijs8MG5M6HpOvdeqc1K8ilwSXvH3/mWvgWrpTawt1Hy/DOoODnF6NPDB
UIb8xwbRe9yDi3VBMqW3Vqb95I1Dd+PLO0z0gw5WkYrns9Tr0v3kiCt1Gdk2ejmd
5ynrg9KmwDav+lNhOryOKqWQFLrV9vqtkm7ZG9X2Gtly/n9HRfpJ35g0CTtHkuXF
BnhV8SrMZBvvvj8A0cQEgvXA1QfMYYafyf/RtBIBImxWhS/lMR9F/AoxsZYogG8n
mmgFalkoHpPjP5Yd6++7f31GDf8fjNquCPntsqK0H+FKpfg3QMai8Q1qaQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFG/DupgnfnB1hzePJH7USePS17zBMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgwNjcyMjQyLTNmZGYtNDRkOC04OGM2LTg0MWZjZmJlMTI1MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaYgwDQYJKoZIhvcNAQELBQADggEBAANEIRxhW2BeyfRpzcmQ
ICCZsd9CI10y6yDHgPk4nj1kzH1tqHleRiThvXWSqJKeMidy/+mAYvr1eI6qr/rA
1ibdCP4MbzJYikqXFkJwIgp59WnnM2yKqtuYgmgzBiFQhZNDlHcmosE3ssViuMeX
7cY823wGyKKwKmeLTBexxlf/r4LN80OoOZI03bmMDSoig8L894KDQhCD0dJdiVxR
XM/fjIYiXNoO612B04XJlR2l0BkdupykbDfqqR0i9F69OWsMw8dQaDeiaBF51Mms
doNLemJBmohiuD5FmdHs82eJ8lWfL0BDOgHLBqD61rhfHqOI3OogORERAqxVRi06
Lac=
-----END CERTIFICATE-----