Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/88f9e72d-8db9-4426-bce7-0b199c7b70d0.roa
File:                     88f9e72d-8db9-4426-bce7-0b199c7b70d0.roa (raw, json)
Hash identifier:          URw8HYfKrg487yAdcaW9qFgl/oft374+9v/yeeo8spc=
Subject key identifier:   A2:1A:16:9F:98:B3:87:35:01:F5:21:FE:CB:C8:58:48:7C:0A:71:6A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       77E51C6932F75DB71B2A34C6052B81CCBFDC03F2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/88f9e72d-8db9-4426-bce7-0b199c7b70d0.roa
Signing time:             Wed 30 Jul 2025 00:40:58 +0000
ROA not before:           Wed 30 Jul 2025 00:40:58 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:4000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:52:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:e5:1c:69:32:f7:5d:b7:1b:2a:34:c6:05:2b:81:cc:bf:dc:03:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:40:58 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=e6d3e364ce64c2a37e919bdfe3fbc1cb58b829c53d4ec3912ca8b6c9f8f96dd3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:96:32:31:20:c7:c2:43:9c:f0:e7:80:67:d4:
                    25:d8:da:fc:ae:90:af:57:92:12:da:f3:23:0b:a2:
                    e9:9a:8b:ec:7d:8b:b3:64:0c:ac:33:da:63:9a:fd:
                    b3:89:a3:a0:f2:da:d9:f5:63:4c:96:20:e5:e4:38:
                    d1:41:dd:b5:19:7d:78:2d:c3:5d:56:63:f1:0b:d8:
                    65:56:45:a1:3a:eb:e8:8e:0e:2c:a0:51:bc:50:53:
                    84:45:34:1e:82:1e:41:d8:90:96:27:1e:86:8f:8c:
                    d8:d6:4c:a5:34:6f:6b:5c:5b:5b:d4:b4:07:48:c1:
                    09:72:63:bc:04:24:ae:1f:5a:dd:b9:ce:7b:c8:77:
                    c1:be:fa:a8:57:38:5a:36:0e:dc:9b:d2:9b:8b:f2:
                    35:2d:ac:78:28:97:e5:6a:e4:d4:b3:14:56:88:26:
                    6c:91:c0:8e:5a:e2:bb:7a:3d:12:ee:1e:74:df:3d:
                    9d:23:99:fe:fd:3c:a5:c3:51:bc:ed:cf:f5:44:90:
                    c8:54:e7:85:30:c9:6b:44:33:3a:1b:69:29:99:5f:
                    d7:68:be:4d:b4:0a:00:1f:9b:cc:17:6d:dc:26:ea:
                    06:d8:c6:a3:fb:40:30:f1:15:45:60:a0:0a:c2:70:
                    f7:4c:e2:b1:1a:ce:cc:f8:6d:60:4b:2d:f4:42:a5:
                    46:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:1A:16:9F:98:B3:87:35:01:F5:21:FE:CB:C8:58:48:7C:0A:71:6A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/88f9e72d-8db9-4426-bce7-0b199c7b70d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         c6:1f:13:ec:6d:dc:24:f3:37:ff:a0:6a:be:26:32:b4:4c:af:
         18:8f:4b:a3:97:da:a6:8a:f9:22:a4:89:d3:da:11:1a:34:83:
         f5:b6:57:a2:14:9b:8f:c8:ed:4a:ba:7c:ca:fd:be:59:2f:c8:
         0d:e5:4e:7e:de:0b:50:a5:b4:36:d6:e0:0d:4e:cd:94:07:e6:
         88:d4:c5:ac:45:4a:83:6c:1f:7d:dc:61:0d:b8:4a:de:88:ae:
         a7:36:e9:89:47:d2:d6:b8:fc:4b:50:4e:c5:68:c0:3c:9e:3a:
         ed:14:9f:b7:6e:4d:73:72:42:a7:88:ad:6f:5f:09:00:62:7f:
         7c:fc:9d:0a:a4:b2:8d:7b:87:57:01:fc:68:9d:be:16:6f:55:
         ab:61:c3:72:a3:04:90:59:5f:19:67:d4:31:da:a5:3a:ac:ba:
         93:97:51:90:a8:cc:35:9e:06:c2:8e:fd:c1:b7:a6:db:22:ec:
         03:68:28:1c:3f:d2:bb:5f:4b:14:fe:7b:2c:a5:a1:91:03:ed:
         d1:4d:10:ff:be:00:56:b4:a4:c6:38:2f:2a:01:c8:b3:5a:15:
         68:1a:56:f6:c3:2a:2d:78:f3:a0:e1:10:5a:84:13:85:1d:e7:
         db:48:12:7e:f9:2b:52:4d:82:eb:52:59:5f:44:04:7f:6f:11:
         08:1f:2d:c9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUd+UcaTL3XbcbKjTGBSuBzL/cA/IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDA1OFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZTZkM2UzNjRjZTY0YzJhMzdlOTE5
YmRmZTNmYmMxY2I1OGI4MjljNTNkNGVjMzkxMmNhOGI2YzlmOGY5NmRkMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZYyMSDHwkOc8OeAZ9Ql2Nr8rpCv
V5IS2vMjC6LpmovsfYuzZAysM9pjmv2ziaOg8trZ9WNMliDl5DjRQd21GX14LcNd
VmPxC9hlVkWhOuvojg4soFG8UFOERTQegh5B2JCWJx6Gj4zY1kylNG9rXFtb1LQH
SMEJcmO8BCSuH1rduc57yHfBvvqoVzhaNg7cm9Kbi/I1Lax4KJflauTUsxRWiCZs
kcCOWuK7ej0S7h503z2dI5n+/Tylw1G87c/1RJDIVOeFMMlrRDM6G2kpmV/XaL5N
tAoAH5vMF23cJuoG2Maj+0Aw8RVFYKAKwnD3TOKxGs7M+G1gSy30QqVG5QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKIaFp+Ys4c1AfUh/svIWEh8CnFqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg4ZjllNzJkLThkYjktNDQyNi1iY2U3LTBiMTk5YzdiNzBkMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba90AwDQYJKoZIhvcNAQELBQADggEBAMYfE+xt3CTzN/+gar4m
MrRMrxiPS6OX2qaK+SKkidPaERo0g/W2V6IUm4/I7Uq6fMr9vlkvyA3lTn7eC1Cl
tDbW4A1OzZQH5ojUxaxFSoNsH33cYQ24St6Irqc26YlH0ta4/EtQTsVowDyeOu0U
n7duTXNyQqeIrW9fCQBif3z8nQqkso17h1cB/GidvhZvVathw3KjBJBZXxln1DHa
pTqsupOXUZCozDWeBsKO/cG3ptsi7ANoKBw/0rtfSxT+eyyloZED7dFNEP++AFa0
pMY4LyoByLNaFWgaVvbDKi1486DhEFqEE4Ud59tIEn75K1JNgutSWV9EBH9vEQgf
Lck=
-----END CERTIFICATE-----