Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89b55295-371c-49ec-97e0-8c245b833b8d.roa
File:                     89b55295-371c-49ec-97e0-8c245b833b8d.roa (raw, json)
Hash identifier:          g4B3g/B65IUlMxWAp/lJjrVOLjN6smYVKX+a1X/J40k=
Subject key identifier:   3C:D4:4B:63:50:69:C2:CE:7F:EA:33:DB:60:AE:C8:9B:BE:AE:36:79
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       24356BBC92FBE5A2FAC1FBCD2141A9430B00F7DC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89b55295-371c-49ec-97e0-8c245b833b8d.roa
Signing time:             Thu 22 May 2025 00:38:32 +0000
ROA not before:           Thu 22 May 2025 00:38:32 +0000
ROA not after:            Thu 26 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab9:90c0::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:52:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:35:6b:bc:92:fb:e5:a2:fa:c1:fb:cd:21:41:a9:43:0b:00:f7:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 22 00:38:32 2025 GMT
            Not After : Jun 26 23:59:59 2025 GMT
        Subject: serialNumber=03171131a28ef9379b594fffd1d9562aa77b399eca739e44f45cec5641793db3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ac:a3:2f:31:9a:71:14:09:cb:f5:50:4a:c4:
                    e7:75:c8:b3:8c:0b:0b:25:5f:22:ab:df:4b:b3:c2:
                    db:27:d1:12:e9:bc:07:2f:84:6e:c0:7a:1f:7c:40:
                    e8:c4:5f:73:48:ea:b3:74:7b:e1:af:b4:38:fa:4e:
                    f9:5c:ee:1d:29:3d:8c:46:b1:27:7f:9d:de:dc:60:
                    87:fb:09:0d:01:7f:40:a3:52:5d:13:68:d5:71:e1:
                    58:c0:fb:6e:f6:77:f4:c5:2c:ef:6d:1e:e9:51:2e:
                    f7:41:0d:0f:ae:5b:0b:0c:4b:5a:e9:33:e2:65:e9:
                    a3:29:ae:e2:5a:b1:41:87:02:bf:49:6b:6f:94:56:
                    f4:1a:96:ca:1c:d6:11:cc:e2:af:71:7c:2b:c9:32:
                    e7:b8:18:ed:cf:52:85:54:8a:90:a8:5c:86:5a:e0:
                    e7:ae:0f:8e:b6:41:0b:7b:ef:86:84:40:dc:a5:79:
                    f2:3a:6b:60:62:dd:9b:a1:fa:58:26:38:8d:e6:b5:
                    ed:e9:c7:6d:9a:85:33:b2:65:7f:6c:6b:f2:60:53:
                    0f:46:2b:db:eb:c6:1a:cc:23:f6:77:43:b6:e5:eb:
                    60:25:03:84:d4:bb:b7:4a:1f:df:a4:ff:51:d5:16:
                    e9:cb:d5:7d:47:59:5e:93:06:8b:d0:52:d6:93:32:
                    ea:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:D4:4B:63:50:69:C2:CE:7F:EA:33:DB:60:AE:C8:9B:BE:AE:36:79
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89b55295-371c-49ec-97e0-8c245b833b8d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab9:90c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         c0:7d:4c:0a:12:41:e5:1e:98:88:38:9e:0e:bc:de:2d:de:41:
         56:3b:93:03:a9:a0:33:ef:90:08:a1:b0:54:b6:16:e1:ee:c5:
         d9:2a:d3:b1:2c:0d:46:35:46:d3:52:2e:00:d5:9c:8b:13:36:
         4e:b4:2b:cf:7b:91:9d:1d:99:90:6d:a2:f1:33:72:e0:39:83:
         bd:0e:e6:7e:49:ef:43:18:da:28:c3:86:e9:0a:08:cc:27:df:
         cb:45:c5:68:92:7b:a6:98:8c:8e:59:93:be:2a:89:8a:a0:13:
         33:12:9d:62:63:4c:17:76:22:f8:d7:13:b7:a5:08:bd:f2:14:
         62:57:44:51:f2:52:af:27:8d:2e:3d:b7:4b:96:60:ce:a8:b7:
         d0:d3:86:34:d9:bc:0f:58:26:a8:45:5f:02:5b:43:67:07:16:
         47:36:27:00:14:dd:50:cc:19:58:37:dd:0f:29:98:3d:cb:79:
         02:55:49:61:5b:96:16:38:15:04:a2:78:b0:21:e3:0f:58:86:
         08:fd:28:ba:54:96:9f:06:01:4f:bd:63:8d:22:cd:24:47:37:
         cb:a9:86:c5:23:3d:1c:0d:f5:4f:c8:c0:e4:05:4f:76:df:6b:
         00:79:7f:8b:f0:f9:cb:6c:7d:31:f3:d1:87:a7:cc:ab:d8:17:
         6a:aa:6f:79
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUJDVrvJL75aL6wfvNIUGpQwsA99wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwMzgzMloX
DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNAMDMxNzExMzFhMjhlZjkzNzliNTk0
ZmZmZDFkOTU2MmFhNzdiMzk5ZWNhNzM5ZTQ0ZjQ1Y2VjNTY0MTc5M2RiMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKyjLzGacRQJy/VQSsTndcizjAsL
JV8iq99Ls8LbJ9ES6bwHL4RuwHoffEDoxF9zSOqzdHvhr7Q4+k75XO4dKT2MRrEn
f53e3GCH+wkNAX9Ao1JdE2jVceFYwPtu9nf0xSzvbR7pUS73QQ0PrlsLDEta6TPi
ZemjKa7iWrFBhwK/SWtvlFb0GpbKHNYRzOKvcXwryTLnuBjtz1KFVIqQqFyGWuDn
rg+OtkELe++GhEDcpXnyOmtgYt2bofpYJjiN5rXt6cdtmoUzsmV/bGvyYFMPRivb
68YazCP2d0O25etgJQOE1Lu3Sh/fpP9R1Rbpy9V9R1lekwaL0FLWkzLq4QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDzUS2NQacLOf+oz22CuyJu+rjZ5MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg5YjU1Mjk1LTM3MWMtNDllYy05N2UwLThjMjQ1YjgzM2I4ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbauZDAMA0GCSqGSIb3DQEBCwUAA4IBAQDAfUwKEkHlHpiIOJ4O
vN4t3kFWO5MDqaAz75AIobBUthbh7sXZKtOxLA1GNUbTUi4A1ZyLEzZOtCvPe5Gd
HZmQbaLxM3LgOYO9DuZ+Se9DGNoow4bpCgjMJ9/LRcVoknummIyOWZO+KomKoBMz
Ep1iY0wXdiL41xO3pQi98hRiV0RR8lKvJ40uPbdLlmDOqLfQ04Y02bwPWCaoRV8C
W0NnBxZHNicAFN1QzBlYN90PKZg9y3kCVUlhW5YWOBUEoniwIeMPWIYI/Si6VJaf
BgFPvWONIs0kRzfLqYbFIz0cDfVPyMDkBU9232sAeX+L8PnLbH0x89GHp8yr2Bdq
qm95
-----END CERTIFICATE-----