Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa
File:                     89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa (raw, json)
Hash identifier:          tGchuBtFDdaZWiApaPmoGOZ76NxPPlG/q4hA9Ki2bNk=
Subject key identifier:   7E:3B:CC:0A:D0:79:04:8A:03:7E:B2:D0:79:08:D5:17:D1:71:F6:7A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       501CED91E4A60ACD4EF21C414701638A942242B1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa
Signing time:             Wed 30 Jul 2025 00:11:23 +0000
ROA not before:           Wed 30 Jul 2025 00:11:23 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:2020::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:08:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:1c:ed:91:e4:a6:0a:cd:4e:f2:1c:41:47:01:63:8a:94:22:42:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:11:23 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=ea9a5858755910d2e2baae4a1ef8f322743ff271b95544feb6281f56712aee7c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:24:2b:40:2c:1c:de:1a:8e:7f:b9:af:a1:0d:
                    3b:54:d6:f7:dd:7a:f4:e8:6c:15:85:f6:44:54:54:
                    83:bc:c0:2e:ac:08:7f:7f:80:b3:a7:65:de:0b:42:
                    c0:bf:c4:c1:6c:06:85:8a:81:c7:85:71:97:37:18:
                    59:1c:89:c2:ec:8a:b2:b8:0b:02:84:46:36:a4:3e:
                    3f:a1:53:59:51:2d:83:31:7a:38:72:65:6f:95:1e:
                    d5:11:bc:88:e6:96:05:77:2b:51:f4:82:fc:60:00:
                    c5:2d:be:50:7f:65:f8:4a:80:5e:a3:a2:fc:43:2d:
                    85:0d:bd:a6:ae:e9:b7:12:3c:97:33:9b:52:85:95:
                    e5:64:e9:e2:72:f7:be:40:69:4f:ca:b2:48:46:c8:
                    85:a8:b9:a4:7e:4a:7a:96:0b:92:08:e9:51:5e:6f:
                    e9:5c:05:e4:8e:8b:54:35:4f:9d:04:45:04:b4:e1:
                    4e:b3:8c:9d:c2:93:55:12:36:05:21:8e:71:1a:89:
                    32:a5:59:90:52:ea:48:57:cf:1d:d6:2d:26:41:a5:
                    85:aa:08:2c:00:ad:d6:7f:a3:32:57:6a:c2:46:77:
                    9f:00:1a:c6:35:79:07:e1:17:84:1e:fc:d2:23:d9:
                    98:48:4d:ca:8d:48:c8:05:66:f5:44:bf:81:3c:c1:
                    7f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:3B:CC:0A:D0:79:04:8A:03:7E:B2:D0:79:08:D5:17:D1:71:F6:7A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89fbb5c5-0ff9-4548-bb50-6e421ec6e274.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:2020::/46

    Signature Algorithm: sha256WithRSAEncryption
         53:40:ec:30:a5:81:ac:7a:f8:a2:f2:0d:bc:fe:32:37:f1:e2:
         25:46:69:1f:01:ae:df:e3:2d:af:07:2c:8e:ba:9a:87:6a:81:
         9e:aa:5e:24:6f:51:ba:19:8c:da:54:f4:bd:c0:d9:c5:33:cf:
         d7:5b:2c:19:b3:b6:f3:f7:09:10:cc:18:25:3d:c7:74:86:6e:
         25:22:59:9e:22:f9:39:b1:4c:ef:d5:48:8a:8c:d3:4f:94:b1:
         b2:4d:a1:4e:5b:c3:2a:3c:49:26:4b:28:17:07:41:9e:45:54:
         d1:d7:f4:ce:c9:32:10:1a:5a:aa:82:3e:25:07:92:ef:3d:2a:
         45:6f:3a:10:d6:5b:e4:e3:0c:94:00:02:86:e0:a7:ea:73:a9:
         84:a9:4a:0a:33:f9:9a:63:44:cd:92:c5:e3:d3:e2:12:70:65:
         2f:fd:be:21:a3:e4:8f:a2:2f:86:88:7b:56:9c:10:55:07:aa:
         af:12:d9:3b:50:6f:26:5a:02:ee:94:8a:51:62:48:bd:91:af:
         cf:d7:0c:2f:54:51:1e:38:22:be:54:26:a1:a3:f9:a6:aa:4c:
         d4:71:86:97:71:d1:b7:ee:c7:a6:ee:98:7d:6f:c3:ef:9b:b0:
         a3:b3:31:a6:74:36:a0:9b:95:69:79:b9:87:cd:c1:15:e2:2c:
         3e:ce:58:1f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUUBztkeSmCs1O8hxBRwFjipQiQrEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMTEyM1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZWE5YTU4NTg3NTU5MTBkMmUyYmFh
ZTRhMWVmOGYzMjI3NDNmZjI3MWI5NTU0NGZlYjYyODFmNTY3MTJhZWU3YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiQrQCwc3hqOf7mvoQ07VNb33Xr0
6GwVhfZEVFSDvMAurAh/f4Czp2XeC0LAv8TBbAaFioHHhXGXNxhZHInC7IqyuAsC
hEY2pD4/oVNZUS2DMXo4cmVvlR7VEbyI5pYFdytR9IL8YADFLb5Qf2X4SoBeo6L8
Qy2FDb2mrum3EjyXM5tShZXlZOnicve+QGlPyrJIRsiFqLmkfkp6lguSCOlRXm/p
XAXkjotUNU+dBEUEtOFOs4ydwpNVEjYFIY5xGokypVmQUupIV88d1i0mQaWFqggs
AK3Wf6MyV2rCRnefABrGNXkH4ReEHvzSI9mYSE3KjUjIBWb1RL+BPMF/EQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFH47zArQeQSKA36y0HkI1RfRcfZ6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg5ZmJiNWM1LTBmZjktNDU0OC1iYjUwLTZlNDIxZWM2ZTI3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9yAgMA0GCSqGSIb3DQEBCwUAA4IBAQBTQOwwpYGsevii8g28
/jI38eIlRmkfAa7f4y2vByyOupqHaoGeql4kb1G6GYzaVPS9wNnFM8/XWywZs7bz
9wkQzBglPcd0hm4lIlmeIvk5sUzv1UiKjNNPlLGyTaFOW8MqPEkmSygXB0GeRVTR
1/TOyTIQGlqqgj4lB5LvPSpFbzoQ1lvk4wyUAAKG4Kfqc6mEqUoKM/maY0TNksXj
0+IScGUv/b4ho+SPoi+GiHtWnBBVB6qvEtk7UG8mWgLulIpRYki9ka/P1wwvVFEe
OCK+VCaho/mmqkzUcYaXcdG37sem7ph9b8Pvm7CjszGmdDagm5VpebmHzcEV4iw+
zlgf
-----END CERTIFICATE-----