Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9016c8f8-5e23-4acf-929a-ba5a344b35b6.roa
File:                     9016c8f8-5e23-4acf-929a-ba5a344b35b6.roa (raw, json)
Hash identifier:          ry2kuX3ZegLESnwqsSlD5r7UgBIqS1J6Q2beMNMlTD8=
Subject key identifier:   B2:FE:2E:45:44:D6:A0:4F:08:B7:EA:9F:EA:D7:F2:46:A6:49:1B:BA
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7A555FB486246235D37893D25862EE65093BF7AD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9016c8f8-5e23-4acf-929a-ba5a344b35b6.roa
Signing time:             Wed 30 Jul 2025 00:21:37 +0000
ROA not before:           Wed 30 Jul 2025 00:21:37 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:4080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 17:54:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:55:5f:b4:86:24:62:35:d3:78:93:d2:58:62:ee:65:09:3b:f7:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:21:37 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=769e97049cd382919131c638d70109028a7561e8e0eb25ca6e70680719774939, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:ac:61:28:16:73:f7:d6:fe:b8:c7:4d:c7:9b:
                    a2:1f:41:5b:f1:da:92:96:f0:08:94:0e:1c:95:03:
                    39:57:f1:c0:9a:1b:45:c3:a3:a1:61:23:a3:21:ba:
                    f5:0a:7d:80:d8:4c:97:77:21:31:9e:c7:9c:c2:00:
                    83:88:43:14:f4:12:00:56:13:46:18:d1:2e:bf:95:
                    53:bb:f2:00:77:de:6b:fd:58:55:12:64:74:5f:ac:
                    0c:95:98:01:21:8b:c8:3b:37:d2:b9:55:a4:2c:96:
                    b0:ce:d1:d4:26:8d:55:26:8e:8f:5d:98:73:af:d5:
                    3b:89:4a:c2:b2:14:b4:c8:13:36:a4:13:73:c7:d0:
                    b8:a8:ca:39:ee:8c:33:c0:c0:6a:af:38:b4:aa:0c:
                    e5:4e:84:c0:5b:f5:70:32:56:2d:51:99:e0:06:2f:
                    a9:a7:dd:47:0f:f5:c7:3f:da:84:c6:e5:35:eb:70:
                    6d:61:ac:d1:07:d3:c4:cf:8c:28:bd:ee:7c:35:26:
                    4c:9f:e8:ff:a2:76:50:7f:d0:d9:da:45:4a:23:c1:
                    65:f4:ce:d2:8d:c5:9f:ed:8b:db:16:e6:64:6e:e7:
                    43:ea:bf:57:ac:73:b0:56:6e:4a:6c:a3:8c:ea:68:
                    1d:79:a1:13:b1:aa:ac:af:3d:38:bd:37:ea:4f:e1:
                    2a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:FE:2E:45:44:D6:A0:4F:08:B7:EA:9F:EA:D7:F2:46:A6:49:1B:BA
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9016c8f8-5e23-4acf-929a-ba5a344b35b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:4080::/46

    Signature Algorithm: sha256WithRSAEncryption
         48:5c:73:a8:35:40:76:7d:cd:35:27:fe:96:53:02:5e:f8:92:
         a9:7f:58:37:71:f1:e0:ac:99:a6:bb:12:6c:20:c2:3d:1b:f0:
         68:48:7a:2c:83:e2:0d:b6:a0:38:6b:21:ba:28:e3:50:a1:a4:
         ee:89:cd:9f:25:0d:23:b9:ed:71:e4:88:8c:97:77:5b:6f:ce:
         c3:76:63:2b:f7:03:06:87:e8:fc:87:ea:97:a0:78:84:e6:b6:
         5d:dc:97:4b:a7:a7:2a:23:1d:f9:d1:44:1d:97:f5:06:7a:bd:
         65:ce:36:8f:3f:84:d4:30:4c:f4:2c:b4:95:da:c2:ed:4c:58:
         b9:e2:31:05:8a:a2:50:af:97:17:12:7e:20:88:6e:28:bc:47:
         8d:99:d9:44:b4:2f:f2:84:d7:49:7f:d7:3a:8b:9f:a7:c8:6f:
         bd:18:59:14:d9:ca:71:34:f0:90:01:d4:6c:72:8d:12:c8:40:
         62:e0:2e:2b:66:2b:1b:04:11:ec:33:59:da:59:49:23:f3:dc:
         8b:51:bb:b2:8e:16:36:f1:ef:52:d0:a5:f9:84:98:6e:88:fb:
         c0:3c:94:90:7c:34:f2:51:75:96:d1:d1:83:0a:fb:a1:89:29:
         59:1c:ce:48:e6:2b:41:b6:b7:17:90:c9:04:11:25:e2:7b:4c:
         03:31:70:93
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUelVftIYkYjXTeJPSWGLuZQk7960wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjEzN1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANzY5ZTk3MDQ5Y2QzODI5MTkxMzFj
NjM4ZDcwMTA5MDI4YTc1NjFlOGUwZWIyNWNhNmU3MDY4MDcxOTc3NDkzOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6axhKBZz99b+uMdNx5uiH0Fb8dqS
lvAIlA4clQM5V/HAmhtFw6OhYSOjIbr1Cn2A2EyXdyExnsecwgCDiEMU9BIAVhNG
GNEuv5VTu/IAd95r/VhVEmR0X6wMlZgBIYvIOzfSuVWkLJawztHUJo1VJo6PXZhz
r9U7iUrCshS0yBM2pBNzx9C4qMo57owzwMBqrzi0qgzlToTAW/VwMlYtUZngBi+p
p91HD/XHP9qExuU163BtYazRB9PEz4wove58NSZMn+j/onZQf9DZ2kVKI8Fl9M7S
jcWf7YvbFuZkbudD6r9XrHOwVm5KbKOM6mgdeaETsaqsrz04vTfqT+Eq8wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLL+LkVE1qBPCLfqn+rX8kamSRu6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzkwMTZjOGY4LTVlMjMtNGFjZi05MjlhLWJhNWEzNDRiMzViNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaUCAMA0GCSqGSIb3DQEBCwUAA4IBAQBIXHOoNUB2fc01J/6W
UwJe+JKpf1g3cfHgrJmmuxJsIMI9G/BoSHosg+INtqA4ayG6KONQoaTuic2fJQ0j
ue1x5IiMl3dbb87DdmMr9wMGh+j8h+qXoHiE5rZd3JdLp6cqIx350UQdl/UGer1l
zjaPP4TUMEz0LLSV2sLtTFi54jEFiqJQr5cXEn4giG4ovEeNmdlEtC/yhNdJf9c6
i5+nyG+9GFkU2cpxNPCQAdRsco0SyEBi4C4rZisbBBHsM1naWUkj89yLUbuyjhY2
8e9S0KX5hJhuiPvAPJSQfDTyUXWW0dGDCvuhiSlZHM5I5itBtrcXkMkEESXie0wD
MXCT
-----END CERTIFICATE-----