Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99d86cf2-ece3-438c-8964-4bed5e5c36ad.roa
File:                     99d86cf2-ece3-438c-8964-4bed5e5c36ad.roa (raw, json)
Hash identifier:          dm9m23UnmUbVEs4dRxP/pd4Rv3WSrMaQEa0ilouxwl0=
Subject key identifier:   7B:F1:82:3F:40:1B:25:61:69:65:32:39:4E:4E:94:53:6B:D7:19:63
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1AF3F0684DC6855FD4096F98284BD684E3EB4CD3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99d86cf2-ece3-438c-8964-4bed5e5c36ad.roa
Signing time:             Wed 30 Jul 2025 00:41:34 +0000
ROA not before:           Wed 30 Jul 2025 00:41:34 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:8840::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:22:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:f3:f0:68:4d:c6:85:5f:d4:09:6f:98:28:4b:d6:84:e3:eb:4c:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:41:34 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=1d63431541cdba53a4ad95100925f92f0105b00bd9a03b65a66600719939eaee, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:78:48:1e:0b:15:1d:a1:11:25:a9:a4:1e:df:
                    a7:af:3b:82:a0:8f:0b:b8:f4:47:cc:7a:40:b4:a5:
                    23:25:60:e7:00:92:4b:23:8b:85:c9:78:32:01:3c:
                    40:90:fe:85:8b:62:b0:7a:14:ca:e5:ce:43:2d:1b:
                    5a:fe:9c:0f:ae:f8:0a:56:31:78:4e:d2:93:e6:77:
                    47:9e:fe:57:3b:dd:d4:43:32:dd:dd:7e:6e:15:70:
                    2f:a7:e6:f0:65:12:86:ba:07:2c:6d:09:aa:bd:a0:
                    22:41:d4:ae:1b:25:05:60:29:8f:19:cf:9f:86:52:
                    fc:87:19:c2:9f:f1:4e:81:7e:98:ab:13:20:7f:9f:
                    39:cd:2e:1a:bd:28:6d:da:51:1e:1f:5f:8c:65:5c:
                    27:02:84:f8:ef:64:63:4a:0c:6a:a6:e7:4c:fe:58:
                    bf:aa:5e:d5:cc:16:d3:df:16:09:d6:92:55:bf:30:
                    5c:7e:92:73:40:2a:49:fa:d7:0b:eb:a7:08:51:d2:
                    ad:67:c4:1f:5a:e1:b3:4b:60:a7:f8:34:e6:04:60:
                    8f:fb:b6:c3:7f:c7:d5:2b:0f:4e:5f:8f:4f:6c:44:
                    9f:a8:a7:18:55:75:47:f2:ce:d9:54:96:c3:4f:03:
                    df:08:65:44:30:4d:52:38:10:8d:dd:0a:c3:39:8b:
                    7d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:F1:82:3F:40:1B:25:61:69:65:32:39:4E:4E:94:53:6B:D7:19:63
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99d86cf2-ece3-438c-8964-4bed5e5c36ad.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:8840::/46

    Signature Algorithm: sha256WithRSAEncryption
         50:4a:92:41:49:93:0c:bf:03:5f:82:ff:7a:a6:f8:9e:cf:4b:
         58:31:e3:ea:6b:da:74:d2:91:b7:ad:8e:51:fd:43:f8:6a:e7:
         57:41:c6:31:20:8d:27:dd:61:ad:4f:58:82:ea:d7:09:c4:92:
         66:da:f0:4c:27:4b:7f:98:78:72:c5:23:1f:87:f6:d3:2c:b6:
         0d:1c:93:8a:30:41:e6:49:23:d2:63:0e:66:51:f2:b8:d4:af:
         8b:97:80:43:8a:0b:21:25:12:15:78:2b:0a:23:4e:38:51:7a:
         f5:7c:52:02:73:1d:e4:de:e7:18:a7:44:00:34:b0:4c:aa:8c:
         0f:8c:be:fe:91:55:92:60:04:f5:1b:f0:1e:b8:65:12:ea:73:
         26:e1:81:d6:e5:ae:2a:9c:05:ea:6f:12:3b:1e:0f:48:32:b3:
         d8:2a:6e:ce:30:1d:cd:40:eb:29:2a:76:ea:7d:d5:ab:6e:1a:
         99:2e:c0:1d:b7:42:8b:70:b3:ac:6b:e5:18:cd:be:39:b9:4d:
         ea:18:9e:a6:c8:ed:85:cf:a9:55:05:f7:bb:68:27:4f:cf:dc:
         fc:78:86:7f:60:f4:e9:af:65:37:42:be:e9:54:4e:28:b4:d9:
         ff:25:8a:95:63:36:6c:5e:68:67:9d:ad:56:4e:6b:80:fa:6d:
         a5:bd:2a:11
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUGvPwaE3GhV/UCW+YKEvWhOPrTNMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDEzNFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMWQ2MzQzMTU0MWNkYmE1M2E0YWQ5
NTEwMDkyNWY5MmYwMTA1YjAwYmQ5YTAzYjY1YTY2NjAwNzE5OTM5ZWFlZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXhIHgsVHaERJamkHt+nrzuCoI8L
uPRHzHpAtKUjJWDnAJJLI4uFyXgyATxAkP6Fi2KwehTK5c5DLRta/pwPrvgKVjF4
TtKT5ndHnv5XO93UQzLd3X5uFXAvp+bwZRKGugcsbQmqvaAiQdSuGyUFYCmPGc+f
hlL8hxnCn/FOgX6YqxMgf585zS4avSht2lEeH1+MZVwnAoT472RjSgxqpudM/li/
ql7VzBbT3xYJ1pJVvzBcfpJzQCpJ+tcL66cIUdKtZ8QfWuGzS2Cn+DTmBGCP+7bD
f8fVKw9OX49PbESfqKcYVXVH8s7ZVJbDTwPfCGVEME1SOBCN3QrDOYt9KwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHvxgj9AGyVhaWUyOU5OlFNr1xljMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk5ZDg2Y2YyLWVjZTMtNDM4Yy04OTY0LTRiZWQ1ZTVjMzZhZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba94hAMA0GCSqGSIb3DQEBCwUAA4IBAQBQSpJBSZMMvwNfgv96
pviez0tYMePqa9p00pG3rY5R/UP4audXQcYxII0n3WGtT1iC6tcJxJJm2vBMJ0t/
mHhyxSMfh/bTLLYNHJOKMEHmSSPSYw5mUfK41K+Ll4BDigshJRIVeCsKI044UXr1
fFICcx3k3ucYp0QANLBMqowPjL7+kVWSYAT1G/AeuGUS6nMm4YHW5a4qnAXqbxI7
Hg9IMrPYKm7OMB3NQOspKnbqfdWrbhqZLsAdt0KLcLOsa+UYzb45uU3qGJ6myO2F
z6lVBfe7aCdPz9z8eIZ/YPTpr2U3Qr7pVE4otNn/JYqVYzZsXmhnna1WTmuA+m2l
vSoR
-----END CERTIFICATE-----