Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa
File:                     9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa (raw, json)
Hash identifier:          rwRqAriQ7BLxgGrSc3/4Vn+pzW+2yqKpC/CzxKBGvLQ=
Subject key identifier:   5F:42:D4:5E:D0:C7:D5:E6:77:76:C8:5E:01:DE:DF:BA:C2:39:A8:E7
Certificate issuer:       /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial:       4D276DA7EEC6F6CCF1EE97C8DB639C3806002EE9
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa
Signing time:             Sun 08 Feb 2026 00:00:05 +0000
ROA not before:           Sun 08 Feb 2026 00:00:05 +0000
ROA not after:            Sat 09 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        159.248.132.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 12 Feb 2026 20:37:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:27:6d:a7:ee:c6:f6:cc:f1:ee:97:c8:db:63:9c:38:06:00:2e:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
        Validity
            Not Before: Feb  8 00:00:05 2026 GMT
            Not After : May  9 23:59:59 2026 GMT
        Subject: serialNumber=55dd96da881e7f11afb4c679c1a37d8ce9414691b1bcae09801c52b2e6b54a50, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f7:10:f2:cd:e2:2d:60:8a:83:37:be:f5:a7:
                    4a:17:f1:5d:7e:5c:de:7c:bd:59:95:bb:27:41:8c:
                    62:e6:35:ab:ec:60:9b:d6:73:5e:89:79:86:63:59:
                    f4:39:a0:bc:4a:02:df:e6:77:76:4c:84:75:0d:3b:
                    63:a7:49:44:25:09:91:a5:69:cf:94:19:6d:23:0e:
                    91:b6:74:20:4a:23:15:ea:f4:1c:e0:37:88:58:42:
                    c8:1c:95:0c:a0:13:b9:a8:33:72:3e:00:0f:6d:af:
                    02:85:c4:2f:cf:96:8a:25:87:b3:26:d0:39:eb:14:
                    af:ed:56:f9:a6:5e:f2:3b:b4:5d:dc:3b:fd:86:d8:
                    5e:0a:91:79:4e:fc:db:23:ec:58:29:86:72:18:e0:
                    6d:fb:b2:39:29:1f:79:c6:d4:e7:f9:83:40:80:b2:
                    65:5a:c9:21:af:fc:bf:b1:32:f7:f7:77:76:24:1f:
                    66:76:af:d4:ca:d6:45:e0:2f:9b:5c:15:0c:1d:8c:
                    8f:ed:19:61:21:44:68:40:4c:38:99:0a:07:86:2d:
                    88:c8:e8:81:69:4b:d3:7b:6c:fc:76:11:c5:eb:52:
                    fd:f7:3a:02:8e:35:23:9a:5e:de:a9:8e:7b:92:8b:
                    a5:0e:44:08:96:e2:06:73:a2:ff:a0:bb:a6:3c:8f:
                    fb:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:42:D4:5E:D0:C7:D5:E6:77:76:C8:5E:01:DE:DF:BA:C2:39:A8:E7
            X509v3 Authority Key Identifier:
                keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.248.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:49:da:a2:86:d8:fc:f2:b2:95:88:dc:15:21:a2:e1:de:73:
         df:7b:c9:ad:24:6e:d0:1e:3b:b7:fe:cf:a5:c9:7c:5a:3e:41:
         27:55:f5:95:c0:10:26:cf:c3:1a:fe:27:ab:cb:5b:d8:77:64:
         81:0d:a5:24:6b:f5:66:43:af:33:21:c0:c0:28:93:0e:18:ac:
         5f:7c:14:c4:14:59:d3:f8:74:9e:0e:6b:7e:aa:9f:7a:0c:02:
         d9:0f:4c:a5:e3:df:dc:10:e5:e3:f2:ed:35:52:5a:5c:a3:0b:
         a2:63:06:88:5d:0e:7c:24:82:8d:88:7e:3d:5d:35:90:b4:cc:
         60:66:48:3e:8b:87:70:db:46:4c:a5:c3:15:94:72:7b:98:c7:
         69:ee:d4:f5:52:1d:22:67:d3:a3:d3:15:9a:9c:3e:39:8d:38:
         3f:53:d5:47:46:18:3c:5d:80:8f:7c:84:1d:67:76:2c:79:5b:
         f4:c6:9e:5d:76:fc:1c:22:e8:fc:39:cd:fa:5c:ab:25:71:6a:
         b7:76:4f:17:95:c1:7c:66:04:8a:69:b4:5d:8a:52:96:94:22:
         39:2d:d7:32:2d:fc:6c:b4:34:77:f7:ab:bc:d8:62:41:aa:ca:
         47:e2:59:af:cf:0a:c3:13:18:2e:b2:22:e1:09:e7:b3:99:88:
         76:77:d1:0e
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUTSdtp+7G9szx7pfI22OcOAYALukwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDIwODAwMDAwNVoX
DTI2MDUwOTIzNTk1OVowejFJMEcGA1UEBRNANTVkZDk2ZGE4ODFlN2YxMWFmYjRj
Njc5YzFhMzdkOGNlOTQxNDY5MWIxYmNhZTA5ODAxYzUyYjJlNmI1NGE1MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofcQ8s3iLWCKgze+9adKF/Fdflze
fL1ZlbsnQYxi5jWr7GCb1nNeiXmGY1n0OaC8SgLf5nd2TIR1DTtjp0lEJQmRpWnP
lBltIw6RtnQgSiMV6vQc4DeIWELIHJUMoBO5qDNyPgAPba8ChcQvz5aKJYezJtA5
6xSv7Vb5pl7yO7Rd3Dv9htheCpF5TvzbI+xYKYZyGOBt+7I5KR95xtTn+YNAgLJl
Wskhr/y/sTL393d2JB9mdq/UytZF4C+bXBUMHYyP7RlhIURoQEw4mQoHhi2IyOiB
aUvTe2z8dhHF61L99zoCjjUjml7eqY57koulDkQIluIGc6L/oLumPI/7RQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFF9C1F7Qx9Xmd3bIXgHe37rCOajnMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzlkNzAzNzQ4LWY0NDYtNDdhMS1iMGE3LTVlMzM1N2YyZTBkMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAn/iEMA0GCSqGSIb3DQEBCwUAA4IBAQCBSdqihtj88rKViNwVIaLh
3nPfe8mtJG7QHju3/s+lyXxaPkEnVfWVwBAmz8Ma/iery1vYd2SBDaUka/VmQ68z
IcDAKJMOGKxffBTEFFnT+HSeDmt+qp96DALZD0yl49/cEOXj8u01UlpcowuiYwaI
XQ58JIKNiH49XTWQtMxgZkg+i4dw20ZMpcMVlHJ7mMdp7tT1Uh0iZ9Oj0xWanD45
jTg/U9VHRhg8XYCPfIQdZ3YseVv0xp5ddvwcIuj8Oc36XKslcWq3dk8XlcF8ZgSK
abRdilKWlCI5LdcyLfxstDR396u82GJBqspH4lmvzwrDExgusiLhCeezmYh2d9EO
-----END CERTIFICATE-----