Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa
File:                     9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa (raw, json)
Hash identifier:          L7aJMbpJnsyi487Yg6Cu1qHWRnBV6yFY1JbmgxEooaA=
Subject key identifier:   64:88:EA:37:48:F1:A9:59:10:D1:FD:6C:05:8E:39:DD:B8:82:61:EA
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1C1133F16FDB3BD698EA8ADDA72509C2429ACC54
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa
Signing time:             Wed 30 Jul 2025 00:50:37 +0000
ROA not before:           Wed 30 Jul 2025 00:50:37 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:1040::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:08:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:11:33:f1:6f:db:3b:d6:98:ea:8a:dd:a7:25:09:c2:42:9a:cc:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:50:37 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=adcc6841abb1b94a8258336358ec3c41b01c934ce20b162c3e727437f901eee5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:2d:26:87:34:7b:ad:e0:4b:c7:c0:f0:4e:3b:
                    1b:f0:20:46:e8:3b:18:40:b3:23:3f:85:8b:9e:ea:
                    3c:4c:62:18:9d:c2:56:09:7a:e2:d6:dc:af:1c:23:
                    35:d9:9f:f8:dd:2e:5a:4b:40:07:3b:00:d6:8f:03:
                    99:b6:c8:46:aa:9f:0d:04:69:36:19:67:3a:ff:c8:
                    b1:38:f7:32:c9:86:e3:30:45:c6:fa:ba:eb:d0:e7:
                    09:1d:bf:4d:8b:28:2d:01:4b:cc:73:61:80:8a:a8:
                    4c:99:a6:14:c1:6d:40:d2:09:60:6f:68:4e:a8:35:
                    01:3c:b3:a7:f9:fc:de:28:21:67:03:4c:23:88:19:
                    01:53:61:12:5e:4a:4d:1d:e8:14:60:d0:94:e0:30:
                    44:5a:5f:9a:73:aa:8c:ce:a9:ea:6a:64:b0:fa:c0:
                    ef:0f:96:b8:46:5a:37:6b:a0:f5:12:d8:79:2c:15:
                    d3:21:b1:cb:2e:32:8d:f6:c8:bf:a1:c5:4b:01:be:
                    9a:be:18:e0:9c:b6:89:de:9c:1e:87:7d:75:93:e1:
                    00:04:55:e3:54:28:7a:d5:b5:b7:1e:de:0a:41:33:
                    c1:cb:5a:0d:dd:00:cd:2f:0a:2a:26:ab:17:c3:30:
                    3e:22:2c:fc:05:c3:51:79:e8:1a:a9:25:4b:37:fd:
                    7a:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:88:EA:37:48:F1:A9:59:10:D1:FD:6C:05:8E:39:DD:B8:82:61:EA
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ebe8bb9-c3af-4458-b018-b6b59546a86a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:1040::/46

    Signature Algorithm: sha256WithRSAEncryption
         9b:e2:c2:82:52:98:08:97:96:dc:21:87:98:b1:e0:db:39:6d:
         4a:6b:b6:b2:d9:58:8b:96:fd:62:17:93:c0:dd:61:04:dc:78:
         23:0c:9a:41:19:2e:6a:bd:c4:15:87:a8:05:1b:f2:6f:c2:d2:
         63:54:38:d5:27:65:3b:a0:24:7e:a1:4b:e5:69:ff:a3:76:7e:
         1c:3d:fc:20:7b:9e:a1:a6:30:df:c2:16:01:4c:52:17:72:51:
         47:33:ab:59:aa:26:26:c0:a5:12:83:da:12:b2:d6:be:bb:45:
         34:83:32:f5:d5:0b:55:b4:9c:c8:86:62:7e:02:f0:69:4b:74:
         f1:dd:72:93:1f:19:90:12:ab:37:63:93:39:91:7c:85:95:4c:
         50:71:5d:b2:f1:16:03:54:6d:2f:d7:72:fa:52:49:8a:7b:30:
         6f:ba:80:68:d2:b2:d4:32:4a:2c:fa:8a:08:fe:9a:85:c0:f2:
         53:59:23:d3:83:37:95:3b:0d:d2:19:9a:3c:63:f0:f9:dd:54:
         90:63:dd:18:c9:77:9d:e9:78:af:63:67:ae:c3:0a:68:b7:60:
         2d:7e:66:e1:54:fc:de:b7:d7:b8:7e:8f:02:cf:af:32:20:d6:
         8c:9e:8d:fd:53:b6:3a:82:f6:84:c1:80:33:d9:1c:46:f0:a5:
         a4:bf:cc:bd
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUHBEz8W/bO9aY6ordpyUJwkKazFQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTAzN1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYWRjYzY4NDFhYmIxYjk0YTgyNTgz
MzYzNThlYzNjNDFiMDFjOTM0Y2UyMGIxNjJjM2U3Mjc0MzdmOTAxZWVlNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4i0mhzR7reBLx8DwTjsb8CBG6DsY
QLMjP4WLnuo8TGIYncJWCXri1tyvHCM12Z/43S5aS0AHOwDWjwOZtshGqp8NBGk2
GWc6/8ixOPcyyYbjMEXG+rrr0OcJHb9NiygtAUvMc2GAiqhMmaYUwW1A0glgb2hO
qDUBPLOn+fzeKCFnA0wjiBkBU2ESXkpNHegUYNCU4DBEWl+ac6qMzqnqamSw+sDv
D5a4Rlo3a6D1Eth5LBXTIbHLLjKN9si/ocVLAb6avhjgnLaJ3pweh311k+EABFXj
VCh61bW3Ht4KQTPBy1oN3QDNLwoqJqsXwzA+Iiz8BcNReegaqSVLN/16FwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGSI6jdI8alZENH9bAWOOd24gmHqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzllYmU4YmI5LWMzYWYtNDQ1OC1iMDE4LWI2YjU5NTQ2YTg2YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9xBAMA0GCSqGSIb3DQEBCwUAA4IBAQCb4sKCUpgIl5bcIYeY
seDbOW1Ka7ay2ViLlv1iF5PA3WEE3HgjDJpBGS5qvcQVh6gFG/JvwtJjVDjVJ2U7
oCR+oUvlaf+jdn4cPfwge56hpjDfwhYBTFIXclFHM6tZqiYmwKUSg9oSsta+u0U0
gzL11QtVtJzIhmJ+AvBpS3Tx3XKTHxmQEqs3Y5M5kXyFlUxQcV2y8RYDVG0v13L6
UkmKezBvuoBo0rLUMkos+ooI/pqFwPJTWSPTgzeVOw3SGZo8Y/D53VSQY90YyXed
6XivY2euwwpot2AtfmbhVPzet9e4fo8Cz68yINaMno39U7Y6gvaEwYAz2RxG8KWk
v8y9
-----END CERTIFICATE-----