Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f808762-dd71-4f33-bfa8-cb4244801d34.roa
File:                     9f808762-dd71-4f33-bfa8-cb4244801d34.roa (raw, json)
Hash identifier:          wPQSJrW653RLlq+96zpN5GIqhhaN74TmYpt06pCfU2Q=
Subject key identifier:   4C:24:96:41:A2:92:E6:55:EE:17:24:63:68:02:A9:7B:42:87:68:E1
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7EE24BC5A37CA59BD8B93E29A8CD29B60D521570
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f808762-dd71-4f33-bfa8-cb4244801d34.roa
Signing time:             Wed 30 Jul 2025 00:41:46 +0000
ROA not before:           Wed 30 Jul 2025 00:41:46 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:7040::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:22:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:e2:4b:c5:a3:7c:a5:9b:d8:b9:3e:29:a8:cd:29:b6:0d:52:15:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:41:46 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=d1380744d07d179ae594fef55a57f6be9f74335279a7ce0f5a3b0fcbc0d5ee81, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:3f:ed:ca:fc:6b:c5:f2:6f:93:22:ba:89:ac:
                    8d:36:e4:8a:dd:3a:cb:32:10:f6:bd:ff:12:0f:e4:
                    7e:43:1a:ce:5e:fe:db:8b:f2:95:3d:f1:4c:a1:5f:
                    00:e9:e5:68:6b:f8:df:48:e3:0f:e5:f3:8c:b8:15:
                    bf:9c:1f:f5:72:36:8d:63:0c:b6:64:d5:4c:bf:e3:
                    61:1e:5a:fd:71:6c:bd:15:1b:87:92:8b:73:88:a2:
                    ff:a9:84:1c:2a:ef:97:97:d3:46:a4:08:09:fa:ab:
                    27:8d:4c:21:f2:4c:ef:cf:fe:5d:f7:17:6e:4a:ba:
                    f3:08:56:d1:7c:b7:72:5a:99:ff:73:ce:34:6c:bb:
                    fa:0b:30:cd:86:46:34:26:ac:99:db:eb:b3:d5:6d:
                    f7:db:c4:4e:53:10:67:ed:d5:75:cd:46:40:27:6b:
                    66:f3:30:3e:fb:2d:65:45:fe:3c:93:ad:a4:17:64:
                    6a:54:ae:5f:d0:c2:4f:bb:2c:d9:23:8c:7b:bb:3e:
                    41:83:02:8d:d7:65:96:5b:e5:0a:ad:71:37:57:57:
                    23:d5:25:63:48:e4:e6:d0:9a:3f:42:98:34:94:b5:
                    4b:94:8d:fe:bd:12:b2:23:21:dc:b1:fa:e4:20:b2:
                    27:dd:08:62:a2:b2:b2:42:65:fa:58:a1:38:14:e2:
                    50:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:24:96:41:A2:92:E6:55:EE:17:24:63:68:02:A9:7B:42:87:68:E1
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f808762-dd71-4f33-bfa8-cb4244801d34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:7040::/46

    Signature Algorithm: sha256WithRSAEncryption
         74:17:b9:de:ba:a1:c8:68:90:58:ad:3b:2c:3b:16:31:7b:6c:
         d9:ce:89:0e:1c:3f:db:28:ab:df:38:5f:62:b8:cf:e8:0d:f6:
         4f:8b:9a:e9:94:ec:a8:95:e0:c1:8a:61:8f:07:6f:98:f7:25:
         f1:94:66:d6:e5:d6:39:53:d8:eb:aa:38:27:00:70:67:01:d0:
         d0:05:8f:27:f9:30:e0:38:bd:1c:ca:9b:6b:78:15:39:ae:74:
         e0:7d:a9:ab:6c:92:72:c1:11:6b:59:20:52:26:f0:94:f5:0f:
         ed:ba:66:63:a1:2b:97:09:1b:ec:44:96:82:61:ec:9d:bb:c0:
         f8:c3:b1:aa:63:cb:34:45:2a:73:f2:25:e8:d3:88:fc:c1:c9:
         0d:6b:72:09:b8:bf:43:fb:12:02:91:dd:59:0a:2b:0d:3f:a8:
         5b:dc:e8:cc:a3:88:6c:b6:62:12:cf:6b:71:cb:72:5f:b9:11:
         f6:4c:30:da:4a:ae:b8:c2:4c:78:6b:16:6e:43:69:29:13:36:
         b8:32:60:4e:62:8d:80:b2:ff:9b:9a:76:1a:69:be:ff:66:b8:
         32:3b:99:9e:18:bc:b9:78:70:b6:da:4c:28:c8:0c:e2:2c:96:
         92:41:4a:e6:fa:e2:3f:c4:03:77:82:1c:cb:60:df:87:53:69:
         a8:e3:85:b8
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUfuJLxaN8pZvYuT4pqM0ptg1SFXAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDE0NloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZDEzODA3NDRkMDdkMTc5YWU1OTRm
ZWY1NWE1N2Y2YmU5Zjc0MzM1Mjc5YTdjZTBmNWEzYjBmY2JjMGQ1ZWU4MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1z/tyvxrxfJvkyK6iayNNuSK3TrL
MhD2vf8SD+R+QxrOXv7bi/KVPfFMoV8A6eVoa/jfSOMP5fOMuBW/nB/1cjaNYwy2
ZNVMv+NhHlr9cWy9FRuHkotziKL/qYQcKu+Xl9NGpAgJ+qsnjUwh8kzvz/5d9xdu
SrrzCFbRfLdyWpn/c840bLv6CzDNhkY0JqyZ2+uz1W3328ROUxBn7dV1zUZAJ2tm
8zA++y1lRf48k62kF2RqVK5f0MJPuyzZI4x7uz5BgwKN12WWW+UKrXE3V1cj1SVj
SOTm0Jo/Qpg0lLVLlI3+vRKyIyHcsfrkILIn3QhiorKyQmX6WKE4FOJQfQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEwklkGikuZV7hckY2gCqXtCh2jhMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzlmODA4NzYyLWRkNzEtNGYzMy1iZmE4LWNiNDI0NDgwMWQzNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba93BAMA0GCSqGSIb3DQEBCwUAA4IBAQB0F7neuqHIaJBYrTss
OxYxe2zZzokOHD/bKKvfOF9iuM/oDfZPi5rplOyoleDBimGPB2+Y9yXxlGbW5dY5
U9jrqjgnAHBnAdDQBY8n+TDgOL0cyptreBU5rnTgfamrbJJywRFrWSBSJvCU9Q/t
umZjoSuXCRvsRJaCYeydu8D4w7GqY8s0RSpz8iXo04j8wckNa3IJuL9D+xICkd1Z
CisNP6hb3OjMo4hstmISz2txy3JfuRH2TDDaSq64wkx4axZuQ2kpEza4MmBOYo2A
sv+bmnYaab7/ZrgyO5meGLy5eHC22kwoyAziLJaSQUrm+uI/xAN3ghzLYN+HU2mo
44W4
-----END CERTIFICATE-----