Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8b129c9-1c2e-44bc-977b-01a32e0afd20.roa
File:                     a8b129c9-1c2e-44bc-977b-01a32e0afd20.roa (raw, json)
Hash identifier:          Yrkn0D3Xs0Cg4BMJbMA3/algpyIHNLp4Gf8NVqvF7BM=
Subject key identifier:   34:E3:19:74:6C:51:17:40:E1:A0:AD:C8:66:12:AD:F9:B5:08:FE:FA
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       69268CF4BF828B5A2EE1C670D8CA4B045A7B5517
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8b129c9-1c2e-44bc-977b-01a32e0afd20.roa
Signing time:             Wed 30 Jul 2025 00:50:17 +0000
ROA not before:           Wed 30 Jul 2025 00:50:17 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:b080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:26:8c:f4:bf:82:8b:5a:2e:e1:c6:70:d8:ca:4b:04:5a:7b:55:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:50:17 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=623b12246e33bc244ecfcb969c9c39967e27115428a06bd4d6a7e7b5689ad50a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:7d:44:b8:a1:03:95:09:ca:74:4f:e4:ab:1c:
                    07:79:5d:88:36:8c:6b:5f:2a:06:79:fa:65:d0:0c:
                    57:c3:5e:9f:ec:e0:49:cd:70:c9:1d:72:82:67:4f:
                    0a:2e:8c:e6:df:9d:2b:42:2a:c2:4f:30:33:ae:c8:
                    d4:e3:d4:8a:fe:af:77:12:79:40:8b:67:96:30:b7:
                    c1:0e:2c:28:44:dd:33:e9:aa:85:a2:ae:e0:1e:90:
                    4f:40:27:c7:a4:44:8e:cf:b5:0e:c6:5c:5b:9d:0e:
                    1b:1d:83:63:da:fa:16:71:8e:b4:89:a4:ca:02:e3:
                    9d:55:2b:e7:40:ac:78:93:20:5d:2a:f3:7d:00:92:
                    43:59:93:53:5b:83:ce:91:ff:53:5e:6b:92:68:c7:
                    35:d3:25:83:e1:bd:9e:d3:35:fd:73:9b:3a:c9:9a:
                    db:ac:b9:8c:b6:75:59:ad:6d:be:e9:b4:6b:f6:d0:
                    f4:6b:35:12:bb:5a:29:db:db:99:e1:ea:36:05:e1:
                    20:42:f1:f2:2c:ff:81:18:1b:a4:33:40:e7:06:2a:
                    87:5b:05:ee:1b:15:b4:9b:5d:1e:ae:be:49:90:ca:
                    aa:8a:83:6a:0d:e6:55:26:a5:ec:2e:83:48:be:1f:
                    2c:4e:18:0a:b5:77:f9:d0:6e:9f:f0:4f:bc:13:1b:
                    97:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:E3:19:74:6C:51:17:40:E1:A0:AD:C8:66:12:AD:F9:B5:08:FE:FA
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8b129c9-1c2e-44bc-977b-01a32e0afd20.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:b080::/46

    Signature Algorithm: sha256WithRSAEncryption
         b8:f4:76:50:61:f1:a9:34:32:2d:a4:e1:36:d1:e2:1a:8e:99:
         a7:63:9b:f8:e2:3d:d5:cb:73:c4:c4:fa:4f:06:95:f8:00:43:
         9a:d7:97:b0:5e:1f:dd:c6:b6:2b:be:dc:d6:26:75:70:13:2e:
         dc:d0:f2:c3:c0:95:21:28:27:ed:a5:a2:68:79:b4:76:85:f8:
         fe:6d:ce:38:fa:3f:c7:99:d8:78:46:a8:41:d0:25:e9:ef:af:
         6f:b7:e5:24:5a:b9:5f:ac:0e:f1:2f:0b:77:28:43:3c:15:7e:
         92:84:d9:95:76:5b:d5:ce:83:63:3f:de:f0:5f:65:4e:c4:50:
         fa:a9:94:8f:c4:45:fe:df:1e:c8:25:06:81:d4:4d:58:5b:0f:
         ad:c2:bb:fb:8a:e4:34:23:59:58:ee:19:ce:4a:e3:a1:da:4f:
         37:f9:e5:0f:f5:4d:d7:c7:4e:6b:24:34:44:f6:59:ba:da:5c:
         ae:17:0a:10:64:6f:85:0b:ad:78:7c:c8:b0:db:86:6e:67:33:
         1b:70:12:43:08:96:c9:37:3c:b2:12:cf:e3:38:b8:fd:2a:0d:
         2c:85:9c:65:60:bf:31:eb:a5:d1:a1:f3:a6:de:b4:27:b3:e3:
         bd:ec:fc:76:9e:6d:4b:0f:d0:6f:7e:ce:7a:41:03:e5:38:10:
         05:3a:f7:0d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUaSaM9L+Ci1ou4cZw2MpLBFp7VRcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTAxN1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANjIzYjEyMjQ2ZTMzYmMyNDRlY2Zj
Yjk2OWM5YzM5OTY3ZTI3MTE1NDI4YTA2YmQ0ZDZhN2U3YjU2ODlhZDUwYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3n1EuKEDlQnKdE/kqxwHeV2INoxr
XyoGefpl0AxXw16f7OBJzXDJHXKCZ08KLozm350rQirCTzAzrsjU49SK/q93EnlA
i2eWMLfBDiwoRN0z6aqFoq7gHpBPQCfHpESOz7UOxlxbnQ4bHYNj2voWcY60iaTK
AuOdVSvnQKx4kyBdKvN9AJJDWZNTW4POkf9TXmuSaMc10yWD4b2e0zX9c5s6yZrb
rLmMtnVZrW2+6bRr9tD0azUSu1op29uZ4eo2BeEgQvHyLP+BGBukM0DnBiqHWwXu
GxW0m10err5JkMqqioNqDeZVJqXsLoNIvh8sThgKtXf50G6f8E+8ExuXuwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDTjGXRsURdA4aCtyGYSrfm1CP76MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E4YjEyOWM5LTFjMmUtNDRiYy05NzdiLTAxYTMyZTBhZmQyMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaabCAMA0GCSqGSIb3DQEBCwUAA4IBAQC49HZQYfGpNDItpOE2
0eIajpmnY5v44j3Vy3PExPpPBpX4AEOa15ewXh/dxrYrvtzWJnVwEy7c0PLDwJUh
KCftpaJoebR2hfj+bc44+j/Hmdh4RqhB0CXp769vt+UkWrlfrA7xLwt3KEM8FX6S
hNmVdlvVzoNjP97wX2VOxFD6qZSPxEX+3x7IJQaB1E1YWw+twrv7iuQ0I1lY7hnO
SuOh2k83+eUP9U3Xx05rJDRE9lm62lyuFwoQZG+FC614fMiw24ZuZzMbcBJDCJbJ
NzyyEs/jOLj9Kg0shZxlYL8x66XRofOm3rQns+O97Px2nm1LD9Bvfs56QQPlOBAF
OvcN
-----END CERTIFICATE-----