Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ad0d688d-771b-458e-8cd2-2bb8d473e3c1.roa
File:                     ad0d688d-771b-458e-8cd2-2bb8d473e3c1.roa (raw, json)
Hash identifier:          pMqHMh2gIty2xFWiZo22PtEC9xO1Ogz9mVRLdQl119A=
Subject key identifier:   0E:9A:97:9D:D3:12:45:74:69:F2:79:DA:62:C2:46:00:F5:0E:28:A5
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0A529EE89CF4D2FF4E727A8CE9753D812C2B533C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ad0d688d-771b-458e-8cd2-2bb8d473e3c1.roa
Signing time:             Mon 12 May 2025 15:10:45 +0000
ROA not before:           Mon 12 May 2025 15:10:45 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dabb:2000::/40 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:07:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:52:9e:e8:9c:f4:d2:ff:4e:72:7a:8c:e9:75:3d:81:2c:2b:53:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 12 15:10:45 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=8f873e4e01d8f0b1dffcd854a4425810afdf751fb61324ae163b9e2c49f35e3e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:4d:83:98:12:7d:3e:e2:e3:8e:e4:f0:b1:e4:
                    55:ce:0a:32:a9:14:67:1f:f1:da:76:83:e2:b8:e3:
                    d6:b3:e7:7f:d6:da:ca:22:99:a0:c7:a0:cc:e7:1d:
                    df:94:2f:0b:0e:23:b5:59:5f:ce:f6:b5:0b:df:08:
                    7b:81:7a:7c:79:ae:1f:ee:8e:88:f3:72:d6:45:d5:
                    e0:9d:f3:13:02:b5:1a:78:61:2c:34:4e:2b:bf:d4:
                    9c:39:f3:dc:11:63:c3:3e:8b:22:28:ca:4f:65:4c:
                    2f:44:54:89:6a:01:e3:9c:0e:1c:a9:63:a2:45:55:
                    f4:e9:b4:c4:fd:9f:04:34:00:78:8f:fc:8e:f3:c4:
                    55:c5:45:57:a9:d0:84:c3:7b:6f:1b:d2:29:5a:fb:
                    27:86:49:66:25:2c:b8:f6:c6:45:2b:21:0a:31:e4:
                    d3:35:c3:91:fe:b6:96:3e:bd:18:1d:3e:7c:18:20:
                    15:3f:3e:cd:cb:8e:a6:84:79:98:da:02:5a:ba:25:
                    6b:d4:7d:70:66:a4:ef:6a:58:b8:e6:51:8c:6d:ed:
                    66:69:e2:95:22:32:c1:a4:e5:88:1e:ea:9a:6d:29:
                    be:c8:30:fd:33:e0:03:9e:3e:a2:d3:3b:5c:19:de:
                    e5:bb:e3:c0:11:b4:8c:f4:9b:6e:9c:48:04:cb:3c:
                    21:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:9A:97:9D:D3:12:45:74:69:F2:79:DA:62:C2:46:00:F5:0E:28:A5
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ad0d688d-771b-458e-8cd2-2bb8d473e3c1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dabb:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2a:33:65:90:9a:fb:40:8e:6e:79:cc:54:c3:eb:37:94:89:9a:
         50:68:4b:a5:f9:61:4e:87:84:fc:ab:67:19:44:e1:63:d7:b5:
         f9:a9:60:68:f3:02:59:41:f1:17:24:0c:cb:5f:56:9b:b6:1a:
         bc:3d:9d:ff:43:75:c7:46:37:c5:cb:ef:34:c0:1e:c7:fb:42:
         c9:d1:8d:31:fd:f9:96:b1:6f:20:d8:f6:8b:6c:c8:9c:03:77:
         c6:30:1a:1a:5d:5e:76:32:3b:ae:fa:ca:a8:82:d1:93:ac:9f:
         c0:a6:a0:e2:b9:e3:b4:34:56:c4:5d:65:e4:5b:85:e3:43:bd:
         40:5a:ef:44:83:3f:19:7e:b3:e5:1b:75:15:87:93:8d:c1:53:
         54:d3:70:ba:3b:36:2d:4c:3b:ef:68:13:89:f8:3c:4d:28:94:
         20:e5:f9:15:9e:dc:a9:5f:ec:c6:07:42:24:94:10:c9:65:9d:
         04:c2:ef:83:8b:13:b9:e6:91:20:de:90:9e:67:a9:9d:79:14:
         8d:a2:8a:28:89:27:b0:b9:ba:0b:36:d7:cb:a4:60:d4:18:9f:
         0e:0a:c7:e5:e4:ac:b7:90:62:1c:3a:72:65:62:f6:21:fe:f9:
         e9:62:20:11:90:a5:96:82:53:9e:98:e5:15:25:3e:7a:d8:4b:
         ca:ff:22:01
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUClKe6Jz00v9OcnqM6XU9gSwrUzwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MTA0NVoX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAOGY4NzNlNGUwMWQ4ZjBiMWRmZmNk
ODU0YTQ0MjU4MTBhZmRmNzUxZmI2MTMyNGFlMTYzYjllMmM0OWYzNWUzZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi02DmBJ9PuLjjuTwseRVzgoyqRRn
H/HadoPiuOPWs+d/1trKIpmgx6DM5x3flC8LDiO1WV/O9rUL3wh7gXp8ea4f7o6I
83LWRdXgnfMTArUaeGEsNE4rv9ScOfPcEWPDPosiKMpPZUwvRFSJagHjnA4cqWOi
RVX06bTE/Z8ENAB4j/yO88RVxUVXqdCEw3tvG9IpWvsnhklmJSy49sZFKyEKMeTT
NcOR/raWPr0YHT58GCAVPz7Ny46mhHmY2gJauiVr1H1wZqTvali45lGMbe1maeKV
IjLBpOWIHuqabSm+yDD9M+ADnj6i0ztcGd7lu+PAEbSM9JtunEgEyzwhcwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFA6al53TEkV0afJ52mLCRgD1DiilMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2FkMGQ2ODhkLTc3MWItNDU4ZS04Y2QyLTJiYjhkNDczZTNjMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauyAwDQYJKoZIhvcNAQELBQADggEBACozZZCa+0CObnnMVMPr
N5SJmlBoS6X5YU6HhPyrZxlE4WPXtfmpYGjzAllB8RckDMtfVpu2Grw9nf9DdcdG
N8XL7zTAHsf7QsnRjTH9+ZaxbyDY9otsyJwDd8YwGhpdXnYyO676yqiC0ZOsn8Cm
oOK547Q0VsRdZeRbheNDvUBa70SDPxl+s+UbdRWHk43BU1TTcLo7Ni1MO+9oE4n4
PE0olCDl+RWe3Klf7MYHQiSUEMllnQTC74OLE7nmkSDekJ5nqZ15FI2iiiiJJ7C5
ugs218ukYNQYnw4Kx+XkrLeQYhw6cmVi9iH++eliIBGQpZaCU56Y5RUlPnrYS8r/
IgE=
-----END CERTIFICATE-----