Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa
File:                     afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa (raw, json)
Hash identifier:          14+vA/ooCmt41tnZB0Tsc1ilelNXysiTX5rn24zvXCs=
Subject key identifier:   63:BC:4E:C4:45:A4:D3:2C:20:0E:0B:BF:49:E1:BC:B2:3F:C7:20:E2
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7682B3404A9DB72F200576BEA251B4B9251B7F62
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa
Signing time:             Wed 30 Jul 2025 00:21:02 +0000
ROA not before:           Wed 30 Jul 2025 00:21:02 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:f080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:52:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:82:b3:40:4a:9d:b7:2f:20:05:76:be:a2:51:b4:b9:25:1b:7f:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:21:02 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=0793b5d1e7bf39aa1410965c35870b5ea5786f9cc10d501fe677f086db56f3bd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9e:a3:13:85:cd:dc:a4:56:73:16:a8:b0:8b:
                    8d:ed:95:97:49:c8:36:d6:2c:ef:db:ed:f7:1c:a6:
                    0c:11:d4:fd:af:ae:84:0f:f5:bd:94:2e:3d:e4:ee:
                    79:b0:51:a9:8e:35:f3:07:af:87:b9:b4:8a:74:d8:
                    31:ee:21:05:ae:d5:74:07:80:81:28:3f:d3:ef:db:
                    34:b3:64:9b:b0:b2:c7:63:a7:a6:2f:fb:3c:29:10:
                    5c:fd:ff:65:1e:91:fb:c3:3b:06:cd:36:37:f2:79:
                    22:c2:d1:9e:09:48:c7:ea:2e:03:7f:bf:93:2c:a8:
                    1f:e4:58:2a:26:0b:05:0f:8e:53:72:83:d3:ab:58:
                    05:d0:70:df:ff:1e:1b:97:88:8f:11:4b:48:bf:6d:
                    dc:c1:29:bb:12:7c:10:43:cb:34:7e:1a:30:8d:ed:
                    44:41:31:56:8b:a6:22:1c:eb:5c:a7:94:ff:4b:a7:
                    d3:79:d3:35:41:75:21:78:8e:3b:7c:bb:7b:44:04:
                    2f:61:a4:62:70:c4:a5:43:b0:8b:e9:12:b7:d8:bf:
                    d0:0d:f7:c8:c8:7d:b9:2f:2e:a0:40:3f:bc:de:6d:
                    e2:2b:6e:23:b8:fa:eb:90:8e:7e:1a:87:3d:4b:38:
                    44:79:45:1d:4c:3c:79:24:7b:30:d6:5f:53:7d:12:
                    f0:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:BC:4E:C4:45:A4:D3:2C:20:0E:0B:BF:49:E1:BC:B2:3F:C7:20:E2
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:f080::/46

    Signature Algorithm: sha256WithRSAEncryption
         b6:3c:f2:ab:c9:4b:2a:db:82:7f:56:ae:8a:60:fa:a4:a6:98:
         94:37:f3:ba:2e:a8:29:a2:45:90:4f:56:09:87:bc:f3:15:89:
         b8:87:ad:92:47:2d:0d:c7:75:84:55:0c:ff:40:51:cc:7c:e8:
         cd:2e:f0:b1:56:3c:43:24:62:d7:f0:fe:18:5a:3a:06:59:38:
         ef:55:a9:6c:3b:62:c5:4b:9e:f0:2d:7e:84:b7:f1:b0:b3:c0:
         57:c5:dc:22:8f:09:a6:83:53:d7:c6:50:64:62:eb:45:3b:bf:
         d7:a5:fe:3f:2a:ef:99:f1:62:d0:e0:7c:4f:c2:c6:c2:7a:33:
         bd:b7:e5:62:bc:16:69:f8:32:30:9d:68:40:b8:81:b6:b9:78:
         53:f6:0b:75:d3:ca:01:51:79:3c:b7:cc:b5:79:4a:56:57:b5:
         80:e4:b0:79:dc:7f:99:9c:6e:23:37:83:42:5d:8d:a7:3c:8c:
         7e:39:d1:66:33:38:1b:b5:0f:97:19:63:78:38:91:fd:40:73:
         56:78:4f:60:94:a4:d2:58:06:1d:72:aa:04:9a:be:73:91:ba:
         e4:ea:a7:57:30:c6:1d:86:96:5a:3b:c0:ab:7a:ed:36:93:d5:
         13:24:95:62:6c:cf:54:90:03:b8:44:1b:0d:bc:38:cb:bf:f3:
         4c:03:0b:1c
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUdoKzQEqdty8gBXa+olG0uSUbf2IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjEwMloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMDc5M2I1ZDFlN2JmMzlhYTE0MTA5
NjVjMzU4NzBiNWVhNTc4NmY5Y2MxMGQ1MDFmZTY3N2YwODZkYjU2ZjNiZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx56jE4XN3KRWcxaosIuN7ZWXScg2
1izv2+33HKYMEdT9r66ED/W9lC495O55sFGpjjXzB6+HubSKdNgx7iEFrtV0B4CB
KD/T79s0s2SbsLLHY6emL/s8KRBc/f9lHpH7wzsGzTY38nkiwtGeCUjH6i4Df7+T
LKgf5FgqJgsFD45TcoPTq1gF0HDf/x4bl4iPEUtIv23cwSm7EnwQQ8s0fhowje1E
QTFWi6YiHOtcp5T/S6fTedM1QXUheI47fLt7RAQvYaRicMSlQ7CL6RK32L/QDffI
yH25Ly6gQD+83m3iK24juPrrkI5+Goc9SzhEeUUdTDx5JHsw1l9TfRLwEwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGO8TsRFpNMsIA4Lv0nhvLI/xyDiMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2FmY2FjMDdhLWU2Y2EtNDE1Mi05YTI0LWNlNzVmM2Y1ZDExMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+/CAMA0GCSqGSIb3DQEBCwUAA4IBAQC2PPKryUsq24J/Vq6K
YPqkppiUN/O6LqgpokWQT1YJh7zzFYm4h62SRy0Nx3WEVQz/QFHMfOjNLvCxVjxD
JGLX8P4YWjoGWTjvValsO2LFS57wLX6Et/Gws8BXxdwijwmmg1PXxlBkYutFO7/X
pf4/Ku+Z8WLQ4HxPwsbCejO9t+VivBZp+DIwnWhAuIG2uXhT9gt108oBUXk8t8y1
eUpWV7WA5LB53H+ZnG4jN4NCXY2nPIx+OdFmMzgbtQ+XGWN4OJH9QHNWeE9glKTS
WAYdcqoEmr5zkbrk6qdXMMYdhpZaO8Creu02k9UTJJVibM9UkAO4RBsNvDjLv/NM
Awsc
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:03:57 2025 by rpki-client