Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3eb2916-fdc8-4499-8857-c751c9ab3822.roa
File:                     b3eb2916-fdc8-4499-8857-c751c9ab3822.roa (raw, json)
Hash identifier:          4yMV0ynLV+ZZlWgGG+ZDr2xWUz8ycnv1Z59pEUUYG7A=
Subject key identifier:   17:84:69:8E:B7:7E:11:7F:E6:83:86:F5:CB:F2:11:96:31:09:7B:33
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       4669E563FE7F875AFB3FA86E2F662B73C102580F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3eb2916-fdc8-4499-8857-c751c9ab3822.roa
Signing time:             Wed 30 Jul 2025 00:31:31 +0000
ROA not before:           Wed 30 Jul 2025 00:31:31 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:4040::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:37:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:69:e5:63:fe:7f:87:5a:fb:3f:a8:6e:2f:66:2b:73:c1:02:58:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:31:31 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=9fa95e9eb29c7e80d3b3b804c09034a1ccfb3806bfb44e61376a01639825e746, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f4:1b:fa:4a:dc:93:bc:55:b8:9b:51:5b:3f:
                    4a:31:af:2d:95:7a:3b:7a:5d:c6:3c:0c:f5:a5:99:
                    a4:49:83:08:d5:66:61:eb:e2:93:48:b7:3d:0d:db:
                    90:a8:30:72:c8:03:ae:92:20:da:54:68:64:47:8b:
                    45:3f:bf:4c:1d:cb:9e:c7:df:d4:52:2d:60:3c:e8:
                    97:f6:fd:2d:e3:72:e9:7d:77:47:93:2d:9f:01:c2:
                    58:fa:d0:cc:cd:5d:7e:b7:56:75:79:f2:16:61:23:
                    98:90:ad:8a:7e:09:6c:47:8a:03:3c:d1:62:04:af:
                    6e:b2:6f:c3:ea:62:c4:89:be:7c:e5:76:f5:77:36:
                    45:0c:ad:73:50:61:a9:d6:48:ce:e0:5a:86:be:5e:
                    cb:6c:e9:92:47:2b:3c:30:d5:ad:f9:00:43:96:e4:
                    10:87:ba:a8:a0:3f:7f:c8:d2:53:c6:1f:87:0c:17:
                    fc:e4:0f:58:07:fc:bf:3d:0d:97:7a:bb:44:4a:26:
                    71:a9:aa:a3:03:22:48:b8:24:d3:6d:3b:9d:b8:13:
                    94:5c:f6:95:9a:a6:f0:51:f5:21:b2:38:a5:3b:ea:
                    63:9b:d2:37:f6:9b:d6:b9:f1:70:7f:0f:5f:15:03:
                    2e:1e:e6:6d:42:5a:4f:ee:ec:44:86:37:e3:c0:67:
                    8e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:84:69:8E:B7:7E:11:7F:E6:83:86:F5:CB:F2:11:96:31:09:7B:33
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3eb2916-fdc8-4499-8857-c751c9ab3822.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:4040::/46

    Signature Algorithm: sha256WithRSAEncryption
         56:b1:fc:d1:e0:6c:35:44:29:c7:0b:4e:4f:a7:d6:1c:0f:a4:
         61:28:be:8d:c9:d8:31:31:25:c1:ab:91:c4:75:59:54:72:82:
         66:74:22:f1:a4:b8:1a:8c:51:a5:7e:7b:6d:a0:41:04:11:3d:
         18:4c:b6:10:9b:c9:a2:7d:21:95:f1:dd:83:74:d9:d2:90:82:
         81:ad:07:76:10:8d:73:63:9c:a5:11:8f:d9:e4:38:8f:71:e0:
         c8:ca:7a:59:a8:52:f6:2f:25:8d:fc:13:b5:ce:d2:60:c7:fe:
         0f:1e:a4:36:f1:50:a9:1d:3f:16:b6:0d:f6:49:90:f9:2d:31:
         a7:9e:b4:7b:fd:4f:c2:9c:87:94:e9:62:49:47:2e:97:eb:19:
         da:09:73:21:4a:58:39:ff:77:62:5b:e1:30:b8:30:cd:0d:87:
         ec:e8:6e:a4:79:60:36:c6:bb:8e:4b:81:75:c2:29:88:76:a0:
         d4:74:f2:3e:2c:d0:24:e8:c8:5b:fe:da:d0:9d:a6:45:32:c4:
         9a:91:c1:2f:44:d8:67:41:38:90:39:b5:6f:ba:60:d0:6f:4e:
         38:65:3e:74:36:e3:9b:8b:e3:d4:da:93:6f:02:67:e6:df:6e:
         96:5d:35:50:88:a8:e9:62:36:0c:5c:7e:6e:e3:ae:51:d2:3d:
         ce:ee:2d:48
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIURmnlY/5/h1r7P6huL2Yrc8ECWA8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzEzMVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAOWZhOTVlOWViMjljN2U4MGQzYjNi
ODA0YzA5MDM0YTFjY2ZiMzgwNmJmYjQ0ZTYxMzc2YTAxNjM5ODI1ZTc0NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvQb+krck7xVuJtRWz9KMa8tlXo7
el3GPAz1pZmkSYMI1WZh6+KTSLc9DduQqDByyAOukiDaVGhkR4tFP79MHcuex9/U
Ui1gPOiX9v0t43LpfXdHky2fAcJY+tDMzV1+t1Z1efIWYSOYkK2KfglsR4oDPNFi
BK9usm/D6mLEib585Xb1dzZFDK1zUGGp1kjO4FqGvl7LbOmSRys8MNWt+QBDluQQ
h7qooD9/yNJTxh+HDBf85A9YB/y/PQ2XertESiZxqaqjAyJIuCTTbTuduBOUXPaV
mqbwUfUhsjilO+pjm9I39pvWufFwfw9fFQMuHuZtQlpP7uxEhjfjwGeOKwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBeEaY63fhF/5oOG9cvyEZYxCXszMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2IzZWIyOTE2LWZkYzgtNDQ5OS04ODU3LWM3NTFjOWFiMzgyMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+0BAMA0GCSqGSIb3DQEBCwUAA4IBAQBWsfzR4Gw1RCnHC05P
p9YcD6RhKL6NydgxMSXBq5HEdVlUcoJmdCLxpLgajFGlfnttoEEEET0YTLYQm8mi
fSGV8d2DdNnSkIKBrQd2EI1zY5ylEY/Z5DiPceDIynpZqFL2LyWN/BO1ztJgx/4P
HqQ28VCpHT8Wtg32SZD5LTGnnrR7/U/CnIeU6WJJRy6X6xnaCXMhSlg5/3diW+Ew
uDDNDYfs6G6keWA2xruOS4F1wimIdqDUdPI+LNAk6Mhb/trQnaZFMsSakcEvRNhn
QTiQObVvumDQb044ZT50NuObi+PU2pNvAmfm326WXTVQiKjpYjYMXH5u465R0j3O
7i1I
-----END CERTIFICATE-----