Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9e51d2b-01e0-4265-9ef7-d660947f0a48.roa
File:                     b9e51d2b-01e0-4265-9ef7-d660947f0a48.roa (raw, json)
Hash identifier:          4aTWoeJ/9lJdIzlfi5G/tH/7m5zcK0tUgBY5sh473DE=
Subject key identifier:   45:EB:CB:8A:C5:CB:EC:C1:6D:13:68:75:F3:6C:DE:38:CC:6A:75:B1
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       19ACF0425955349BFF7521E36BE6C7AA6A699B4C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9e51d2b-01e0-4265-9ef7-d660947f0a48.roa
Signing time:             Mon 12 May 2025 15:01:03 +0000
ROA not before:           Mon 12 May 2025 15:01:03 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daee:2800::/40 maxlen: 40
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:08:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:ac:f0:42:59:55:34:9b:ff:75:21:e3:6b:e6:c7:aa:6a:69:9b:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 12 15:01:03 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=a992728a88998451813454e690ba1d62ab53becc6b29460a68cf15d886aeeb49, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:40:6c:1c:91:66:ae:c2:ae:66:22:ac:bd:29:
                    4a:3e:73:42:a9:a4:ed:23:fa:a0:f9:c7:4c:18:1f:
                    fb:17:bc:29:e0:24:82:b2:ea:ed:06:a8:80:c0:0f:
                    82:79:6d:6d:a3:1a:d0:59:93:36:23:ea:00:93:42:
                    56:04:44:7d:4b:37:d3:38:2a:11:1d:dc:86:27:06:
                    06:48:5e:17:dc:75:e3:0c:cc:b9:67:26:27:79:09:
                    0d:91:95:c9:55:cf:72:a7:dd:b5:b0:ac:cd:c2:fd:
                    57:30:5f:c1:5e:56:c9:e4:47:35:87:62:c8:2d:5e:
                    42:94:4f:15:a3:5a:f8:e8:55:7d:77:2c:00:b6:87:
                    2a:b3:82:a2:f1:96:64:6f:0e:36:b3:c6:c9:60:89:
                    cb:62:8c:13:71:0b:0f:e1:16:87:45:9f:c2:db:d4:
                    ba:2d:a8:be:e2:77:c9:d5:10:04:29:a6:4b:dd:59:
                    73:5b:7b:b9:65:38:d8:89:53:49:30:ee:6c:c9:fa:
                    ad:37:34:05:c9:17:eb:ea:6c:00:af:04:0b:c3:66:
                    95:5e:1b:2f:45:0b:d8:51:e7:82:0c:fb:89:10:7e:
                    50:19:c5:65:da:b6:9a:8f:c5:e7:db:9f:55:b4:85:
                    f3:dc:0e:69:47:62:5a:cc:d7:ad:b6:88:94:43:b1:
                    38:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:EB:CB:8A:C5:CB:EC:C1:6D:13:68:75:F3:6C:DE:38:CC:6A:75:B1
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b9e51d2b-01e0-4265-9ef7-d660947f0a48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daee:2800::/40

    Signature Algorithm: sha256WithRSAEncryption
         1f:db:1e:63:bc:91:c3:03:eb:04:5f:f6:86:af:8f:04:25:ad:
         19:85:87:2b:7b:a6:37:5d:2a:af:d6:74:df:bf:5d:7a:03:26:
         6c:6e:c8:3c:58:fa:ac:5a:ce:83:32:dc:2d:3a:c8:79:ae:82:
         29:d9:af:b3:b1:93:42:b3:1b:0f:11:5f:55:de:85:7b:b8:99:
         e5:c1:ed:62:b1:c7:da:4d:56:99:7d:2a:96:27:94:9c:04:b1:
         1a:db:b6:30:0b:68:5b:e8:3b:f1:da:0e:f2:9b:be:1b:20:9c:
         0c:9c:04:9c:b5:55:17:2e:fa:d0:82:57:d8:98:4c:6f:ac:bb:
         e3:b7:df:60:9a:ab:b3:f9:0e:a2:20:86:96:4f:b0:d4:27:e4:
         b3:3b:82:f4:4f:1c:cd:f1:24:d1:2f:59:09:da:f2:19:9e:b1:
         7b:fc:6f:d0:4c:a3:f5:12:b8:4a:09:45:55:5a:64:5a:78:5b:
         31:61:d2:85:9f:2d:48:c7:3b:ba:02:51:aa:c9:e8:47:eb:d9:
         81:66:74:f0:a2:d7:26:2b:bb:85:93:84:06:1b:49:75:83:1b:
         40:ca:c1:7f:68:1f:8c:c4:ab:b1:4f:ed:50:78:50:be:a5:6d:
         a9:7b:04:01:35:fc:6b:01:ef:39:14:13:53:50:ff:00:3b:f3:
         49:2e:bb:79
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUGazwQllVNJv/dSHja+bHqmppm0wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MDEwM1oX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAYTk5MjcyOGE4ODk5ODQ1MTgxMzQ1
NGU2OTBiYTFkNjJhYjUzYmVjYzZiMjk0NjBhNjhjZjE1ZDg4NmFlZWI0OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskBsHJFmrsKuZiKsvSlKPnNCqaTt
I/qg+cdMGB/7F7wp4CSCsurtBqiAwA+CeW1toxrQWZM2I+oAk0JWBER9SzfTOCoR
HdyGJwYGSF4X3HXjDMy5ZyYneQkNkZXJVc9yp921sKzNwv1XMF/BXlbJ5Ec1h2LI
LV5ClE8Vo1r46FV9dywAtocqs4Ki8ZZkbw42s8bJYInLYowTcQsP4RaHRZ/C29S6
Lai+4nfJ1RAEKaZL3VlzW3u5ZTjYiVNJMO5syfqtNzQFyRfr6mwArwQLw2aVXhsv
RQvYUeeCDPuJEH5QGcVl2raaj8Xn259VtIXz3A5pR2JazNettoiUQ7E45wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEXry4rFy+zBbRNodfNs3jjManWxMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I5ZTUxZDJiLTAxZTAtNDI2NS05ZWY3LWQ2NjA5NDdmMGE0OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7igwDQYJKoZIhvcNAQELBQADggEBAB/bHmO8kcMD6wRf9oav
jwQlrRmFhyt7pjddKq/WdN+/XXoDJmxuyDxY+qxazoMy3C06yHmuginZr7Oxk0Kz
Gw8RX1XehXu4meXB7WKxx9pNVpl9KpYnlJwEsRrbtjALaFvoO/HaDvKbvhsgnAyc
BJy1VRcu+tCCV9iYTG+su+O332Caq7P5DqIghpZPsNQn5LM7gvRPHM3xJNEvWQna
8hmesXv8b9BMo/USuEoJRVVaZFp4WzFh0oWfLUjHO7oCUarJ6Efr2YFmdPCi1yYr
u4WThAYbSXWDG0DKwX9oH4zEq7FP7VB4UL6lbal7BAE1/GsB7zkUE1NQ/wA780ku
u3k=
-----END CERTIFICATE-----