Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa
File:                     bb43d920-c136-469d-a403-965ad7c2d9d2.roa (raw, json)
Hash identifier:          PVwxfKMReD6AKj6NgqQ/4ySMOkapKNe0Q6BJfveGIpg=
Subject key identifier:   5C:D8:EC:13:E4:E4:0D:21:DF:CD:BE:EF:58:B7:6C:BC:75:F7:3F:D7
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       77245334967CA7173A7E0408EC93CA78B2CEB665
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa
Signing time:             Wed 30 Jul 2025 00:41:43 +0000
ROA not before:           Wed 30 Jul 2025 00:41:43 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:a000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 17:39:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:24:53:34:96:7c:a7:17:3a:7e:04:08:ec:93:ca:78:b2:ce:b6:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:41:43 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=1af6a05ad2673ac7180222d2b0064390ea54043453e6512af976e915982dfe47, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e2:d7:04:78:67:e8:f3:29:48:3f:9b:c8:00:
                    f0:0a:52:fe:ea:00:8e:63:0a:93:7c:2a:52:92:5d:
                    08:ea:28:af:04:07:84:1e:d2:8a:98:93:1a:06:46:
                    4c:8c:45:32:02:de:6e:1d:30:30:6d:61:56:43:18:
                    44:ef:c4:8c:26:cd:0a:11:fd:a2:55:ff:66:27:e1:
                    a4:15:21:05:21:3f:96:2b:98:0d:88:b2:c7:e2:10:
                    95:77:e8:70:a6:51:09:36:67:64:dc:67:10:0e:58:
                    0a:46:59:bd:42:84:a2:44:13:cd:1a:df:4e:ec:5d:
                    91:a3:e0:df:83:3f:e6:66:84:e5:a1:8d:81:9a:33:
                    25:62:a6:42:af:bc:c5:e5:50:ca:db:df:d3:c7:7e:
                    6a:b8:80:a4:d2:bf:45:7e:1c:10:5f:af:fa:21:c4:
                    c1:c6:f0:e5:91:4d:c3:80:4a:97:70:03:8c:15:58:
                    2f:e6:b5:9c:21:75:b7:eb:89:a2:7d:99:93:56:c4:
                    f1:da:8d:70:d5:f8:44:ce:6b:fc:95:25:16:27:e5:
                    e3:c7:40:ea:a8:46:4f:a7:3f:01:1b:ed:d4:2d:75:
                    2a:92:af:8e:39:91:64:4c:7c:0c:16:0c:99:5d:58:
                    64:a9:0a:55:63:91:51:b1:41:45:5a:ce:e8:68:06:
                    83:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:D8:EC:13:E4:E4:0D:21:DF:CD:BE:EF:58:B7:6C:BC:75:F7:3F:D7
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:a000::/40

    Signature Algorithm: sha256WithRSAEncryption
         14:18:77:e2:6a:be:53:93:70:1c:e6:8d:2d:0b:a2:d3:93:72:
         75:ba:3f:27:35:1e:e9:aa:63:53:26:6b:1c:62:74:fc:e1:8b:
         3f:a2:3e:fe:53:9d:59:10:27:a3:df:f0:8a:5f:51:4b:7c:fb:
         1d:3f:4e:ff:93:98:2b:c9:07:f3:b5:38:77:fd:9b:cd:ab:ef:
         cc:46:81:ad:e7:75:2b:3c:f6:68:20:e4:33:80:fa:45:f5:d4:
         e8:73:16:e7:dc:08:f0:9f:18:37:a4:55:2d:35:31:ef:5e:94:
         ce:32:0a:0a:0f:7b:2c:20:03:1d:8f:b0:bc:d5:5a:1a:74:73:
         5e:8b:b1:3b:7c:79:b1:63:6b:40:39:4d:87:6e:2e:74:10:50:
         53:f8:ae:93:80:9f:0d:c4:6f:45:04:f3:00:3a:f7:a4:92:1e:
         76:c6:a3:17:ad:c8:ee:e1:07:94:6f:6a:1a:0e:89:51:f7:b2:
         55:ce:ec:05:65:67:aa:5f:c6:e0:f8:8b:7e:4c:da:56:f4:95:
         19:56:63:2a:30:98:15:a2:0d:e5:ad:18:af:6d:61:e9:45:0d:
         85:18:73:39:f2:fa:86:d9:71:d2:29:59:d8:42:4b:8b:b7:2c:
         3b:dc:d9:ce:a9:c0:db:79:ee:00:bc:39:19:ee:9c:7a:f3:8d:
         1a:f8:2b:3a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUdyRTNJZ8pxc6fgQI7JPKeLLOtmUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDE0M1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMWFmNmEwNWFkMjY3M2FjNzE4MDIy
MmQyYjAwNjQzOTBlYTU0MDQzNDUzZTY1MTJhZjk3NmU5MTU5ODJkZmU0NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuLXBHhn6PMpSD+byADwClL+6gCO
YwqTfCpSkl0I6iivBAeEHtKKmJMaBkZMjEUyAt5uHTAwbWFWQxhE78SMJs0KEf2i
Vf9mJ+GkFSEFIT+WK5gNiLLH4hCVd+hwplEJNmdk3GcQDlgKRlm9QoSiRBPNGt9O
7F2Ro+Dfgz/mZoTloY2BmjMlYqZCr7zF5VDK29/Tx35quICk0r9FfhwQX6/6IcTB
xvDlkU3DgEqXcAOMFVgv5rWcIXW364mifZmTVsTx2o1w1fhEzmv8lSUWJ+Xjx0Dq
qEZPpz8BG+3ULXUqkq+OOZFkTHwMFgyZXVhkqQpVY5FRsUFFWs7oaAaDnwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFzY7BPk5A0h382+71i3bLx19z/XMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JiNDNkOTIwLWMxMzYtNDY5ZC1hNDAzLTk2NWFkN2MyZDlkMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaaAwDQYJKoZIhvcNAQELBQADggEBABQYd+JqvlOTcBzmjS0L
otOTcnW6Pyc1HumqY1MmaxxidPzhiz+iPv5TnVkQJ6Pf8IpfUUt8+x0/Tv+TmCvJ
B/O1OHf9m82r78xGga3ndSs89mgg5DOA+kX11OhzFufcCPCfGDekVS01Me9elM4y
CgoPeywgAx2PsLzVWhp0c16LsTt8ebFja0A5TYduLnQQUFP4rpOAnw3Eb0UE8wA6
96SSHnbGoxetyO7hB5RvahoOiVH3slXO7AVlZ6pfxuD4i35M2lb0lRlWYyowmBWi
DeWtGK9tYelFDYUYczny+obZcdIpWdhCS4u3LDvc2c6pwNt57gC8ORnunHrzjRr4
Kzo=
-----END CERTIFICATE-----