Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa
File:                     bbddded6-dcdb-4e7d-afd3-a45288409de7.roa (raw, json)
Hash identifier:          7wRpmcNmvLYA4VSqIGARl2UTDpU5nBmzcRHufHXMqpM=
Subject key identifier:   D8:34:60:79:31:11:03:B3:D0:D2:F0:FB:68:1C:06:08:67:A2:5B:5A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       68809CD7292E45FFB2F1DF432DA84C464E39C001
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa
Signing time:             Wed 30 Jul 2025 00:21:31 +0000
ROA not before:           Wed 30 Jul 2025 00:21:31 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:e0c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:24:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:80:9c:d7:29:2e:45:ff:b2:f1:df:43:2d:a8:4c:46:4e:39:c0:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:21:31 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=117b433681453dbccfbb7d7da8fb5bbe26dea6e4111137ecd311416c4f0333d9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6d:75:de:95:05:64:d4:99:a3:17:9f:67:da:
                    08:96:0a:5b:c6:0d:00:c3:a5:0a:ac:09:e9:4f:1a:
                    a5:91:e4:fe:a6:9f:e6:f1:a4:63:8d:76:98:00:12:
                    8f:cf:1c:a7:13:13:aa:02:f0:af:2a:31:d6:5d:41:
                    9e:3b:df:93:ca:03:0e:b6:fc:d0:3d:85:1d:d4:3b:
                    f0:92:40:0a:6e:2a:e3:6e:b6:54:69:c9:29:61:05:
                    df:51:ee:e1:91:01:1e:64:28:45:b3:e8:c3:06:7d:
                    68:d9:3c:74:82:c0:ad:b4:f1:0a:7a:6c:d1:f9:78:
                    f5:1b:e2:ab:3c:98:0a:69:a0:1c:d1:44:5d:35:77:
                    06:b7:94:45:00:a6:a6:36:d8:09:46:62:e0:6c:6c:
                    e6:9c:00:1a:da:c2:f6:56:cd:df:7e:94:87:f7:27:
                    75:c2:52:98:c6:cd:f5:49:bd:c5:1a:8e:4e:c4:d5:
                    1c:4a:fe:b2:65:8c:3b:21:bd:1e:66:96:f5:c7:22:
                    68:70:9a:fc:f3:67:e8:b7:a5:88:41:74:19:9b:7d:
                    b0:8a:7d:42:bc:5a:ab:81:45:ee:f6:29:3c:13:77:
                    f1:33:a0:91:13:e7:90:75:b6:4b:5b:79:90:f6:f7:
                    2e:73:f8:1b:77:9b:b1:e9:77:30:c7:f4:fb:90:6c:
                    ec:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:34:60:79:31:11:03:B3:D0:D2:F0:FB:68:1C:06:08:67:A2:5B:5A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:e0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         32:cb:20:3c:e1:0c:89:27:f2:93:1e:de:f0:d3:21:db:4e:d0:
         6d:99:7b:4f:26:d9:c7:24:00:7a:a0:5a:54:82:3e:8b:5d:21:
         15:55:31:de:b8:eb:73:e1:1e:82:2f:f4:a1:ba:12:05:f0:3f:
         76:9a:0f:4c:2c:b1:31:7e:b4:39:8a:b1:4c:a7:29:51:9c:40:
         90:f2:05:49:11:75:82:ac:67:0f:fc:13:63:ec:77:2d:2c:c8:
         38:8b:f4:65:ee:eb:c4:98:5a:84:40:06:0d:d5:ef:b9:83:c1:
         08:39:3b:d6:64:9c:76:72:c1:98:85:d9:f6:6c:9c:3c:01:8b:
         e1:47:e5:e5:c0:c8:ef:c3:9f:5a:9e:3e:70:b1:7e:4b:4b:e2:
         18:b9:59:33:64:48:1e:13:3a:be:50:a9:1e:4b:f1:5c:2b:88:
         13:60:41:68:05:24:12:c3:b3:8a:d3:a2:10:60:4b:07:64:2c:
         20:7f:b2:50:4b:fc:57:2b:ca:0a:11:63:1c:97:ec:4e:47:a9:
         6a:11:95:d0:7b:26:25:87:d8:62:a5:74:5a:24:3e:f0:d5:66:
         2b:10:21:bd:fa:7c:2d:f5:ab:69:b4:90:dc:f1:51:a6:5e:88:
         05:cc:f1:e1:cf:20:cd:4b:8c:9b:bc:5b:7c:b2:a8:94:2c:be:
         20:1b:d8:96
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUaICc1ykuRf+y8d9DLahMRk45wAEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjEzMVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMTE3YjQzMzY4MTQ1M2RiY2NmYmI3
ZDdkYThmYjViYmUyNmRlYTZlNDExMTEzN2VjZDMxMTQxNmM0ZjAzMzNkOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG113pUFZNSZoxefZ9oIlgpbxg0A
w6UKrAnpTxqlkeT+pp/m8aRjjXaYABKPzxynExOqAvCvKjHWXUGeO9+TygMOtvzQ
PYUd1DvwkkAKbirjbrZUackpYQXfUe7hkQEeZChFs+jDBn1o2Tx0gsCttPEKemzR
+Xj1G+KrPJgKaaAc0URdNXcGt5RFAKamNtgJRmLgbGzmnAAa2sL2Vs3ffpSH9yd1
wlKYxs31Sb3FGo5OxNUcSv6yZYw7Ib0eZpb1xyJocJr882fot6WIQXQZm32win1C
vFqrgUXu9ik8E3fxM6CRE+eQdbZLW3mQ9vcuc/gbd5ux6Xcwx/T7kGzsuwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNg0YHkxEQOz0NLw+2gcBghnoltaMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JiZGRkZWQ2LWRjZGItNGU3ZC1hZmQzLWE0NTI4ODQwOWRlNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9+DAMA0GCSqGSIb3DQEBCwUAA4IBAQAyyyA84QyJJ/KTHt7w
0yHbTtBtmXtPJtnHJAB6oFpUgj6LXSEVVTHeuOtz4R6CL/ShuhIF8D92mg9MLLEx
frQ5irFMpylRnECQ8gVJEXWCrGcP/BNj7HctLMg4i/Rl7uvEmFqEQAYN1e+5g8EI
OTvWZJx2csGYhdn2bJw8AYvhR+XlwMjvw59anj5wsX5LS+IYuVkzZEgeEzq+UKke
S/FcK4gTYEFoBSQSw7OK06IQYEsHZCwgf7JQS/xXK8oKEWMcl+xOR6lqEZXQeyYl
h9hipXRaJD7w1WYrECG9+nwt9atptJDc8VGmXogFzPHhzyDNS4ybvFt8sqiULL4g
G9iW
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:57:25 2025 by rpki-client