Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bdb13c4d-36b9-422d-b558-2882286c1ab9.roa
File:                     bdb13c4d-36b9-422d-b558-2882286c1ab9.roa (raw, json)
Hash identifier:          H8tECIse9gVFNeOXTrFXilJ05m0/IZFXV9u2R0BnV4s=
Subject key identifier:   A6:D1:52:C9:28:96:BC:AF:0B:32:39:C5:79:8D:2E:68:4D:63:6E:AF
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3BA5101D7178EE52F3A915769A1B05F4EF923977
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bdb13c4d-36b9-422d-b558-2882286c1ab9.roa
Signing time:             Wed 30 Jul 2025 00:31:39 +0000
ROA not before:           Wed 30 Jul 2025 00:31:39 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:c080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:52:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:a5:10:1d:71:78:ee:52:f3:a9:15:76:9a:1b:05:f4:ef:92:39:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:31:39 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=67f0cb083a04c03a5db5370f4d52dc60fdb42d04f90a2b35c7496fa87c9ad25a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a6:3c:28:21:68:81:35:5e:f6:94:cb:cb:88:
                    f5:ca:f4:01:d4:6b:05:24:e2:f0:50:0c:23:f2:29:
                    46:d8:99:4b:c5:e3:28:cf:6d:b6:b0:db:ef:9a:85:
                    bf:17:81:dc:38:dd:ae:8e:73:76:3d:8b:5a:4c:0c:
                    aa:69:03:52:43:7e:05:54:be:b2:d8:c8:90:9e:be:
                    5a:10:7c:d6:cc:e0:bc:05:5d:de:c0:18:70:57:a5:
                    2b:d4:61:31:6a:28:86:3e:46:a1:5c:ba:77:cd:93:
                    58:88:aa:d8:f5:38:5e:c7:37:a1:82:f2:f7:ad:89:
                    2f:45:b0:2c:a0:af:d0:1b:4d:8c:f9:64:17:68:e6:
                    34:d4:ba:30:1f:a4:81:70:e5:9f:e8:b6:5b:5c:28:
                    e5:15:40:01:3a:71:f1:fe:34:c5:58:05:b4:ee:85:
                    f3:80:a7:d4:e9:31:39:9a:26:45:fd:f7:1a:33:9b:
                    89:38:ca:6b:90:5e:c9:8a:0f:83:17:d9:90:15:ed:
                    aa:dd:0f:f2:8b:07:78:71:34:e6:ce:a9:00:78:25:
                    76:f0:2f:35:25:eb:ae:76:1f:cc:9e:e4:24:75:5b:
                    9b:0c:c3:0d:0b:09:a2:06:8e:e9:7a:3f:c5:af:e5:
                    64:8a:85:7a:ab:b0:36:6e:a1:50:f2:32:4e:ae:3e:
                    10:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:D1:52:C9:28:96:BC:AF:0B:32:39:C5:79:8D:2E:68:4D:63:6E:AF
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bdb13c4d-36b9-422d-b558-2882286c1ab9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:c080::/46

    Signature Algorithm: sha256WithRSAEncryption
         5f:90:e7:28:31:35:63:0d:4a:9d:7e:b7:77:c2:36:4d:27:e7:
         25:89:70:66:f3:5d:a3:9d:e0:44:9e:c7:b1:cf:d4:0a:9b:c0:
         40:30:c6:42:6c:9f:bf:e0:8e:10:6e:d7:73:ec:4e:25:05:21:
         bf:49:31:94:ac:6e:e0:c9:94:f6:aa:8c:99:9f:c7:0b:e0:65:
         74:79:fa:7f:d5:94:69:ad:c8:6b:ea:e2:5d:c6:90:d7:9d:3c:
         ae:23:a3:c5:18:30:08:28:5e:fa:79:e7:55:34:a5:66:89:f7:
         74:67:84:0e:65:5c:e1:f2:ea:b5:69:c7:9a:a0:28:72:c4:8a:
         f4:52:8b:43:e0:e3:f0:4f:83:72:fc:f4:e4:17:ee:05:f4:46:
         56:41:17:5b:42:62:2a:f3:8c:75:ba:d2:09:8d:a1:79:5b:b1:
         da:08:f3:6e:00:e2:32:98:9f:51:e3:dc:73:7e:30:34:e8:ff:
         69:f5:7d:e8:27:76:3c:84:d0:3e:77:8a:52:5f:f9:39:37:58:
         4d:a5:59:62:52:43:71:5a:e3:05:66:0a:21:aa:03:f2:f3:96:
         f2:9d:06:89:b9:04:e0:c6:ec:8a:3f:50:88:31:95:d4:6c:91:
         75:b8:8b:fa:23:c7:d4:6d:d6:ae:0f:e3:5c:28:a5:37:bc:25:
         8d:c4:5a:be
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUO6UQHXF47lLzqRV2mhsF9O+SOXcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzEzOVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANjdmMGNiMDgzYTA0YzAzYTVkYjUz
NzBmNGQ1MmRjNjBmZGI0MmQwNGY5MGEyYjM1Yzc0OTZmYTg3YzlhZDI1YTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6Y8KCFogTVe9pTLy4j1yvQB1GsF
JOLwUAwj8ilG2JlLxeMoz222sNvvmoW/F4HcON2ujnN2PYtaTAyqaQNSQ34FVL6y
2MiQnr5aEHzWzOC8BV3ewBhwV6Ur1GExaiiGPkahXLp3zZNYiKrY9ThexzehgvL3
rYkvRbAsoK/QG02M+WQXaOY01LowH6SBcOWf6LZbXCjlFUABOnHx/jTFWAW07oXz
gKfU6TE5miZF/fcaM5uJOMprkF7Jig+DF9mQFe2q3Q/yiwd4cTTmzqkAeCV28C81
Jeuudh/MnuQkdVubDMMNCwmiBo7pej/Fr+VkioV6q7A2bqFQ8jJOrj4QswIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKbRUskolryvCzI5xXmNLmhNY26vMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JkYjEzYzRkLTM2YjktNDIyZC1iNTU4LTI4ODIyODZjMWFiOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+8CAMA0GCSqGSIb3DQEBCwUAA4IBAQBfkOcoMTVjDUqdfrd3
wjZNJ+cliXBm812jneBEnsexz9QKm8BAMMZCbJ+/4I4Qbtdz7E4lBSG/STGUrG7g
yZT2qoyZn8cL4GV0efp/1ZRprchr6uJdxpDXnTyuI6PFGDAIKF76eedVNKVmifd0
Z4QOZVzh8uq1aceaoChyxIr0UotD4OPwT4Ny/PTkF+4F9EZWQRdbQmIq84x1utIJ
jaF5W7HaCPNuAOIymJ9R49xzfjA06P9p9X3oJ3Y8hNA+d4pSX/k5N1hNpVliUkNx
WuMFZgohqgPy85bynQaJuQTgxuyKP1CIMZXUbJF1uIv6I8fUbdauD+NcKKU3vCWN
xFq+
-----END CERTIFICATE-----