Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa
File:                     c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa (raw, json)
Hash identifier:          YEXsi841o6c1O7kJ91NeAnu4kktHjWH2OW78yT/nAt0=
Subject key identifier:   1E:4B:D1:7E:31:68:82:81:00:25:4A:E1:46:0A:21:0D:A8:1D:B5:2E
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0A718767875859B1B05A8D1401B601567E00523E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa
Signing time:             Wed 30 Jul 2025 00:40:59 +0000
ROA not before:           Wed 30 Jul 2025 00:40:59 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:e0c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:52:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:71:87:67:87:58:59:b1:b0:5a:8d:14:01:b6:01:56:7e:00:52:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:40:59 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=7f084c67bc56411fd9fc224279ce2e4bd1c214112be56d80d4738b3e0119229b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:10:5c:6c:e9:28:7c:d0:e5:75:8a:96:53:fb:
                    a8:e6:3d:d7:4f:74:27:ff:d8:e3:40:16:e5:bf:70:
                    d4:e7:50:67:28:b1:c6:3f:c2:3f:bb:6b:f0:60:01:
                    af:98:8f:b1:dd:8a:d9:a2:92:7c:cd:7e:c2:32:d6:
                    b1:81:42:1d:ea:91:60:d4:ce:41:1d:15:2f:85:9a:
                    ea:06:a2:b1:43:03:5e:fe:0f:a1:10:04:e9:88:79:
                    1a:4b:24:5a:70:a8:da:59:74:46:69:db:1c:71:a2:
                    cf:9c:ee:c6:a9:f3:c2:76:f4:a4:37:2f:c5:cf:7b:
                    16:94:13:77:01:51:ff:5f:b3:d7:c6:cb:33:df:49:
                    ed:fa:b6:64:82:51:d7:70:26:23:45:df:2e:67:4a:
                    24:fc:55:b2:eb:75:30:5d:c4:45:54:e0:c2:59:16:
                    46:af:67:fd:3a:d7:ef:5a:1d:e7:a5:57:c5:e3:8f:
                    6e:ac:60:13:78:39:8e:03:e4:a5:94:a9:32:75:dc:
                    ca:82:7e:d8:07:a2:5a:1e:4f:31:88:c4:f1:51:dc:
                    af:70:84:a2:8b:a4:35:93:7f:a8:de:6e:db:ec:0c:
                    2f:e2:76:6b:66:83:28:b4:86:cd:18:57:40:c9:10:
                    fc:48:f4:4f:aa:5c:50:0a:79:44:dc:ea:62:b3:ee:
                    1f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:4B:D1:7E:31:68:82:81:00:25:4A:E1:46:0A:21:0D:A8:1D:B5:2E
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0ec1fe9-74da-4c07-adb2-ac7446de3891.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:e0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         34:20:c5:6e:ad:2f:d3:04:ce:72:73:e2:c2:55:c0:48:99:c7:
         6d:2f:47:3b:94:f9:c9:b7:b5:76:20:a9:ff:e4:50:d7:99:8a:
         a1:60:c0:04:c2:0d:d9:7b:77:ac:b9:74:97:94:6b:bf:00:bc:
         32:13:7e:3f:53:5b:0f:64:38:11:1d:30:b9:c9:99:45:de:51:
         ea:02:36:c4:ab:bf:55:61:16:2d:b7:78:86:ce:34:88:21:bb:
         b6:78:5e:c7:53:87:eb:c7:25:e6:2b:c3:47:cb:cd:2f:0c:83:
         f3:59:1f:13:ff:ab:75:14:97:e9:ce:99:2d:56:83:ed:6b:9b:
         5a:26:36:cf:88:08:ea:54:f4:5c:09:38:b4:2d:ea:e1:c1:5c:
         fc:46:f4:58:60:1c:a1:fd:da:83:ff:8f:f4:2d:00:55:52:18:
         90:21:63:70:99:08:94:3f:fc:a6:ce:99:36:fa:e1:7c:02:be:
         f3:7c:40:a2:86:bf:4c:c0:d7:5b:6f:f4:c1:49:d1:82:3b:1c:
         b7:bf:17:d0:fa:1b:8c:32:85:7d:ed:8d:f5:d9:f0:7c:e7:6f:
         d2:10:ac:9b:b1:ac:2a:17:16:4d:ad:a0:ec:99:bc:bf:b7:ba:
         89:8d:33:7b:04:96:de:b6:35:85:b1:be:af:5b:73:70:c9:e3:
         0a:82:c3:2f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUCnGHZ4dYWbGwWo0UAbYBVn4AUj4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDA1OVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAN2YwODRjNjdiYzU2NDExZmQ5ZmMy
MjQyNzljZTJlNGJkMWMyMTQxMTJiZTU2ZDgwZDQ3MzhiM2UwMTE5MjI5YjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxBcbOkofNDldYqWU/uo5j3XT3Qn
/9jjQBblv3DU51BnKLHGP8I/u2vwYAGvmI+x3YrZopJ8zX7CMtaxgUId6pFg1M5B
HRUvhZrqBqKxQwNe/g+hEATpiHkaSyRacKjaWXRGadsccaLPnO7GqfPCdvSkNy/F
z3sWlBN3AVH/X7PXxssz30nt+rZkglHXcCYjRd8uZ0ok/FWy63UwXcRFVODCWRZG
r2f9OtfvWh3npVfF449urGATeDmOA+SllKkyddzKgn7YB6JaHk8xiMTxUdyvcISi
i6Q1k3+o3m7b7Awv4nZrZoMotIbNGFdAyRD8SPRPqlxQCnlE3Opis+4fCQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFB5L0X4xaIKBACVK4UYKIQ2oHbUuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MwZWMxZmU5LTc0ZGEtNGMwNy1hZGIyLWFjNzQ0NmRlMzg5MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba++DAMA0GCSqGSIb3DQEBCwUAA4IBAQA0IMVurS/TBM5yc+LC
VcBImcdtL0c7lPnJt7V2IKn/5FDXmYqhYMAEwg3Ze3esuXSXlGu/ALwyE34/U1sP
ZDgRHTC5yZlF3lHqAjbEq79VYRYtt3iGzjSIIbu2eF7HU4frxyXmK8NHy80vDIPz
WR8T/6t1FJfpzpktVoPta5taJjbPiAjqVPRcCTi0LerhwVz8RvRYYByh/dqD/4/0
LQBVUhiQIWNwmQiUP/ymzpk2+uF8Ar7zfECihr9MwNdbb/TBSdGCOxy3vxfQ+huM
MoV97Y312fB852/SEKybsawqFxZNraDsmby/t7qJjTN7BJbetjWFsb6vW3NwyeMK
gsMv
-----END CERTIFICATE-----