Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c53a68e4-6b3d-4fba-a3e7-7c778c3b46b6.roa
File:                     c53a68e4-6b3d-4fba-a3e7-7c778c3b46b6.roa (raw, json)
Hash identifier:          kaoNVmMjy/yOjvR4IU1ccGyiRkW/Cq63qK6CYRbwxmw=
Subject key identifier:   8A:0C:39:B1:E9:0A:CC:5E:45:6A:71:77:8D:3B:1A:F7:A3:6F:C0:6F
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       16C0124542D43070B6C47A37C19A088593C1A595
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c53a68e4-6b3d-4fba-a3e7-7c778c3b46b6.roa
Signing time:             Wed 30 Jul 2025 00:30:17 +0000
ROA not before:           Wed 30 Jul 2025 00:30:17 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:b040::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:24:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:c0:12:45:42:d4:30:70:b6:c4:7a:37:c1:9a:08:85:93:c1:a5:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:30:17 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=d9b5ba076cae4f3d4da9d6ebece85e2057344b9459ecb4956a5d6aa297b268d3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:05:96:b5:db:fc:1e:2e:4c:41:9f:6a:75:2b:
                    89:1e:41:06:e8:3b:4b:1b:46:dc:e9:d0:91:d0:3a:
                    1e:0d:cf:38:b6:d2:18:cb:f0:44:34:84:00:b5:aa:
                    ec:3c:c0:ba:2e:94:59:9b:9a:e3:57:6b:d0:b3:1c:
                    01:14:82:43:b3:d8:f6:26:1f:9a:8c:92:b6:67:24:
                    df:0f:87:e0:72:ea:ed:50:d1:9f:f3:f6:c6:59:b6:
                    40:57:72:cd:25:7a:7e:31:6c:eb:84:e6:b0:99:9a:
                    e8:b9:ce:3d:fc:e3:4d:59:16:1e:5a:5e:29:5c:ad:
                    b2:58:63:01:f5:15:67:18:cc:3a:70:48:59:9a:1e:
                    d8:90:89:2d:5e:2f:87:c1:5e:5e:5c:58:38:8e:30:
                    78:57:27:77:5b:82:98:61:83:57:b3:db:a1:20:c6:
                    ec:d8:4f:78:5e:1f:be:91:28:ca:d4:79:e0:74:15:
                    62:40:b6:4b:c3:a1:48:85:53:db:9b:9d:17:70:e3:
                    31:49:4a:26:42:ca:76:a6:cc:ff:ed:0b:fc:6d:2d:
                    ad:3e:8e:83:a1:e7:2d:67:ef:c1:53:c8:70:8a:82:
                    d8:fa:d0:22:3a:7e:43:4a:1e:9b:25:fa:c5:f9:6e:
                    94:b0:39:43:39:0c:84:de:e5:df:92:b4:86:1c:96:
                    bd:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:0C:39:B1:E9:0A:CC:5E:45:6A:71:77:8D:3B:1A:F7:A3:6F:C0:6F
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c53a68e4-6b3d-4fba-a3e7-7c778c3b46b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:b040::/46

    Signature Algorithm: sha256WithRSAEncryption
         44:07:9b:d7:1a:a1:5b:da:53:7e:38:30:2d:11:17:2e:ad:9c:
         f3:7a:b3:3d:d0:e7:67:45:1c:05:de:ba:8f:9d:b0:53:09:27:
         50:50:27:57:67:12:82:83:52:14:b2:43:a7:54:27:e6:b0:dd:
         ad:5c:e5:57:e4:01:82:cd:44:5b:b6:1c:88:c4:9e:d0:43:d4:
         66:da:4d:e3:01:c9:68:7b:14:32:ea:70:9c:69:dd:c9:1c:f7:
         0b:5c:bd:44:f4:5f:3b:32:6f:15:10:0e:89:f7:ae:09:53:78:
         8b:f2:54:17:f4:0b:b9:76:7c:ff:cc:f2:1f:d4:d3:51:df:9b:
         ae:86:96:6b:c5:83:ce:03:2b:68:db:e6:3b:38:6d:1f:b9:0b:
         b3:11:29:06:ec:cb:c2:1d:80:59:e4:7e:88:4e:ae:a3:ae:fa:
         e1:11:ac:e2:7e:aa:d3:08:f3:f6:a0:6a:50:a2:d6:e5:53:2a:
         e8:4c:8b:2f:6e:e0:bd:40:ab:9b:e6:72:e6:27:63:9c:b9:4d:
         8f:e8:e1:ee:3b:8f:97:21:66:03:cf:12:48:86:7c:4d:cd:45:
         c8:b2:4d:67:f5:1c:a4:35:f0:ae:b0:57:26:e2:36:df:79:4b:
         29:b2:df:64:d9:90:fa:0c:0d:fb:be:dc:52:80:85:c6:d7:96:
         8f:c6:9c:19
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUFsASRULUMHC2xHo3wZoIhZPBpZUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzAxN1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZDliNWJhMDc2Y2FlNGYzZDRkYTlk
NmViZWNlODVlMjA1NzM0NGI5NDU5ZWNiNDk1NmE1ZDZhYTI5N2IyNjhkMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gWWtdv8Hi5MQZ9qdSuJHkEG6DtL
G0bc6dCR0DoeDc84ttIYy/BENIQAtarsPMC6LpRZm5rjV2vQsxwBFIJDs9j2Jh+a
jJK2ZyTfD4fgcurtUNGf8/bGWbZAV3LNJXp+MWzrhOawmZrouc49/ONNWRYeWl4p
XK2yWGMB9RVnGMw6cEhZmh7YkIktXi+HwV5eXFg4jjB4Vyd3W4KYYYNXs9uhIMbs
2E94Xh++kSjK1HngdBViQLZLw6FIhVPbm50XcOMxSUomQsp2psz/7Qv8bS2tPo6D
oectZ+/BU8hwioLY+tAiOn5DSh6bJfrF+W6UsDlDOQyE3uXfkrSGHJa9iQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIoMObHpCsxeRWpxd407Gvejb8BvMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M1M2E2OGU0LTZiM2QtNGZiYS1hM2U3LTdjNzc4YzNiNDZiNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba97BAMA0GCSqGSIb3DQEBCwUAA4IBAQBEB5vXGqFb2lN+ODAt
ERcurZzzerM90OdnRRwF3rqPnbBTCSdQUCdXZxKCg1IUskOnVCfmsN2tXOVX5AGC
zURbthyIxJ7QQ9Rm2k3jAcloexQy6nCcad3JHPcLXL1E9F87Mm8VEA6J964JU3iL
8lQX9Au5dnz/zPIf1NNR35uuhpZrxYPOAyto2+Y7OG0fuQuzESkG7MvCHYBZ5H6I
Tq6jrvrhEazifqrTCPP2oGpQotblUyroTIsvbuC9QKub5nLmJ2OcuU2P6OHuO4+X
IWYDzxJIhnxNzUXIsk1n9RykNfCusFcm4jbfeUspst9k2ZD6DA37vtxSgIXG15aP
xpwZ
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:57:25 2025 by rpki-client