Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8756e90-79cc-4ecd-9fd1-6612ecf711b8.roa
File:                     c8756e90-79cc-4ecd-9fd1-6612ecf711b8.roa (raw, json)
Hash identifier:          8B7d6W7B/WmroJMLgUW7Ubv6MmkA/ztTpylDCgunOEQ=
Subject key identifier:   49:56:66:6A:AF:58:B8:8D:2B:44:D3:71:45:BD:DB:FA:69:73:D4:37
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       20B3E45A060373FFA647DACC331969A2AA9395C1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8756e90-79cc-4ecd-9fd1-6612ecf711b8.roa
Signing time:             Fri 16 May 2025 00:10:16 +0000
ROA not before:           Fri 16 May 2025 00:10:16 +0000
ROA not after:            Fri 20 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:b040::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:53:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:b3:e4:5a:06:03:73:ff:a6:47:da:cc:33:19:69:a2:aa:93:95:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 16 00:10:16 2025 GMT
            Not After : Jun 20 23:59:59 2025 GMT
        Subject: serialNumber=fea270f4f95ccbcddc9ae70d60ca2623847660c76196c920f2cb8f51e1bcf8af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3c:3c:72:34:ef:b2:6c:6e:4b:df:ef:c4:61:
                    11:82:c3:7b:2e:55:ff:82:c5:d8:b7:38:b5:e3:9d:
                    dd:6b:ea:5f:d8:69:75:7b:05:0d:72:af:12:46:85:
                    d6:fc:66:f7:09:b9:c6:e4:7f:85:34:9f:a4:5c:ab:
                    df:a6:61:7d:f6:75:98:cf:41:69:61:c6:0f:15:1f:
                    d5:d7:67:0f:32:8a:21:0d:cf:1b:34:d8:e1:0f:5a:
                    01:6e:7b:1b:d8:10:3b:9d:6a:e5:ed:59:4b:4f:c5:
                    80:d8:91:38:00:b0:2e:f6:a7:15:16:e0:4d:0a:62:
                    69:c0:6b:b6:d4:76:14:3b:50:99:2b:a6:52:8a:93:
                    ae:20:f5:6d:35:72:d7:bb:c1:08:cd:e2:90:d1:da:
                    a8:29:ed:b7:14:5f:6b:49:9b:d6:c7:d6:a5:57:0c:
                    a4:56:83:6d:d0:67:77:50:5f:70:fd:55:81:eb:33:
                    59:e1:bf:15:5b:73:a6:4b:cb:1c:d3:d2:aa:49:03:
                    01:c9:8b:ab:ec:f1:30:75:6a:4b:f1:86:b7:5d:97:
                    f6:fd:09:cb:21:9d:f0:77:d5:b1:33:de:8f:ad:5a:
                    11:aa:a3:0b:10:06:06:98:72:33:b4:77:f8:a9:2c:
                    74:26:b8:35:13:b9:eb:99:fd:24:44:46:a2:eb:f1:
                    15:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:56:66:6A:AF:58:B8:8D:2B:44:D3:71:45:BD:DB:FA:69:73:D4:37
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8756e90-79cc-4ecd-9fd1-6612ecf711b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:b040::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:77:ac:15:63:ce:76:fc:d6:5a:d1:9a:81:5c:0d:05:c1:ba:
         fc:9a:69:29:ef:89:8e:c5:15:00:d0:f6:9e:ec:0e:8f:05:9e:
         47:79:a3:f4:80:f4:72:56:db:ed:ef:5f:dd:75:9c:bc:d5:ac:
         be:b7:c1:d2:98:5b:cd:d4:a2:28:0e:c8:eb:92:6f:62:3b:0c:
         4f:5a:ec:98:3f:71:99:db:97:16:5e:50:72:8c:64:d8:bf:ae:
         38:60:b7:e1:2b:de:0e:89:8a:a8:a6:28:9a:3a:f5:8d:e3:48:
         8e:74:4a:99:a6:08:dc:4a:eb:11:e9:66:a5:5b:d4:30:4d:89:
         fa:72:7c:8c:4e:d6:ff:54:48:55:ae:04:23:cb:67:56:05:1d:
         42:fd:c9:60:21:96:ac:79:15:28:08:da:b6:71:a8:f9:82:6f:
         1b:26:63:d0:79:30:78:de:7d:3b:9f:53:e6:3f:1b:3a:df:7f:
         05:7e:d7:bc:c0:14:dc:12:c2:88:40:b4:c8:ff:75:00:46:f5:
         51:c4:18:12:4a:2c:6a:eb:fa:a1:80:6b:7e:4c:c2:cb:77:9f:
         00:89:59:32:ee:18:c9:9e:fe:28:31:61:01:ee:65:07:4b:fc:
         4a:b4:d5:2b:44:8d:df:4f:bb:5b:70:ae:65:98:c0:5e:86:0e:
         7b:91:e8:6f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUILPkWgYDc/+mR9rMMxlpoqqTlcEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMTAxNloX
DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZmVhMjcwZjRmOTVjY2JjZGRjOWFl
NzBkNjBjYTI2MjM4NDc2NjBjNzYxOTZjOTIwZjJjYjhmNTFlMWJjZjhhZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTw8cjTvsmxuS9/vxGERgsN7LlX/
gsXYtzi1453da+pf2Gl1ewUNcq8SRoXW/Gb3CbnG5H+FNJ+kXKvfpmF99nWYz0Fp
YcYPFR/V12cPMoohDc8bNNjhD1oBbnsb2BA7nWrl7VlLT8WA2JE4ALAu9qcVFuBN
CmJpwGu21HYUO1CZK6ZSipOuIPVtNXLXu8EIzeKQ0dqoKe23FF9rSZvWx9alVwyk
VoNt0Gd3UF9w/VWB6zNZ4b8VW3OmS8sc09KqSQMByYur7PEwdWpL8Ya3XZf2/QnL
IZ3wd9WxM96PrVoRqqMLEAYGmHIztHf4qSx0Jrg1E7nrmf0kREai6/EVYwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFElWZmqvWLiNK0TTcUW92/ppc9Q3MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M4NzU2ZTkwLTc5Y2MtNGVjZC05ZmQxLTY2MTJlY2Y3MTFiOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9LBAMA0GCSqGSIb3DQEBCwUAA4IBAQBed6wVY852/NZa0ZqB
XA0Fwbr8mmkp74mOxRUA0Pae7A6PBZ5HeaP0gPRyVtvt71/ddZy81ay+t8HSmFvN
1KIoDsjrkm9iOwxPWuyYP3GZ25cWXlByjGTYv644YLfhK94OiYqopiiaOvWN40iO
dEqZpgjcSusR6WalW9QwTYn6cnyMTtb/VEhVrgQjy2dWBR1C/clgIZaseRUoCNq2
caj5gm8bJmPQeTB43n07n1PmPxs6338Ffte8wBTcEsKIQLTI/3UARvVRxBgSSixq
6/qhgGt+TMLLd58AiVky7hjJnv4oMWEB7mUHS/xKtNUrRI3fT7tbcK5lmMBehg57
kehv
-----END CERTIFICATE-----