Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa
File:                     cbe226c2-aed5-404b-b74e-3b543fc887f0.roa (raw, json)
Hash identifier:          JNTtm9khvv8fZPoZzVufBWwzXno8pJNabqbZrS7lKLI=
Subject key identifier:   D3:74:9B:0F:A5:F2:3C:F4:EE:A3:C2:29:BA:C8:7C:7C:04:3D:AA:99
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       645A0D16578E8AE136DABF5C4F333EFD6B50265B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa
Signing time:             Wed 30 Jul 2025 00:40:54 +0000
ROA not before:           Wed 30 Jul 2025 00:40:54 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:f0c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:08:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:5a:0d:16:57:8e:8a:e1:36:da:bf:5c:4f:33:3e:fd:6b:50:26:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:40:54 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=da27e1eb6338a44540b658596e240fc7adad3f33b616dd1330be7b69284e9867, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:17:e2:97:16:13:05:8c:d1:03:9d:a0:1a:ee:
                    6f:d4:3d:26:5e:35:72:60:4b:76:b7:0d:ce:09:58:
                    b0:77:e3:14:da:c2:00:c1:0c:f9:b0:df:6f:e6:1a:
                    7d:e6:0f:db:84:05:86:bd:4c:0f:07:0c:17:cf:cf:
                    30:8b:65:48:07:81:8f:ad:12:bb:d5:67:74:67:e0:
                    b9:4e:30:df:65:d0:f3:bf:61:c4:36:10:c6:df:a6:
                    6f:74:ed:2d:62:da:89:d7:5d:73:e3:25:e0:6c:51:
                    78:b1:13:24:24:e8:b5:ea:bd:88:cb:ae:f2:6b:e4:
                    36:fd:be:14:05:65:f1:cc:d8:3a:77:13:b8:38:c8:
                    bb:98:2a:ca:82:64:f4:4b:ce:8c:e0:ba:fa:65:88:
                    90:ee:ed:85:86:2a:ab:db:43:9b:71:eb:31:e9:d9:
                    6b:3a:fd:82:ff:41:9a:3b:27:f2:b5:7d:02:c7:69:
                    f2:78:b8:33:48:ac:91:53:ae:b9:57:24:3f:20:50:
                    51:5f:9e:ea:65:70:e4:5f:a4:5c:43:30:1f:b1:1c:
                    29:df:b5:f7:6f:05:8f:94:7d:aa:72:8e:f7:3b:76:
                    cb:3a:18:c0:27:29:be:dc:77:67:98:79:09:cc:4c:
                    74:3f:f4:01:58:5f:9b:50:54:5e:28:29:f6:78:00:
                    fa:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:74:9B:0F:A5:F2:3C:F4:EE:A3:C2:29:BA:C8:7C:7C:04:3D:AA:99
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:f0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         bc:eb:68:f7:98:c4:b6:32:e2:d3:10:b4:43:a0:c8:0a:d5:27:
         e0:07:a1:11:13:b8:48:a6:ff:2f:98:42:d9:75:8a:2c:c3:9b:
         54:36:31:87:9e:bd:2b:e0:33:6f:9f:80:47:55:5b:a2:9d:cf:
         a3:be:4a:15:4e:df:0c:4c:80:52:45:66:71:1c:1d:37:22:59:
         d6:52:3e:50:59:43:11:8e:88:48:a6:49:96:37:88:06:2f:8c:
         37:c4:4d:6c:75:5b:68:b0:43:72:cb:93:05:1d:24:6e:8f:be:
         fd:6f:26:f6:2d:16:0a:6b:d1:a9:17:f1:2f:1b:65:3e:05:45:
         13:d4:b9:4f:3f:65:83:63:30:29:6c:d7:e8:cd:a0:28:01:8c:
         4b:14:bc:0f:4a:7a:57:d3:2e:f3:16:ba:99:5a:31:e9:5a:19:
         2b:30:71:ee:00:54:2e:0a:c4:65:ea:c3:b9:8c:f0:73:57:5f:
         53:f3:11:97:3f:e3:5f:36:da:a3:ef:3b:c8:5c:0e:91:4f:a2:
         07:81:ff:a1:7a:dc:b9:f7:f7:49:72:80:30:f3:fd:8c:83:25:
         ca:93:31:0a:e2:f4:ef:ad:c3:d5:b7:9a:1a:1d:2b:57:a7:7a:
         96:55:f5:dd:b7:d7:83:1f:7e:99:e4:12:1a:aa:34:e7:67:e2:
         d5:3e:5e:c5
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUZFoNFleOiuE22r9cTzM+/WtQJlswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDA1NFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZGEyN2UxZWI2MzM4YTQ0NTQwYjY1
ODU5NmUyNDBmYzdhZGFkM2YzM2I2MTZkZDEzMzBiZTdiNjkyODRlOTg2NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BfilxYTBYzRA52gGu5v1D0mXjVy
YEt2tw3OCViwd+MU2sIAwQz5sN9v5hp95g/bhAWGvUwPBwwXz88wi2VIB4GPrRK7
1Wd0Z+C5TjDfZdDzv2HENhDG36ZvdO0tYtqJ111z4yXgbFF4sRMkJOi16r2Iy67y
a+Q2/b4UBWXxzNg6dxO4OMi7mCrKgmT0S86M4Lr6ZYiQ7u2Fhiqr20Obcesx6dlr
Ov2C/0GaOyfytX0Cx2nyeLgzSKyRU665VyQ/IFBRX57qZXDkX6RcQzAfsRwp37X3
bwWPlH2qco73O3bLOhjAJym+3HdnmHkJzEx0P/QBWF+bUFReKCn2eAD6NQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNN0mw+l8jz07qPCKbrIfHwEPaqZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NiZTIyNmMyLWFlZDUtNDA0Yi1iNzRlLTNiNTQzZmM4ODdmMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaafDAMA0GCSqGSIb3DQEBCwUAA4IBAQC862j3mMS2MuLTELRD
oMgK1SfgB6ERE7hIpv8vmELZdYosw5tUNjGHnr0r4DNvn4BHVVuinc+jvkoVTt8M
TIBSRWZxHB03IlnWUj5QWUMRjohIpkmWN4gGL4w3xE1sdVtosENyy5MFHSRuj779
byb2LRYKa9GpF/EvG2U+BUUT1LlPP2WDYzApbNfozaAoAYxLFLwPSnpX0y7zFrqZ
WjHpWhkrMHHuAFQuCsRl6sO5jPBzV19T8xGXP+NfNtqj7zvIXA6RT6IHgf+hety5
9/dJcoAw8/2MgyXKkzEK4vTvrcPVt5oaHStXp3qWVfXdt9eDH36Z5BIaqjTnZ+LV
Pl7F
-----END CERTIFICATE-----