Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7e3992-4619-412d-a3bd-6b6b0c457ed0.roa
File:                     cc7e3992-4619-412d-a3bd-6b6b0c457ed0.roa (raw, json)
Hash identifier:          Lo83zXzC2xCESn3zDxaKK1oIBRWK1HBYIB7O7uoV4SE=
Subject key identifier:   67:F0:53:52:64:D5:86:5D:F3:76:C3:A1:DB:06:B2:F2:E8:44:C6:4F
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5C195CFDA3E34CE5C30B62A6EDB0BF49617D3ADC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7e3992-4619-412d-a3bd-6b6b0c457ed0.roa
Signing time:             Tue 13 May 2025 00:11:26 +0000
ROA not before:           Tue 13 May 2025 00:11:26 +0000
ROA not after:            Tue 17 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:8880::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:53:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:19:5c:fd:a3:e3:4c:e5:c3:0b:62:a6:ed:b0:bf:49:61:7d:3a:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 13 00:11:26 2025 GMT
            Not After : Jun 17 23:59:59 2025 GMT
        Subject: serialNumber=f5d2e9fdb368a784c9011647c9b9327d2bc17d291df759bc13da3b4de54b45bf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f4:4b:8a:85:56:1b:0c:91:10:54:f2:60:d2:
                    25:78:a6:a4:3a:ef:2f:f8:a4:58:ba:76:40:7e:87:
                    05:54:5d:8b:e4:84:6c:0b:c9:15:db:11:33:46:37:
                    ff:1c:86:d5:0c:90:d1:64:38:38:05:82:56:8f:19:
                    f6:f9:29:b8:92:c0:80:f3:78:d4:2e:95:6f:5a:d7:
                    16:de:ef:d0:a1:aa:87:4c:3b:34:d9:1c:38:20:5f:
                    bc:c3:42:2f:dd:e3:9e:0f:b0:13:24:4a:1d:44:94:
                    3a:80:ee:37:7a:da:e3:b5:18:76:39:cd:11:b1:17:
                    10:4c:5d:a1:5c:71:dd:7b:6c:5e:86:66:b8:19:6f:
                    0f:64:80:26:c9:0f:02:96:1d:ba:46:54:ca:0e:cf:
                    69:fd:ec:0c:f7:c7:8d:f6:15:04:2f:b9:02:8a:2f:
                    cd:53:e6:87:8b:66:51:31:cb:32:58:c0:a3:ef:23:
                    06:b2:b5:9e:d4:33:20:c6:9b:c5:9e:8b:0c:fc:e9:
                    3b:c6:17:63:04:3d:48:af:75:c2:5b:6d:9a:b4:aa:
                    50:2b:55:c9:44:da:86:80:3c:91:80:69:20:aa:51:
                    6e:f3:a6:08:75:67:65:c9:fc:1d:23:63:9f:56:82:
                    59:c5:1e:8f:0b:e5:6a:ca:58:b6:cd:3d:29:b1:04:
                    e7:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:F0:53:52:64:D5:86:5D:F3:76:C3:A1:DB:06:B2:F2:E8:44:C6:4F
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7e3992-4619-412d-a3bd-6b6b0c457ed0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:8880::/48

    Signature Algorithm: sha256WithRSAEncryption
         9d:56:73:39:d3:e5:0c:60:7f:3a:10:0f:fa:24:0a:98:27:bf:
         d8:b7:fe:8e:02:71:91:07:18:79:13:f9:38:ad:83:cc:0d:f4:
         33:b8:08:5d:36:26:51:2b:5e:a4:fa:3b:6e:50:ff:94:8d:e0:
         75:e2:ab:d4:37:40:78:f2:48:ae:f9:3f:f4:8a:36:9e:69:cf:
         30:a6:12:15:1c:64:f6:a1:cc:28:3f:91:69:f2:94:b7:16:ff:
         db:80:df:06:b1:b2:ba:34:e9:01:06:1e:19:43:8d:a3:85:a5:
         39:80:fb:88:08:e0:6b:32:67:67:ec:94:48:3f:f7:43:38:cd:
         41:ad:8f:a5:2f:37:4c:b1:02:92:13:cf:f6:4a:c1:bf:17:3d:
         01:f3:4e:04:7c:2e:c8:fc:bc:d2:ee:9a:fc:1b:93:1f:a4:27:
         12:ac:2d:96:87:11:83:38:86:40:44:53:cf:79:df:d8:d6:ee:
         42:fe:ef:cb:be:52:e5:22:7d:76:9d:55:68:22:f9:1f:30:e5:
         2f:c7:f5:68:cf:61:81:e0:07:32:9e:7b:4c:e1:77:37:f0:d7:
         1e:96:a2:fa:50:03:a0:26:6e:56:58:99:f5:01:91:19:1a:3d:
         21:92:98:86:91:e7:0a:c9:3c:c2:46:1a:39:e1:08:c3:f3:d1:
         d0:34:2e:63
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUXBlc/aPjTOXDC2Km7bC/SWF9OtwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMTEyNloX
DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAZjVkMmU5ZmRiMzY4YTc4NGM5MDEx
NjQ3YzliOTMyN2QyYmMxN2QyOTFkZjc1OWJjMTNkYTNiNGRlNTRiNDViZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPRLioVWGwyREFTyYNIleKakOu8v
+KRYunZAfocFVF2L5IRsC8kV2xEzRjf/HIbVDJDRZDg4BYJWjxn2+Sm4ksCA83jU
LpVvWtcW3u/QoaqHTDs02Rw4IF+8w0Iv3eOeD7ATJEodRJQ6gO43etrjtRh2Oc0R
sRcQTF2hXHHde2xehma4GW8PZIAmyQ8Clh26RlTKDs9p/ewM98eN9hUEL7kCii/N
U+aHi2ZRMcsyWMCj7yMGsrWe1DMgxpvFnosM/Ok7xhdjBD1Ir3XCW22atKpQK1XJ
RNqGgDyRgGkgqlFu86YIdWdlyfwdI2OfVoJZxR6PC+Vqyli2zT0psQTnawIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGfwU1Jk1YZd83bDodsGsvLoRMZPMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NjN2UzOTkyLTQ2MTktNDEyZC1hM2JkLTZiNmIwYzQ1N2VkMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9IiAMA0GCSqGSIb3DQEBCwUAA4IBAQCdVnM50+UMYH86EA/6
JAqYJ7/Yt/6OAnGRBxh5E/k4rYPMDfQzuAhdNiZRK16k+jtuUP+UjeB14qvUN0B4
8kiu+T/0ijaeac8wphIVHGT2ocwoP5Fp8pS3Fv/bgN8GsbK6NOkBBh4ZQ42jhaU5
gPuICOBrMmdn7JRIP/dDOM1BrY+lLzdMsQKSE8/2SsG/Fz0B804EfC7I/LzS7pr8
G5MfpCcSrC2WhxGDOIZARFPPed/Y1u5C/u/LvlLlIn12nVVoIvkfMOUvx/Voz2GB
4AcynntM4Xc38NcelqL6UAOgJm5WWJn1AZEZGj0hkpiGkecKyTzCRho54QjD89HQ
NC5j
-----END CERTIFICATE-----