Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0b79261-895d-4047-b708-c37ef3b885f4.roa
File:                     d0b79261-895d-4047-b708-c37ef3b885f4.roa (raw, json)
Hash identifier:          tFhYZaqTi/HcqG1mlotTbYU7jgDygMh8GmBnQMkZ/Lg=
Subject key identifier:   1F:02:87:C6:92:41:DE:1D:C5:AC:AB:42:54:B4:B2:9E:73:1D:F6:7F
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       4345BD5079C69B129E05D56B94F70601AF16F8ED
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0b79261-895d-4047-b708-c37ef3b885f4.roa
Signing time:             Wed 30 Jul 2025 00:31:29 +0000
ROA not before:           Wed 30 Jul 2025 00:31:29 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:a000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:53:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:45:bd:50:79:c6:9b:12:9e:05:d5:6b:94:f7:06:01:af:16:f8:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:31:29 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=3f8b33a7bfd9e59e48c318531543f56f10f50c9e845925263d6029249849ba95, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:8b:e9:99:d0:bf:e8:31:7b:d7:e3:fe:8c:50:
                    94:cc:60:c8:96:d8:d2:7e:00:ca:73:f5:db:a9:8c:
                    2e:2f:f4:f7:e5:60:ca:78:da:41:b3:29:5e:83:bd:
                    b4:f2:b3:52:80:fb:8d:2c:b6:15:71:28:c7:83:74:
                    a4:31:d2:cf:c4:e7:d4:f2:4e:3f:30:db:e9:21:5f:
                    70:df:1c:f5:d7:e9:20:a3:e9:08:71:8f:f3:11:bc:
                    c2:46:42:84:95:67:29:00:28:ab:06:e8:09:b5:5e:
                    c3:9c:30:e2:22:7a:d0:05:8a:ec:ee:74:98:6c:37:
                    59:cc:50:9d:0b:a6:0b:3e:5f:47:98:19:1b:7e:ce:
                    02:6e:53:a8:99:ca:60:05:52:ac:e2:33:af:09:a1:
                    0d:bf:65:9d:75:84:a5:4c:c1:a6:ac:d4:af:c7:41:
                    be:cd:87:f3:e0:bc:18:f0:9b:a0:e7:1e:15:e1:b8:
                    03:e2:ca:d1:38:dd:bc:3b:ac:9b:8e:17:07:e0:c3:
                    ef:a5:67:7e:d8:d9:ae:6b:a6:a1:d9:57:d6:53:b1:
                    ca:4d:6d:57:34:96:bf:76:67:ef:1c:e7:c9:22:50:
                    a5:fa:47:ab:5d:14:2b:ff:00:88:48:9e:60:af:42:
                    c3:7c:fc:f6:4f:e8:04:9d:f1:5d:16:5f:ba:cf:d9:
                    3d:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:02:87:C6:92:41:DE:1D:C5:AC:AB:42:54:B4:B2:9E:73:1D:F6:7F
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0b79261-895d-4047-b708-c37ef3b885f4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:a000::/40

    Signature Algorithm: sha256WithRSAEncryption
         ba:40:99:c9:3d:84:91:fb:9d:c1:94:f8:f7:21:f4:16:56:df:
         2b:3b:cc:d5:e1:cf:c9:9a:4e:f2:f5:1a:d0:8d:96:5f:10:a3:
         89:72:7f:39:07:0e:fb:b5:0c:a0:ea:9d:fb:07:d6:92:85:87:
         d5:bc:0b:04:d6:f4:8b:82:90:5d:7e:47:94:55:3c:27:d1:b0:
         60:8b:0a:e6:b8:e5:3c:f5:95:da:49:83:e6:5e:d1:38:a3:01:
         41:13:14:f7:2e:95:0f:3e:88:d3:e7:d0:46:2a:35:0e:49:75:
         17:a9:38:47:10:71:bc:8f:1a:17:0a:ca:97:a5:ad:e8:5a:df:
         0d:a2:40:03:3a:af:76:ac:37:5e:db:e0:a8:58:cc:ed:d9:15:
         ab:f6:15:18:19:3c:ed:b2:dc:f8:f4:df:d1:7f:14:6f:c2:6a:
         12:65:de:dd:43:99:39:f8:59:9d:60:47:17:b6:64:78:4a:9a:
         20:1a:01:11:79:91:76:53:55:96:a1:a7:71:24:1f:2d:9a:a0:
         a3:fd:a9:25:9a:3a:fc:4f:2d:a0:ea:b8:84:eb:10:0c:d3:e2:
         ca:4e:d2:c3:bc:ff:80:4c:31:1b:76:17:09:4a:e4:f0:c2:70:
         87:df:60:1a:14:ea:f1:7d:e7:e5:a4:9e:a6:cf:7a:a6:e7:b7:
         99:89:42:dc
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQ0W9UHnGmxKeBdVrlPcGAa8W+O0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzEyOVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAM2Y4YjMzYTdiZmQ5ZTU5ZTQ4YzMx
ODUzMTU0M2Y1NmYxMGY1MGM5ZTg0NTkyNTI2M2Q2MDI5MjQ5ODQ5YmE5NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIvpmdC/6DF71+P+jFCUzGDIltjS
fgDKc/XbqYwuL/T35WDKeNpBsyleg7208rNSgPuNLLYVcSjHg3SkMdLPxOfU8k4/
MNvpIV9w3xz11+kgo+kIcY/zEbzCRkKElWcpACirBugJtV7DnDDiInrQBYrs7nSY
bDdZzFCdC6YLPl9HmBkbfs4CblOomcpgBVKs4jOvCaENv2WddYSlTMGmrNSvx0G+
zYfz4LwY8Jug5x4V4bgD4srRON28O6ybjhcH4MPvpWd+2Nmua6ah2VfWU7HKTW1X
NJa/dmfvHOfJIlCl+kerXRQr/wCISJ5gr0LDfPz2T+gEnfFdFl+6z9k9zQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFB8Ch8aSQd4dxayrQlS0sp5zHfZ/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QwYjc5MjYxLTg5NWQtNDA0Ny1iNzA4LWMzN2VmM2I4ODVmNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba96AwDQYJKoZIhvcNAQELBQADggEBALpAmck9hJH7ncGU+Pch
9BZW3ys7zNXhz8maTvL1GtCNll8Qo4lyfzkHDvu1DKDqnfsH1pKFh9W8CwTW9IuC
kF1+R5RVPCfRsGCLCua45Tz1ldpJg+Ze0TijAUETFPculQ8+iNPn0EYqNQ5JdRep
OEcQcbyPGhcKypelreha3w2iQAM6r3asN17b4KhYzO3ZFav2FRgZPO2y3Pj039F/
FG/CahJl3t1DmTn4WZ1gRxe2ZHhKmiAaARF5kXZTVZahp3EkHy2aoKP9qSWaOvxP
LaDquITrEAzT4spO0sO8/4BMMRt2FwlK5PDCcIffYBoU6vF95+WknqbPeqbnt5mJ
Qtw=
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:03:55 2025 by rpki-client