Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da029f34-cd38-4756-993f-704db5aee20c.roa
File:                     da029f34-cd38-4756-993f-704db5aee20c.roa (raw, json)
Hash identifier:          z1RrfJs3MaTKwsXJeNFiIg/bg5ExHsAUmq6s7cajqZw=
Subject key identifier:   27:1D:CD:4A:C9:82:B3:16:1D:FF:4D:E1:08:7D:A6:1B:DE:58:B5:3A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7F89925F23F11D0CBB6FCD1B63702FB3F7EB7404
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da029f34-cd38-4756-993f-704db5aee20c.roa
Signing time:             Wed 30 Jul 2025 00:10:16 +0000
ROA not before:           Wed 30 Jul 2025 00:10:16 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:4840::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:22:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:89:92:5f:23:f1:1d:0c:bb:6f:cd:1b:63:70:2f:b3:f7:eb:74:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:10:16 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=75fb38c8ae4561085b90be1384bc3ebdc9e12056ebcb614c0dc0ad6528ff61a5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:59:b0:c9:7c:bd:1e:da:aa:75:2e:9a:f9:50:
                    b6:a8:b4:1b:8e:50:07:11:c6:b6:e4:dc:15:30:18:
                    ee:c9:cb:44:d8:d0:42:df:7d:bc:7e:45:28:d4:86:
                    10:6f:fb:2a:bf:eb:b1:74:c3:b6:30:54:86:17:7e:
                    97:8a:2a:7e:9e:5e:6a:86:34:64:a2:27:e3:86:31:
                    07:3f:b3:9a:dd:55:9e:33:2e:c7:75:ef:91:d8:20:
                    d0:eb:8b:41:fd:e9:70:78:71:68:0b:13:42:10:85:
                    47:e7:a7:19:b9:86:e2:89:66:df:be:17:75:18:0f:
                    16:0d:e7:5d:3d:5f:52:e0:04:d9:66:7c:10:29:40:
                    bd:b5:8a:5b:ac:46:98:7a:98:6e:e0:a7:75:b0:26:
                    ac:fc:7b:a4:0c:75:4f:37:1d:d9:84:b2:9b:7a:2f:
                    52:ba:4b:04:4d:98:e6:d3:db:2b:45:6f:76:8c:b3:
                    01:91:4c:34:17:ab:c2:81:69:c6:2b:21:74:c9:9e:
                    2f:38:93:30:95:ec:df:b9:d1:3e:26:b9:9d:5d:4f:
                    ea:d1:64:4f:ff:f7:f9:7c:0e:ac:b1:74:ac:f1:24:
                    ee:a6:e5:cf:2e:57:b1:e9:d6:51:3d:5e:59:eb:c3:
                    d7:b2:b8:93:1e:43:84:49:bd:5e:ba:c1:6f:dd:6f:
                    66:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:1D:CD:4A:C9:82:B3:16:1D:FF:4D:E1:08:7D:A6:1B:DE:58:B5:3A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da029f34-cd38-4756-993f-704db5aee20c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:4840::/46

    Signature Algorithm: sha256WithRSAEncryption
         75:50:1e:81:29:93:b7:36:aa:2f:c5:5c:ee:af:3f:2c:f4:49:
         c7:8f:96:15:69:ca:7e:ff:81:d2:27:cf:ad:4e:ae:97:a7:1f:
         68:a9:10:3b:50:58:06:3d:f0:75:ff:dd:72:35:28:0c:ff:b1:
         ed:0e:75:2b:38:2c:3e:00:12:66:29:9a:5e:b0:8e:35:5e:63:
         25:70:5b:68:c3:26:a6:78:96:fb:37:41:e9:30:f5:a5:40:f1:
         a4:c1:42:36:94:48:e0:07:d7:dc:0e:35:14:e7:c1:89:bc:27:
         77:07:6b:f6:34:0c:05:73:f0:e6:4c:d6:0d:1c:f3:06:31:d9:
         cc:a2:91:47:70:b1:97:71:5c:44:e0:58:85:a2:f4:94:0d:cf:
         0f:b6:8c:c2:56:80:98:1a:bb:d9:7c:af:a1:f3:1b:17:33:3d:
         92:e6:8b:de:cf:d9:e9:b9:8f:f4:4e:a2:65:31:67:11:61:73:
         52:3d:9b:07:78:26:17:11:b0:e8:a8:75:27:5a:26:e9:13:a0:
         95:3c:19:73:ff:e2:58:3e:bc:f7:80:9e:ce:ad:5d:fc:15:fd:
         cf:d0:3f:30:f9:1f:93:ed:e7:db:4d:96:2d:77:dc:65:ac:29:
         16:ad:4a:83:26:01:48:cd:f4:45:fc:78:07:0d:f0:98:b6:11:
         7f:e7:a3:9d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUf4mSXyPxHQy7b80bY3Avs/frdAQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMTAxNloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANzVmYjM4YzhhZTQ1NjEwODViOTBi
ZTEzODRiYzNlYmRjOWUxMjA1NmViY2I2MTRjMGRjMGFkNjUyOGZmNjFhNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplmwyXy9HtqqdS6a+VC2qLQbjlAH
Eca25NwVMBjuyctE2NBC3328fkUo1IYQb/sqv+uxdMO2MFSGF36Xiip+nl5qhjRk
oifjhjEHP7Oa3VWeMy7Hde+R2CDQ64tB/elweHFoCxNCEIVH56cZuYbiiWbfvhd1
GA8WDeddPV9S4ATZZnwQKUC9tYpbrEaYephu4Kd1sCas/HukDHVPNx3ZhLKbei9S
uksETZjm09srRW92jLMBkUw0F6vCgWnGKyF0yZ4vOJMwlezfudE+JrmdXU/q0WRP
//f5fA6ssXSs8STupuXPLlex6dZRPV5Z68PXsriTHkOESb1eusFv3W9mVQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCcdzUrJgrMWHf9N4Qh9phveWLU6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RhMDI5ZjM0LWNkMzgtNDc1Ni05OTNmLTcwNGRiNWFlZTIwYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba90hAMA0GCSqGSIb3DQEBCwUAA4IBAQB1UB6BKZO3NqovxVzu
rz8s9EnHj5YVacp+/4HSJ8+tTq6Xpx9oqRA7UFgGPfB1/91yNSgM/7HtDnUrOCw+
ABJmKZpesI41XmMlcFtowyameJb7N0HpMPWlQPGkwUI2lEjgB9fcDjUU58GJvCd3
B2v2NAwFc/DmTNYNHPMGMdnMopFHcLGXcVxE4FiFovSUDc8PtozCVoCYGrvZfK+h
8xsXMz2S5ovez9npuY/0TqJlMWcRYXNSPZsHeCYXEbDoqHUnWibpE6CVPBlz/+JY
Prz3gJ7OrV38Ff3P0D8w+R+T7efbTZYtd9xlrCkWrUqDJgFIzfRF/HgHDfCYthF/
56Od
-----END CERTIFICATE-----