Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa
File:                     dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa (raw, json)
Hash identifier:          aGJKT6LK/Yic1XudkDVMzDvgK82rIny9LCbOPBcQJnw=
Subject key identifier:   97:5F:5A:75:7A:5A:C7:B1:89:79:60:2B:5B:CB:8B:0B:DF:57:41:F6
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6BEEC1329F90CF3681F259FB7C629987AF69B4C7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa
Signing time:             Wed 30 Jul 2025 00:10:42 +0000
ROA not before:           Wed 30 Jul 2025 00:10:42 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:80c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:38:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:ee:c1:32:9f:90:cf:36:81:f2:59:fb:7c:62:99:87:af:69:b4:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:10:42 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=f0b173e5f744ff63d563bb092e370f60259c9ae1ff8ced49e63b494793886a42, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f2:75:ef:a1:4a:9d:9b:f8:d8:f5:29:bd:19:
                    88:e9:bc:72:a9:16:83:e2:8f:66:9d:43:ae:88:b0:
                    c5:0f:dd:f4:83:b0:cf:7a:c8:f4:c9:b0:5b:57:47:
                    09:c7:e9:2d:8b:c5:91:02:45:78:56:7e:2a:a0:0c:
                    23:d1:9c:d6:02:0b:ee:d7:e4:48:06:3a:a4:40:5a:
                    e5:1e:05:3f:ef:08:80:d5:e7:71:7a:14:9f:7e:ce:
                    16:71:81:ba:8b:f4:ec:53:3a:54:56:f6:eb:45:ae:
                    4d:1d:5d:10:34:18:8c:d7:8a:9a:7e:8f:b6:77:29:
                    17:27:ef:6b:ff:5b:a8:d2:10:4a:22:6a:1d:ca:3b:
                    c2:ae:fa:48:52:4d:79:b0:e3:b0:09:aa:e5:de:79:
                    f0:ea:e5:71:22:0e:89:00:dd:7d:11:6f:bc:f2:20:
                    f1:bf:a7:de:3a:b5:ce:d9:6e:4e:23:1a:c5:65:b3:
                    3b:01:eb:38:21:05:ae:2b:07:68:5d:ff:88:8b:a5:
                    39:e8:b8:36:9d:d0:7e:e9:cc:09:4a:f1:67:db:51:
                    30:76:3e:67:be:bc:af:19:1d:ee:cc:3d:f4:db:2a:
                    44:45:88:d5:66:fd:eb:90:6f:2a:2c:25:59:ec:81:
                    81:e4:4e:2d:a4:81:7b:fe:71:a7:f3:7e:49:6c:92:
                    d2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:5F:5A:75:7A:5A:C7:B1:89:79:60:2B:5B:CB:8B:0B:DF:57:41:F6
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd94e529-589f-4ac6-9c41-cf42be7e4edd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:80c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         b4:c7:a9:57:65:b0:b0:a2:54:97:85:96:6a:aa:fb:e6:ff:4e:
         c2:05:2d:90:8e:bf:cf:a0:de:64:82:13:7e:b4:12:f9:86:cf:
         b9:64:da:15:d9:92:ef:fa:2f:30:d5:f4:33:9a:b0:f2:cf:84:
         77:10:f6:13:7b:d4:9e:ba:a2:82:5e:2f:d9:82:10:ef:39:93:
         ce:23:e6:76:50:c6:a9:63:e8:69:07:c0:e0:4d:6d:43:d8:bb:
         b2:00:20:6f:97:ed:37:60:b7:8f:e2:4d:d6:b6:f7:a9:9d:10:
         f1:09:33:7f:4c:e7:36:d4:35:c1:3f:5b:17:d2:2a:fa:8d:ad:
         04:db:62:1e:79:6d:8d:1a:c5:3b:83:4d:42:f6:06:5e:d1:ef:
         6a:25:b3:2b:7c:38:6e:2c:1e:80:3b:6b:e4:4e:6d:f2:a6:02:
         c1:7a:08:2f:2a:4c:ba:b1:86:77:25:e3:b2:d8:f5:79:f1:00:
         3f:d5:4e:61:ca:7f:20:d0:7a:8e:e7:8a:ed:07:81:7e:b8:21:
         0f:7d:45:49:df:4a:d1:70:29:8d:1e:33:fc:4b:02:15:b5:84:
         2f:1f:2f:17:06:3b:13:1c:e2:ae:d4:fa:3b:cc:32:df:82:b3:
         e2:ed:e9:6c:fa:0f:06:f0:0f:4d:4a:b8:75:b5:07:c0:94:b3:
         3f:e2:d7:24
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUa+7BMp+QzzaB8ln7fGKZh69ptMcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMTA0MloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZjBiMTczZTVmNzQ0ZmY2M2Q1NjNi
YjA5MmUzNzBmNjAyNTljOWFlMWZmOGNlZDQ5ZTYzYjQ5NDc5Mzg4NmE0MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPJ176FKnZv42PUpvRmI6bxyqRaD
4o9mnUOuiLDFD930g7DPesj0ybBbV0cJx+kti8WRAkV4Vn4qoAwj0ZzWAgvu1+RI
BjqkQFrlHgU/7wiA1edxehSffs4WcYG6i/TsUzpUVvbrRa5NHV0QNBiM14qafo+2
dykXJ+9r/1uo0hBKImodyjvCrvpIUk15sOOwCarl3nnw6uVxIg6JAN19EW+88iDx
v6feOrXO2W5OIxrFZbM7Aes4IQWuKwdoXf+Ii6U56Lg2ndB+6cwJSvFn21Ewdj5n
vryvGR3uzD302ypERYjVZv3rkG8qLCVZ7IGB5E4tpIF7/nGn835JbJLSSwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJdfWnV6WsexiXlgK1vLiwvfV0H2MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RkOTRlNTI5LTU4OWYtNGFjNi05YzQxLWNmNDJiZTdlNGVkZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+4DAMA0GCSqGSIb3DQEBCwUAA4IBAQC0x6lXZbCwolSXhZZq
qvvm/07CBS2Qjr/PoN5kghN+tBL5hs+5ZNoV2ZLv+i8w1fQzmrDyz4R3EPYTe9Se
uqKCXi/ZghDvOZPOI+Z2UMapY+hpB8DgTW1D2LuyACBvl+03YLeP4k3WtvepnRDx
CTN/TOc21DXBP1sX0ir6ja0E22IeeW2NGsU7g01C9gZe0e9qJbMrfDhuLB6AO2vk
Tm3ypgLBeggvKky6sYZ3JeOy2PV58QA/1U5hyn8g0HqO54rtB4F+uCEPfUVJ30rR
cCmNHjP8SwIVtYQvHy8XBjsTHOKu1Po7zDLfgrPi7els+g8G8A9NSrh1tQfAlLM/
4tck
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:57:26 2025 by rpki-client