Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e03f0c1e-0bd4-423f-88c4-2877af8e66ac.roa
File:                     e03f0c1e-0bd4-423f-88c4-2877af8e66ac.roa (raw, json)
Hash identifier:          Ka50XHQXVyUHYfU1Tdoanp00CkjctQUc1+q48Agasgs=
Subject key identifier:   DE:88:86:78:F9:15:32:8D:C8:DF:AD:3E:E2:65:6F:B1:D2:43:47:00
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       22BA09D38212AE5EA98F70B4BB53F8B25392F89D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e03f0c1e-0bd4-423f-88c4-2877af8e66ac.roa
Signing time:             Tue 13 May 2025 00:01:36 +0000
ROA not before:           Tue 13 May 2025 00:01:36 +0000
ROA not after:            Tue 17 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:840::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:53:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:ba:09:d3:82:12:ae:5e:a9:8f:70:b4:bb:53:f8:b2:53:92:f8:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 13 00:01:36 2025 GMT
            Not After : Jun 17 23:59:59 2025 GMT
        Subject: serialNumber=c7cd6cb50938f4fa09f3bec80c2e464a138a5db02ad0c248c8e565bef839c8a1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:5e:38:4e:73:f2:4e:75:55:ed:ea:79:87:3e:
                    22:c7:d0:bb:25:f4:99:a2:b9:b6:05:f2:38:ef:96:
                    dd:9e:df:ee:f3:ed:a1:b8:ad:d4:9d:6e:08:32:1a:
                    9b:d2:0d:d4:bf:f3:13:88:92:e8:fd:f4:b8:41:de:
                    2f:e6:86:39:01:f1:81:7d:53:65:f9:61:58:d4:e2:
                    47:3a:bf:8f:5e:a1:9b:0a:9c:49:90:43:a8:1d:d3:
                    0d:5d:00:7d:24:ba:8f:be:cf:e7:02:5d:8c:36:ec:
                    ce:f0:79:de:bd:75:39:a9:a8:23:c8:d7:7d:21:69:
                    ae:8a:44:25:b2:83:1b:56:df:52:02:59:6c:62:02:
                    8f:b1:32:01:b6:75:25:f2:e8:66:c2:61:a0:c6:33:
                    51:68:b6:b9:a7:3a:2d:c1:4b:df:f6:65:68:37:2e:
                    f3:2d:9b:5e:34:a2:c5:16:67:04:3c:38:eb:6b:37:
                    7a:a0:44:2e:ad:b6:44:9c:43:75:dc:f9:b9:59:b8:
                    ca:0d:1c:15:9f:d7:46:e7:58:7e:4a:d4:32:ae:d8:
                    44:4c:df:5e:ac:68:53:cd:5d:1d:c3:3f:79:06:0b:
                    b8:a8:11:53:47:0f:a4:fa:ab:b1:c7:e6:70:c5:43:
                    44:32:fc:40:b4:97:34:45:e2:10:45:de:f4:bc:3f:
                    87:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:88:86:78:F9:15:32:8D:C8:DF:AD:3E:E2:65:6F:B1:D2:43:47:00
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e03f0c1e-0bd4-423f-88c4-2877af8e66ac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:840::/48

    Signature Algorithm: sha256WithRSAEncryption
         3a:8a:f0:5f:77:ca:61:33:1e:6f:0b:b1:1a:d9:d6:ee:79:4c:
         0f:fe:f7:f7:bc:74:c0:da:b0:6a:2c:d5:05:5e:40:25:e7:f8:
         5f:c8:f7:7c:6a:a7:60:01:68:65:ce:4f:1b:d1:d5:43:60:a8:
         01:e9:7c:a3:b8:80:19:b8:15:a8:ce:32:10:f2:eb:bf:7f:39:
         67:e2:20:b7:98:58:b7:3e:79:53:e4:5a:86:d2:8a:cf:37:86:
         9c:f9:41:81:23:50:11:98:bf:a8:a1:76:f3:c0:25:e0:17:23:
         6b:49:c9:d6:af:20:71:7e:d9:75:c4:37:6e:de:35:76:a1:67:
         7f:f0:91:94:c0:8b:eb:bf:00:18:90:b9:21:05:43:fd:94:4c:
         9d:b5:cd:1b:13:dd:59:84:cd:64:91:3c:a3:67:4f:61:c8:0c:
         d3:cd:88:a2:0d:4a:5a:8f:b3:e2:e9:e2:c6:9d:19:88:c9:6a:
         4b:a9:b4:6b:e9:25:2b:a4:e3:e9:0c:83:5d:de:5b:aa:f4:16:
         41:29:ca:12:56:cb:be:a0:15:1d:13:f5:99:3d:be:8d:6f:d8:
         65:7f:5d:bf:41:6f:8a:c9:22:86:f9:c3:9d:b1:19:dc:80:7d:
         3f:46:3a:3d:ba:2a:97:e7:fc:c6:7e:6e:14:5a:4c:6f:54:1d:
         23:ac:71:df
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUIroJ04ISrl6pj3C0u1P4slOS+J0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMDEzNloX
DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAYzdjZDZjYjUwOTM4ZjRmYTA5ZjNi
ZWM4MGMyZTQ2NGExMzhhNWRiMDJhZDBjMjQ4YzhlNTY1YmVmODM5YzhhMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol44TnPyTnVV7ep5hz4ix9C7JfSZ
orm2BfI475bdnt/u8+2huK3UnW4IMhqb0g3Uv/MTiJLo/fS4Qd4v5oY5AfGBfVNl
+WFY1OJHOr+PXqGbCpxJkEOoHdMNXQB9JLqPvs/nAl2MNuzO8HnevXU5qagjyNd9
IWmuikQlsoMbVt9SAllsYgKPsTIBtnUl8uhmwmGgxjNRaLa5pzotwUvf9mVoNy7z
LZteNKLFFmcEPDjrazd6oEQurbZEnEN13Pm5WbjKDRwVn9dG51h+StQyrthETN9e
rGhTzV0dwz95Bgu4qBFTRw+k+quxx+ZwxUNEMvxAtJc0ReIQRd70vD+HlQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFN6Ihnj5FTKNyN+tPuJlb7HSQ0cAMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UwM2YwYzFlLTBiZDQtNDIzZi04OGM0LTI4NzdhZjhlNjZhYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9AhAMA0GCSqGSIb3DQEBCwUAA4IBAQA6ivBfd8phMx5vC7Ea
2dbueUwP/vf3vHTA2rBqLNUFXkAl5/hfyPd8aqdgAWhlzk8b0dVDYKgB6XyjuIAZ
uBWozjIQ8uu/fzln4iC3mFi3PnlT5FqG0orPN4ac+UGBI1ARmL+ooXbzwCXgFyNr
ScnWryBxftl1xDdu3jV2oWd/8JGUwIvrvwAYkLkhBUP9lEydtc0bE91ZhM1kkTyj
Z09hyAzTzYiiDUpaj7Pi6eLGnRmIyWpLqbRr6SUrpOPpDINd3luq9BZBKcoSVsu+
oBUdE/WZPb6Nb9hlf12/QW+KySKG+cOdsRncgH0/Rjo9uiqX5/zGfm4UWkxvVB0j
rHHf
-----END CERTIFICATE-----