Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05618a3-4233-4053-bd34-b1b7961f286c.roa
File:                     e05618a3-4233-4053-bd34-b1b7961f286c.roa (raw, json)
Hash identifier:          JL44NEe1oNn1zzJf1Yx9IqV5M5KU6mGH+AotzyP5hyM=
Subject key identifier:   41:0E:6D:DF:ED:7F:F7:23:23:BC:BF:AB:48:8A:68:86:60:42:39:09
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       72BF5D28691A70625694BD8F6043B26CBDEED97A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05618a3-4233-4053-bd34-b1b7961f286c.roa
Signing time:             Wed 30 Jul 2025 00:50:48 +0000
ROA not before:           Wed 30 Jul 2025 00:50:48 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:28c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 17:54:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:bf:5d:28:69:1a:70:62:56:94:bd:8f:60:43:b2:6c:bd:ee:d9:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:50:48 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=146875037d7b7f741cecca670c5d23660fc6cf6ae5133f35d6c3345a27436442, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f3:20:86:b1:e5:ff:0f:8c:80:ed:91:b9:a3:
                    86:96:20:6d:e4:af:77:8f:65:93:d4:9b:62:5d:64:
                    6f:af:be:14:38:5d:ec:7c:ba:6f:14:f8:79:30:13:
                    13:9e:37:b4:c4:43:da:68:13:59:3f:9b:92:59:9d:
                    7d:a8:ae:f9:90:1c:df:a2:b2:de:13:47:fd:c3:79:
                    dc:56:4d:26:ed:42:2d:c7:7f:c3:a8:84:db:fd:33:
                    2c:19:42:4e:cd:a1:b7:f0:98:84:b7:1a:8d:db:23:
                    eb:36:e1:b7:a3:36:0f:42:5e:97:5f:34:2e:d8:79:
                    4d:06:d9:43:da:ea:38:cc:73:31:37:c0:b3:eb:92:
                    c6:e4:87:1b:ef:f6:25:cf:be:47:5d:54:c2:66:c8:
                    c0:3d:04:81:1d:3b:29:43:ca:0d:68:59:51:dc:61:
                    4a:bc:b0:00:b9:72:46:f5:13:89:b2:07:12:f2:06:
                    b0:34:86:3a:bd:71:18:61:bc:fb:6d:08:46:0b:db:
                    00:a1:fb:e8:c4:4a:1d:44:c6:28:49:ef:d3:b0:c4:
                    98:fa:75:b0:1b:bf:34:81:da:6a:30:14:61:c8:23:
                    c6:cc:14:1f:b2:a9:b6:ba:52:80:31:6a:dc:00:25:
                    14:89:9e:89:fd:90:3b:27:2a:bc:81:65:42:a0:83:
                    0b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:0E:6D:DF:ED:7F:F7:23:23:BC:BF:AB:48:8A:68:86:60:42:39:09
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05618a3-4233-4053-bd34-b1b7961f286c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:28c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         aa:90:9a:dc:7c:89:be:e4:8e:9e:c3:0e:c0:f7:2d:31:60:0f:
         62:93:f2:5d:b7:b3:2f:0c:45:95:4d:04:f4:8b:5d:0d:8d:4e:
         f7:7f:ad:96:8b:c8:6d:4b:8c:9c:24:76:4e:13:b6:af:42:bd:
         be:82:ee:ad:db:2b:29:56:2a:64:e1:6b:96:df:11:d9:69:40:
         df:62:17:cd:77:c7:aa:b4:26:55:02:03:d2:a9:41:e7:8e:7b:
         30:fb:e2:38:40:65:53:a0:d6:fa:ba:f7:e9:a9:21:f6:ac:f3:
         50:70:f2:87:44:52:d2:4c:44:08:9f:5e:70:22:7a:09:7e:20:
         ae:56:b9:ef:f6:8e:4a:3f:7a:c7:b5:3d:b9:f8:64:10:a9:e1:
         6f:bc:61:ec:50:57:f4:99:0f:7d:13:4a:df:7d:8f:2a:33:73:
         61:74:58:8e:cf:19:04:05:00:2b:62:65:21:f6:b3:a1:47:26:
         1a:9a:b9:c5:8e:e8:bf:5e:2d:0b:14:0c:45:45:64:dd:58:ae:
         3e:70:35:35:cb:da:d4:dc:f2:7d:24:92:a8:42:b3:26:2a:26:
         89:aa:0d:94:ed:1c:67:94:78:b6:fd:05:32:d3:26:e4:fc:2f:
         09:e0:fb:a6:5f:0d:78:83:b7:10:36:89:20:f0:79:2f:48:da:
         53:39:c9:e5
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUcr9dKGkacGJWlL2PYEOybL3u2XowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTA0OFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMTQ2ODc1MDM3ZDdiN2Y3NDFjZWNj
YTY3MGM1ZDIzNjYwZmM2Y2Y2YWU1MTMzZjM1ZDZjMzM0NWEyNzQzNjQ0MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPMghrHl/w+MgO2RuaOGliBt5K93
j2WT1JtiXWRvr74UOF3sfLpvFPh5MBMTnje0xEPaaBNZP5uSWZ19qK75kBzforLe
E0f9w3ncVk0m7UItx3/DqITb/TMsGUJOzaG38JiEtxqN2yPrNuG3ozYPQl6XXzQu
2HlNBtlD2uo4zHMxN8Cz65LG5Icb7/Ylz75HXVTCZsjAPQSBHTspQ8oNaFlR3GFK
vLAAuXJG9ROJsgcS8gawNIY6vXEYYbz7bQhGC9sAofvoxEodRMYoSe/TsMSY+nWw
G780gdpqMBRhyCPGzBQfsqm2ulKAMWrcACUUiZ6J/ZA7Jyq8gWVCoIMLswIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEEObd/tf/cjI7y/q0iKaIZgQjkJMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UwNTYxOGEzLTQyMzMtNDA1My1iZDM0LWIxYjc5NjFmMjg2Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaSjAMA0GCSqGSIb3DQEBCwUAA4IBAQCqkJrcfIm+5I6eww7A
9y0xYA9ik/Jdt7MvDEWVTQT0i10NjU73f62Wi8htS4ycJHZOE7avQr2+gu6t2ysp
Vipk4WuW3xHZaUDfYhfNd8eqtCZVAgPSqUHnjnsw++I4QGVToNb6uvfpqSH2rPNQ
cPKHRFLSTEQIn15wInoJfiCuVrnv9o5KP3rHtT25+GQQqeFvvGHsUFf0mQ99E0rf
fY8qM3NhdFiOzxkEBQArYmUh9rOhRyYamrnFjui/Xi0LFAxFRWTdWK4+cDU1y9rU
3PJ9JJKoQrMmKiaJqg2U7RxnlHi2/QUy0ybk/C8J4PumXw14g7cQNokg8HkvSNpT
Ocnl
-----END CERTIFICATE-----