Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e43d17b5-5114-480a-8ac4-3d118a4eb2c9.roa
File:                     e43d17b5-5114-480a-8ac4-3d118a4eb2c9.roa (raw, json)
Hash identifier:          gW2uDqOVS4dvn0uDy9XnG8KMP2ZPdGk398FFQbt5Rls=
Subject key identifier:   99:3D:86:1C:5E:59:E3:1C:63:7F:5A:E6:A5:AC:44:C0:AA:B5:DC:90
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3D9C5D1705A7DE4977B8C9399C0FF8AA5C6A4EBC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e43d17b5-5114-480a-8ac4-3d118a4eb2c9.roa
Signing time:             Thu 22 May 2025 00:36:58 +0000
ROA not before:           Thu 22 May 2025 00:36:58 +0000
ROA not after:            Thu 26 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab9:2840::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:38:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:9c:5d:17:05:a7:de:49:77:b8:c9:39:9c:0f:f8:aa:5c:6a:4e:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 22 00:36:58 2025 GMT
            Not After : Jun 26 23:59:59 2025 GMT
        Subject: serialNumber=2a1fc6b042d518104baf3fdf10d317d642d83b45505a58d966f964c311614268, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:5c:27:02:b1:d0:be:c5:b0:a4:8c:a5:39:6e:
                    2f:c2:e2:04:f2:43:eb:a9:f8:b7:cc:1d:e6:0f:b1:
                    4f:d7:3e:af:c0:e6:5f:0a:79:c2:30:a0:f2:2e:59:
                    a3:2f:8a:ef:9b:dd:68:d5:19:8d:07:ee:42:60:97:
                    03:ab:3b:56:e3:6d:a6:88:ae:ee:84:80:91:f3:98:
                    db:3c:b8:99:0d:5b:1f:5b:df:8f:a6:bd:7f:86:a0:
                    e6:cf:e8:42:fc:5c:83:5d:c2:12:e2:17:5d:2e:f3:
                    a1:3d:42:b4:07:12:f2:64:2d:41:e7:62:bf:e4:2f:
                    ea:64:3a:f7:76:55:bb:2e:05:20:7f:4b:27:2a:2c:
                    e0:59:f2:f4:ea:5e:78:32:66:3a:a0:9e:06:1c:f3:
                    70:d0:24:50:49:75:ff:da:f4:cb:a1:a4:6b:91:e7:
                    f6:dc:27:31:d4:47:4d:ce:80:0d:25:7d:a7:dc:9a:
                    c8:c3:37:55:af:67:d0:9d:2a:df:f8:e5:c5:f7:5e:
                    2b:1e:94:30:4e:5e:ad:09:5d:f2:64:68:3a:c0:7f:
                    04:5c:7d:24:b4:a7:7e:72:80:ec:d4:86:c8:eb:b4:
                    1f:8f:1a:bf:2c:da:e1:04:2d:4d:ef:1c:b2:90:bd:
                    d1:dd:5b:43:36:43:dd:11:bd:60:a6:43:1d:fd:e5:
                    69:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:3D:86:1C:5E:59:E3:1C:63:7F:5A:E6:A5:AC:44:C0:AA:B5:DC:90
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e43d17b5-5114-480a-8ac4-3d118a4eb2c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab9:2840::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:54:6b:15:5f:40:20:9d:34:ea:a2:ca:b0:f0:1e:a1:00:af:
         0d:e5:d8:15:c0:c6:f0:54:60:6c:bb:23:8a:68:aa:c1:c9:1f:
         9f:b7:71:9d:f2:d0:b3:89:2c:35:04:54:e5:6a:1f:33:95:3e:
         df:c5:d8:a3:a5:79:f9:ed:b4:25:db:88:9f:08:e7:96:18:01:
         ef:93:e3:37:fe:5a:f1:63:d0:87:45:69:99:ee:e1:eb:44:2b:
         ff:62:5e:b5:44:8b:bb:89:d8:32:74:c1:2d:16:a3:a6:55:7b:
         a8:61:43:0a:15:91:9e:45:2d:80:c9:13:a2:89:c0:92:8e:c6:
         35:71:11:b5:df:50:08:cd:9d:6e:81:7a:53:0b:79:14:a8:a8:
         ce:0a:ba:e7:04:0b:6e:1e:9a:f1:1a:d9:c5:94:70:93:0a:df:
         45:5b:f5:bc:0e:0c:3d:2a:83:5c:29:ca:1b:fd:c2:57:d0:54:
         aa:05:dc:e5:84:4e:23:b3:c8:7c:03:d3:d9:0e:41:cb:eb:2d:
         cc:f5:b7:87:e7:07:92:e4:2f:28:ef:38:23:03:2a:26:2f:36:
         0a:db:f2:95:4c:80:06:a2:6e:48:93:2c:ea:cb:12:d5:e9:08:
         cd:15:4c:8b:05:2a:4b:dd:3e:ad:b7:a6:2a:c4:99:df:81:1f:
         02:8a:c5:b9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUPZxdFwWn3kl3uMk5nA/4qlxqTrwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwMzY1OFoX
DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNAMmExZmM2YjA0MmQ1MTgxMDRiYWYz
ZmRmMTBkMzE3ZDY0MmQ4M2I0NTUwNWE1OGQ5NjZmOTY0YzMxMTYxNDI2ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVwnArHQvsWwpIylOW4vwuIE8kPr
qfi3zB3mD7FP1z6vwOZfCnnCMKDyLlmjL4rvm91o1RmNB+5CYJcDqztW422miK7u
hICR85jbPLiZDVsfW9+Ppr1/hqDmz+hC/FyDXcIS4hddLvOhPUK0BxLyZC1B52K/
5C/qZDr3dlW7LgUgf0snKizgWfL06l54MmY6oJ4GHPNw0CRQSXX/2vTLoaRrkef2
3Ccx1EdNzoANJX2n3JrIwzdVr2fQnSrf+OXF914rHpQwTl6tCV3yZGg6wH8EXH0k
tKd+coDs1IbI67Qfjxq/LNrhBC1N7xyykL3R3VtDNkPdEb1gpkMd/eVp+wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJk9hhxeWeMcY39a5qWsRMCqtdyQMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U0M2QxN2I1LTUxMTQtNDgwYS04YWM0LTNkMTE4YTRlYjJjOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbauShAMA0GCSqGSIb3DQEBCwUAA4IBAQBAVGsVX0AgnTTqosqw
8B6hAK8N5dgVwMbwVGBsuyOKaKrByR+ft3Gd8tCziSw1BFTlah8zlT7fxdijpXn5
7bQl24ifCOeWGAHvk+M3/lrxY9CHRWmZ7uHrRCv/Yl61RIu7idgydMEtFqOmVXuo
YUMKFZGeRS2AyROiicCSjsY1cRG131AIzZ1ugXpTC3kUqKjOCrrnBAtuHprxGtnF
lHCTCt9FW/W8Dgw9KoNcKcob/cJX0FSqBdzlhE4js8h8A9PZDkHL6y3M9beH5weS
5C8o7zgjAyomLzYK2/KVTIAGom5IkyzqyxLV6QjNFUyLBSpL3T6tt6YqxJnfgR8C
isW5
-----END CERTIFICATE-----