Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e47ada6e-cecd-46fa-b8e3-1cac9b716900.roa
File:                     e47ada6e-cecd-46fa-b8e3-1cac9b716900.roa (raw, json)
Hash identifier:          aUgdGUzT9YN6dL34ZfIxbsPxOq48nLZkDUOA3Mog9gY=
Subject key identifier:   F7:00:34:F6:B5:B6:E7:47:11:7F:F6:DB:35:01:53:35:81:7C:D0:64
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3F18195C39976DC80260DAE505997FDA183E8CEE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e47ada6e-cecd-46fa-b8e3-1cac9b716900.roa
Signing time:             Thu 22 May 2025 00:51:58 +0000
ROA not before:           Thu 22 May 2025 00:51:58 +0000
ROA not after:            Thu 26 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab9:f080::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:52:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:18:19:5c:39:97:6d:c8:02:60:da:e5:05:99:7f:da:18:3e:8c:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 22 00:51:58 2025 GMT
            Not After : Jun 26 23:59:59 2025 GMT
        Subject: serialNumber=9854d23348ee59c8da853daa0b49fc5795b26679715baf62cc0ced1db908a043, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:70:e0:ae:14:40:32:82:e5:f1:80:91:e8:5c:
                    5c:1f:0e:23:76:7e:99:02:0f:ca:b1:9c:1c:cc:e4:
                    c3:8c:0d:cb:f6:8d:4a:af:81:fc:82:9d:48:b5:77:
                    aa:a1:79:7a:2d:f0:69:e4:66:46:f7:78:d9:d9:9e:
                    51:77:41:73:57:e6:ef:48:85:cd:77:8d:ce:c6:51:
                    76:25:f7:76:66:b6:d4:50:6f:f4:65:24:12:5a:b8:
                    8c:3d:5e:f3:7a:9b:7c:31:1f:72:91:59:50:fd:02:
                    fc:e0:46:8e:95:24:52:1d:7e:a7:54:8d:ed:6f:dc:
                    30:e0:ee:29:75:bb:96:a5:9a:32:05:c6:89:df:08:
                    d2:42:72:d0:9f:2c:55:18:06:3c:bc:1c:89:e4:17:
                    a4:9e:97:20:ee:66:e8:6c:65:15:25:5d:07:13:df:
                    63:ce:e6:02:9a:18:53:c3:d2:6b:88:36:5a:ef:f5:
                    d8:c8:22:b0:a8:5f:50:cb:3a:15:f3:22:4a:ad:c1:
                    c4:f7:4f:21:5a:a8:16:19:7a:db:32:92:1f:d3:c9:
                    07:eb:29:da:4d:55:d0:01:01:ec:6c:24:b9:73:42:
                    b7:61:fd:0f:bb:18:a6:80:55:aa:8d:ec:f4:5b:93:
                    bc:cb:03:d7:14:fc:3b:73:61:67:d4:40:df:04:6c:
                    e6:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:00:34:F6:B5:B6:E7:47:11:7F:F6:DB:35:01:53:35:81:7C:D0:64
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e47ada6e-cecd-46fa-b8e3-1cac9b716900.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab9:f080::/48

    Signature Algorithm: sha256WithRSAEncryption
         63:a1:32:b2:bc:2d:d6:b2:06:78:de:87:3e:9f:f2:53:ae:80:
         7f:1c:7e:cd:ef:f6:15:b7:15:8d:70:78:e9:92:8e:7a:f0:8a:
         40:18:4b:a9:34:e3:5f:b0:78:05:61:0c:9d:72:0d:63:3a:bd:
         74:cf:e3:9f:03:9b:2b:54:c2:45:ea:76:a7:72:94:11:42:8d:
         40:ca:52:ae:23:a0:b3:12:9f:96:00:87:95:1b:13:7a:98:a3:
         e9:c1:a7:02:6f:19:45:b0:87:45:ba:b6:77:d3:94:1b:1d:36:
         45:fd:b4:97:d3:7b:a7:84:45:42:e6:20:6e:8f:7b:5a:89:95:
         da:26:0a:01:bc:76:59:2c:85:5f:40:e1:d7:70:23:8e:7e:d6:
         5a:18:0c:df:4d:5d:78:a9:52:1e:d2:65:42:c0:9c:d4:fc:e7:
         c4:9a:98:96:9d:c2:f8:23:d5:07:4d:bc:f3:5a:4a:5b:de:5b:
         61:a5:ab:db:82:92:60:a6:79:fd:b0:13:23:6e:7b:d8:8e:6d:
         72:03:99:ed:2b:46:c8:1f:a1:be:04:1d:71:6c:7c:85:17:c8:
         53:0f:5a:9a:63:e1:d7:dd:14:2a:f7:54:0d:f0:f4:ca:4d:75:
         85:a3:f0:2d:56:e8:d7:82:d4:83:f7:ef:b6:4e:31:e7:78:4e:
         86:03:70:54
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUPxgZXDmXbcgCYNrlBZl/2hg+jO4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwNTE1OFoX
DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNAOTg1NGQyMzM0OGVlNTljOGRhODUz
ZGFhMGI0OWZjNTc5NWIyNjY3OTcxNWJhZjYyY2MwY2VkMWRiOTA4YTA0MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HDgrhRAMoLl8YCR6FxcHw4jdn6Z
Ag/KsZwczOTDjA3L9o1Kr4H8gp1ItXeqoXl6LfBp5GZG93jZ2Z5Rd0FzV+bvSIXN
d43OxlF2Jfd2ZrbUUG/0ZSQSWriMPV7zept8MR9ykVlQ/QL84EaOlSRSHX6nVI3t
b9ww4O4pdbuWpZoyBcaJ3wjSQnLQnyxVGAY8vByJ5Beknpcg7mbobGUVJV0HE99j
zuYCmhhTw9JriDZa7/XYyCKwqF9QyzoV8yJKrcHE908hWqgWGXrbMpIf08kH6yna
TVXQAQHsbCS5c0K3Yf0PuximgFWqjez0W5O8ywPXFPw7c2Fn1EDfBGzmaQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPcANPa1tudHEX/22zUBUzWBfNBkMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U0N2FkYTZlLWNlY2QtNDZmYS1iOGUzLTFjYWM5YjcxNjkwMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaufCAMA0GCSqGSIb3DQEBCwUAA4IBAQBjoTKyvC3WsgZ43oc+
n/JTroB/HH7N7/YVtxWNcHjpko568IpAGEupNONfsHgFYQydcg1jOr10z+OfA5sr
VMJF6nancpQRQo1AylKuI6CzEp+WAIeVGxN6mKPpwacCbxlFsIdFurZ305QbHTZF
/bSX03unhEVC5iBuj3taiZXaJgoBvHZZLIVfQOHXcCOOftZaGAzfTV14qVIe0mVC
wJzU/OfEmpiWncL4I9UHTbzzWkpb3lthpavbgpJgpnn9sBMjbnvYjm1yA5ntK0bI
H6G+BB1xbHyFF8hTD1qaY+HX3RQq91QN8PTKTXWFo/AtVujXgtSD9++2TjHneE6G
A3BU
-----END CERTIFICATE-----