Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa
File:                     ea66f72f-02a5-49e5-86f6-bd91534d2929.roa (raw, json)
Hash identifier:          X7+K/jUZNMXllarRTsWcGsL4j/+HhpFiUnOhDiNXjoE=
Subject key identifier:   CF:45:3B:B4:CF:6A:25:8A:28:CD:1A:8D:80:9F:D9:05:5D:79:E8:F9
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       47D8FB5FC32717231D10F2F0E212FDBF644F42C3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa
Signing time:             Wed 30 Jul 2025 00:10:37 +0000
ROA not before:           Wed 30 Jul 2025 00:10:37 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:b0c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:24:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:d8:fb:5f:c3:27:17:23:1d:10:f2:f0:e2:12:fd:bf:64:4f:42:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:10:37 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=04a9b6453fa9c3f18d08ebb3cb32964c912cdae09e08acb7e352811bdc1470b7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:db:af:e0:fa:f8:47:60:93:39:31:45:bd:e1:
                    b5:e3:a2:38:01:68:16:6e:05:ef:cf:0d:4b:0f:b2:
                    7b:46:20:cc:e0:07:01:f5:d7:79:84:76:fb:87:8c:
                    03:b9:6a:b6:ad:29:f4:b9:3a:b6:b8:c6:df:82:5e:
                    a5:c0:6c:82:fc:3e:b6:16:66:a4:4b:9e:d7:e7:c7:
                    c4:2f:28:63:94:f0:03:8f:4e:68:9c:f5:90:4f:1d:
                    c0:2d:16:91:32:f2:43:20:ea:95:cc:45:9d:ba:d6:
                    e9:e7:f6:2a:41:b3:81:68:d8:68:1b:f5:a7:8c:e0:
                    9f:2a:7d:33:5c:9b:28:e5:33:ea:29:d7:aa:14:0f:
                    b4:c1:11:00:da:31:c4:8a:b5:6f:7d:e1:5e:3c:32:
                    ef:84:1b:45:4f:ae:87:68:07:16:62:c8:6f:d6:78:
                    b8:34:89:72:9e:0b:68:f9:49:88:27:da:56:6a:85:
                    f7:f3:cc:43:a8:31:dd:ab:19:0c:11:b8:1f:79:78:
                    2c:50:26:44:9f:65:2f:20:60:ef:bb:a4:bc:ad:70:
                    17:eb:44:88:00:63:c4:bd:60:fe:a0:3f:32:fb:e4:
                    98:7f:9c:89:ff:98:bb:62:06:df:93:0a:53:71:b5:
                    d3:3d:26:41:da:f3:59:f0:4d:21:71:6f:95:59:30:
                    a1:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:45:3B:B4:CF:6A:25:8A:28:CD:1A:8D:80:9F:D9:05:5D:79:E8:F9
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:b0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         57:67:f5:81:a7:ed:17:b8:58:8f:15:8e:9d:6a:9f:32:1e:60:
         80:62:d9:be:59:25:6f:be:09:e9:82:78:48:e5:0c:e7:4b:c1:
         63:97:a7:7f:96:e6:b8:be:b8:35:59:10:4a:d2:2f:c2:fd:a6:
         be:28:83:20:a2:16:d7:ba:1a:77:61:34:4c:14:cd:b7:30:64:
         e9:99:02:06:a5:6c:35:91:95:00:0a:4e:9d:c0:90:ed:d5:d2:
         39:ed:ff:e9:e2:e1:29:37:5f:96:71:d3:f7:b1:0c:13:f4:e0:
         50:8c:65:35:53:da:1d:80:2d:f4:23:95:66:6e:43:17:46:b9:
         7c:60:a1:c6:d6:3e:ae:8a:cb:36:f3:01:17:e1:63:bc:0e:bb:
         29:57:8d:e1:01:43:ef:a7:41:fb:a7:c5:14:ad:17:d7:df:22:
         62:53:e2:fc:15:12:8e:be:2f:eb:1e:9f:c8:94:ca:ef:b6:3d:
         f6:06:83:06:c1:f9:e6:be:f6:4a:19:c7:32:a7:b6:8a:4e:c1:
         dd:c4:97:e9:40:1c:b1:41:62:7c:d7:0b:6f:8d:1d:1b:ae:06:
         84:51:e8:9b:90:77:c7:2c:46:53:ca:e7:42:28:e6:99:71:c2:
         9a:73:a0:38:92:a0:19:9f:15:e5:0d:cc:c5:31:bc:24:39:c3:
         f3:bb:83:42
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUR9j7X8MnFyMdEPLw4hL9v2RPQsMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMTAzN1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMDRhOWI2NDUzZmE5YzNmMThkMDhl
YmIzY2IzMjk2NGM5MTJjZGFlMDllMDhhY2I3ZTM1MjgxMWJkYzE0NzBiNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Nuv4Pr4R2CTOTFFveG146I4AWgW
bgXvzw1LD7J7RiDM4AcB9dd5hHb7h4wDuWq2rSn0uTq2uMbfgl6lwGyC/D62Fmak
S57X58fELyhjlPADj05onPWQTx3ALRaRMvJDIOqVzEWdutbp5/YqQbOBaNhoG/Wn
jOCfKn0zXJso5TPqKdeqFA+0wREA2jHEirVvfeFePDLvhBtFT66HaAcWYshv1ni4
NIlyngto+UmIJ9pWaoX388xDqDHdqxkMEbgfeXgsUCZEn2UvIGDvu6S8rXAX60SI
AGPEvWD+oD8y++SYf5yJ/5i7YgbfkwpTcbXTPSZB2vNZ8E0hcW+VWTChYwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFM9FO7TPaiWKKM0ajYCf2QVdeej5MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VhNjZmNzJmLTAyYTUtNDllNS04NmY2LWJkOTE1MzRkMjkyOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba97DAMA0GCSqGSIb3DQEBCwUAA4IBAQBXZ/WBp+0XuFiPFY6d
ap8yHmCAYtm+WSVvvgnpgnhI5QznS8Fjl6d/lua4vrg1WRBK0i/C/aa+KIMgohbX
uhp3YTRMFM23MGTpmQIGpWw1kZUACk6dwJDt1dI57f/p4uEpN1+WcdP3sQwT9OBQ
jGU1U9odgC30I5VmbkMXRrl8YKHG1j6uiss28wEX4WO8DrspV43hAUPvp0H7p8UU
rRfX3yJiU+L8FRKOvi/rHp/IlMrvtj32BoMGwfnmvvZKGccyp7aKTsHdxJfpQByx
QWJ81wtvjR0brgaEUeibkHfHLEZTyudCKOaZccKac6A4kqAZnxXlDczFMbwkOcPz
u4NC
-----END CERTIFICATE-----