Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef7cb16e-78b6-4a0b-b4bb-2457f694b483.roa
File:                     ef7cb16e-78b6-4a0b-b4bb-2457f694b483.roa (raw, json)
Hash identifier:          6ZDa/RhQ8yuk5WK4+qWuMQU0QR7bbY6x59qNl+qowbQ=
Subject key identifier:   21:3B:20:37:83:E7:7E:E8:ED:B4:32:9F:03:1B:8D:70:50:BD:50:9D
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3566B8090D71BC974F245525329DD2B5CF4B8CBF
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef7cb16e-78b6-4a0b-b4bb-2457f694b483.roa
Signing time:             Wed 14 May 2025 00:30:24 +0000
ROA not before:           Wed 14 May 2025 00:30:24 +0000
ROA not after:            Wed 18 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:f000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 19:38:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:66:b8:09:0d:71:bc:97:4f:24:55:25:32:9d:d2:b5:cf:4b:8c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 14 00:30:24 2025 GMT
            Not After : Jun 18 23:59:59 2025 GMT
        Subject: serialNumber=bc95fe7be7911a04cc6e020206c46e477866bfcdb0304a98bbd2a8771ed7b027, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:95:3b:08:34:e7:be:90:f3:2b:6e:b8:c9:e1:
                    24:3f:6c:4a:d8:ef:45:cb:e6:02:97:6a:65:71:98:
                    0d:2c:84:7a:9c:dd:80:84:e1:7c:10:ec:67:2d:47:
                    9d:63:7c:9f:d1:86:67:e9:15:e8:fd:0a:27:2a:b0:
                    bc:5e:e0:db:09:20:e5:20:af:0b:5e:9e:55:1f:bc:
                    fd:89:54:db:8a:48:dd:92:27:27:f2:11:d7:67:07:
                    99:c8:11:5a:3e:ec:77:79:67:d5:04:c8:63:9e:1b:
                    0e:2a:26:f8:f2:cb:88:62:51:92:a2:b5:45:14:f7:
                    86:e2:3a:19:96:f9:e6:b8:ff:d4:77:4b:5e:c7:19:
                    31:8d:a8:8c:ae:58:5b:59:48:a2:23:e8:72:0c:c8:
                    24:bb:75:ec:24:28:9d:d7:23:87:73:78:e6:1d:0c:
                    01:7a:4e:3d:a8:19:d7:8f:52:b0:f3:70:17:1e:cf:
                    99:e1:3e:8a:32:fe:f4:46:42:b4:3c:31:56:77:84:
                    a7:4d:14:b1:e2:4b:22:eb:02:2a:82:ae:c1:1b:8d:
                    f5:2b:8d:75:1d:07:20:cf:50:31:40:7f:a1:00:a4:
                    7b:9e:af:f5:17:f5:d8:24:53:95:d0:39:4b:26:08:
                    9b:1a:ac:52:38:01:0c:5f:58:5d:9a:13:36:d4:aa:
                    7c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:3B:20:37:83:E7:7E:E8:ED:B4:32:9F:03:1B:8D:70:50:BD:50:9D
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef7cb16e-78b6-4a0b-b4bb-2457f694b483.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:f000::/40

    Signature Algorithm: sha256WithRSAEncryption
         62:95:9f:e8:5b:b4:22:9a:06:4b:23:18:81:55:a4:8b:b2:1e:
         49:1d:26:50:84:5f:20:77:66:6e:66:19:58:f6:19:3c:1c:7a:
         84:58:eb:78:ab:2f:55:0c:42:a3:6c:5d:91:22:8f:a5:2e:e7:
         63:34:9c:c3:a0:c5:9e:7c:32:35:65:34:fb:6a:47:f7:c7:b8:
         d1:21:47:de:99:4d:47:48:d2:97:8f:dc:47:de:49:3a:65:1a:
         fb:99:c1:2b:67:7a:2e:77:d4:aa:47:2c:5d:b7:b2:25:c0:02:
         a7:21:b4:93:8f:0c:f6:94:77:6f:18:05:c3:8d:14:86:77:90:
         c5:b5:20:33:3e:76:cf:2a:ec:d6:5f:92:68:28:05:7b:6c:c5:
         ca:b5:48:55:86:90:24:a9:68:45:59:fc:f7:e2:13:f3:68:e0:
         7a:5f:06:a7:38:11:28:7f:4f:98:6d:f2:ce:ee:c0:0c:be:60:
         cb:e4:c6:b2:52:91:ee:70:45:41:2f:dd:02:5d:ea:fc:1a:86:
         f1:43:05:0f:f6:fb:ff:de:1e:d9:12:94:17:de:10:b3:ba:35:
         77:2e:de:17:6d:df:66:72:bd:b0:f9:a2:97:2c:e0:ef:8a:b5:
         b7:9f:ff:a7:fe:fd:35:37:e4:30:62:72:ff:98:6e:36:b9:91:
         56:37:96:f5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNWa4CQ1xvJdPJFUlMp3Stc9LjL8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMzAyNFoX
DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAYmM5NWZlN2JlNzkxMWEwNGNjNmUw
MjAyMDZjNDZlNDc3ODY2YmZjZGIwMzA0YTk4YmJkMmE4NzcxZWQ3YjAyNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JU7CDTnvpDzK264yeEkP2xK2O9F
y+YCl2plcZgNLIR6nN2AhOF8EOxnLUedY3yf0YZn6RXo/QonKrC8XuDbCSDlIK8L
Xp5VH7z9iVTbikjdkicn8hHXZweZyBFaPux3eWfVBMhjnhsOKib48suIYlGSorVF
FPeG4joZlvnmuP/Ud0texxkxjaiMrlhbWUiiI+hyDMgku3XsJCid1yOHc3jmHQwB
ek49qBnXj1Kw83AXHs+Z4T6KMv70RkK0PDFWd4SnTRSx4ksi6wIqgq7BG431K411
HQcgz1AxQH+hAKR7nq/1F/XYJFOV0DlLJgibGqxSOAEMX1hdmhM21Kp8vwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCE7IDeD537o7bQynwMbjXBQvVCdMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VmN2NiMTZlLTc4YjYtNGEwYi1iNGJiLTI0NTdmNjk0YjQ4My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9PAwDQYJKoZIhvcNAQELBQADggEBAGKVn+hbtCKaBksjGIFV
pIuyHkkdJlCEXyB3Zm5mGVj2GTwceoRY63irL1UMQqNsXZEij6Uu52M0nMOgxZ58
MjVlNPtqR/fHuNEhR96ZTUdI0peP3EfeSTplGvuZwStnei531KpHLF23siXAAqch
tJOPDPaUd28YBcONFIZ3kMW1IDM+ds8q7NZfkmgoBXtsxcq1SFWGkCSpaEVZ/Pfi
E/No4HpfBqc4ESh/T5ht8s7uwAy+YMvkxrJSke5wRUEv3QJd6vwahvFDBQ/2+//e
HtkSlBfeELO6NXcu3hdt32ZyvbD5opcs4O+Ktbef/6f+/TU35DBicv+Ybja5kVY3
lvU=
-----END CERTIFICATE-----