Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f11193c8-37cb-42c1-9803-825500063384.roa
File:                     f11193c8-37cb-42c1-9803-825500063384.roa (raw, json)
Hash identifier:          nYEfyVJtqQsNoSxid/jcvHt33AGdUy8hUNOsPysCY1Q=
Subject key identifier:   8B:41:54:8A:70:0A:6B:91:B5:74:BD:6A:36:CB:39:E8:5E:E1:2A:65
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       4EEFE6A57568B79B78CF8C7E261A3DE1684BF4ED
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f11193c8-37cb-42c1-9803-825500063384.roa
Signing time:             Wed 30 Jul 2025 00:31:02 +0000
ROA not before:           Wed 30 Jul 2025 00:31:02 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:c0c0::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:ef:e6:a5:75:68:b7:9b:78:cf:8c:7e:26:1a:3d:e1:68:4b:f4:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:31:02 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=bcccae6ca6f61f3ff1e3347741dba70f89cce1aabd005d07a57dc222722e97b8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:94:74:51:ed:71:ff:b5:b4:29:a4:67:80:ad:
                    22:8f:ec:e1:8f:7b:dd:37:24:91:75:0d:59:68:4e:
                    da:d8:70:01:7a:14:f1:d8:62:c9:28:57:73:c4:13:
                    f0:b9:7a:45:f8:59:b9:f9:16:1b:a1:b9:23:ef:b9:
                    a7:1e:99:8b:c2:2b:9d:88:25:e9:2e:ae:73:92:73:
                    49:33:d2:bc:85:b7:e7:49:22:d1:a9:4f:b4:a3:9d:
                    fa:bb:c9:d1:cd:b9:28:90:c9:d5:48:e4:0f:a6:e6:
                    a8:8d:6a:6d:82:15:ad:10:1e:80:28:a3:48:c2:e6:
                    52:62:6a:9a:48:4f:85:5c:08:65:46:54:cd:6c:5d:
                    fc:d6:19:d2:21:8c:d0:15:4f:6a:92:3d:32:3f:ac:
                    0b:a6:44:4a:a9:ac:d1:2e:4a:ac:92:a2:07:5f:22:
                    48:87:d0:d2:85:b3:18:d0:28:2b:0c:db:ff:ba:7e:
                    d7:55:f8:55:45:25:c7:68:0d:91:1f:71:6c:9d:0b:
                    f0:47:a3:c0:38:19:40:17:5f:ae:61:3b:a6:0f:18:
                    c9:9e:d8:68:d8:e4:5f:1c:0b:0b:b2:4a:02:c7:d5:
                    84:0e:d1:b1:e8:62:a9:ec:40:b6:54:07:5f:08:41:
                    e1:25:46:f8:8f:6c:cb:2a:97:ab:c0:70:b2:2f:0a:
                    f9:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:41:54:8A:70:0A:6B:91:B5:74:BD:6A:36:CB:39:E8:5E:E1:2A:65
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f11193c8-37cb-42c1-9803-825500063384.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:c0c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         60:76:fe:0d:6f:37:cf:af:b7:87:49:c8:ee:c8:d6:62:c4:09:
         b6:9f:67:43:08:15:61:b5:d7:d5:16:6b:21:3d:e4:cb:be:79:
         63:9e:5d:f6:ab:87:63:cd:d5:81:e4:b3:9e:4b:a5:5d:ee:c1:
         f1:0a:11:10:52:14:e3:f0:78:3c:a2:1c:23:e8:2c:3e:8d:fd:
         7a:36:7b:b1:c1:c1:7d:3d:21:dc:df:01:42:cb:14:16:4b:0c:
         2a:29:d5:e7:ad:b9:7c:b1:14:76:30:bc:9a:47:fa:de:b0:29:
         2a:8c:3f:7b:3a:66:2f:cc:87:3d:82:8c:27:96:72:d2:05:1d:
         66:fd:8e:9f:f6:be:03:81:6a:23:3e:99:14:73:fd:6f:26:97:
         ad:17:f9:48:af:48:a3:43:a7:bf:1b:66:46:f1:76:1b:08:10:
         9c:e3:56:a4:46:8e:d3:70:b1:22:b9:0d:85:6d:4a:0f:7e:47:
         4a:ff:62:53:a0:3f:fe:bc:88:b0:1d:c7:26:f3:84:b0:85:f8:
         6a:45:76:24:80:65:72:7a:22:f7:26:45:3d:5e:fd:1a:f0:e5:
         28:17:29:ca:d7:b8:0e:54:29:d5:0e:fd:37:0c:2c:0c:6a:df:
         4c:92:a3:26:9d:59:48:18:52:93:22:4d:0c:bd:04:9e:f3:05:
         c0:bc:e6:b9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUTu/mpXVot5t4z4x+Jho94WhL9O0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzEwMloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYmNjY2FlNmNhNmY2MWYzZmYxZTMz
NDc3NDFkYmE3MGY4OWNjZTFhYWJkMDA1ZDA3YTU3ZGMyMjI3MjJlOTdiODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpR0Ue1x/7W0KaRngK0ij+zhj3vd
NySRdQ1ZaE7a2HABehTx2GLJKFdzxBPwuXpF+Fm5+RYbobkj77mnHpmLwiudiCXp
Lq5zknNJM9K8hbfnSSLRqU+0o536u8nRzbkokMnVSOQPpuaojWptghWtEB6AKKNI
wuZSYmqaSE+FXAhlRlTNbF381hnSIYzQFU9qkj0yP6wLpkRKqazRLkqskqIHXyJI
h9DShbMY0CgrDNv/un7XVfhVRSXHaA2RH3FsnQvwR6PAOBlAF1+uYTumDxjJntho
2ORfHAsLskoCx9WEDtGx6GKp7EC2VAdfCEHhJUb4j2zLKperwHCyLwr5DwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFItBVIpwCmuRtXS9ajbLOehe4SplMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YxMTE5M2M4LTM3Y2ItNDJjMS05ODAzLTgyNTUwMDA2MzM4NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaacDAMA0GCSqGSIb3DQEBCwUAA4IBAQBgdv4NbzfPr7eHScju
yNZixAm2n2dDCBVhtdfVFmshPeTLvnljnl32q4djzdWB5LOeS6Vd7sHxChEQUhTj
8Hg8ohwj6Cw+jf16NnuxwcF9PSHc3wFCyxQWSwwqKdXnrbl8sRR2MLyaR/resCkq
jD97OmYvzIc9gownlnLSBR1m/Y6f9r4DgWojPpkUc/1vJpetF/lIr0ijQ6e/G2ZG
8XYbCBCc41akRo7TcLEiuQ2FbUoPfkdK/2JToD/+vIiwHccm84SwhfhqRXYkgGVy
eiL3JkU9Xv0a8OUoFynK17gOVCnVDv03DCwMat9MkqMmnVlIGFKTIk0MvQSe8wXA
vOa5
-----END CERTIFICATE-----