Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb002a80-b810-486c-a567-9b05e3c926d2.roa
File:                     fb002a80-b810-486c-a567-9b05e3c926d2.roa (raw, json)
Hash identifier:          vhL4o0uq8ZYEpFgEMBaHvDvLVQOfpwqW+FVbcSNPyMM=
Subject key identifier:   E0:69:89:57:4B:EE:97:43:38:1C:51:6A:3A:0B:99:55:F7:62:C7:FF
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       187B23A793A8E3E2B9506F7E1A7A001572DECC7F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb002a80-b810-486c-a567-9b05e3c926d2.roa
Signing time:             Wed 30 Jul 2025 00:50:55 +0000
ROA not before:           Wed 30 Jul 2025 00:50:55 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:f080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:24:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:7b:23:a7:93:a8:e3:e2:b9:50:6f:7e:1a:7a:00:15:72:de:cc:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:50:55 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=52ffa04c9597f9ac59dc1dd05470402a8185e03dab104996e4214239d7bb75ec, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:fe:8b:a7:ef:cc:27:8a:86:d4:a2:9b:1a:cd:
                    f8:7e:23:6d:ba:23:7f:0f:84:98:38:c8:32:15:f3:
                    53:a3:3d:b7:04:fe:8d:35:8c:4b:02:ee:55:57:2f:
                    b1:7d:ab:3c:41:6a:73:d9:dd:b3:d5:ea:64:1d:2f:
                    0c:67:56:80:71:cc:a1:e1:a1:8e:ab:cf:db:7c:81:
                    32:30:13:d0:51:f4:eb:0d:81:24:78:7c:4d:09:0d:
                    b4:69:c5:70:7e:e4:dd:73:b5:6f:cc:47:e3:5c:0f:
                    38:12:e5:a1:6f:db:8c:e9:d0:37:66:2b:36:a8:2d:
                    48:8f:b7:7c:24:ad:fa:70:60:e7:7b:9d:84:1c:da:
                    5d:84:d6:66:c9:1e:4d:b3:47:5b:94:45:07:e4:88:
                    72:14:81:63:28:b8:b6:42:fe:d0:80:f6:5b:34:a8:
                    df:1e:fb:b8:a9:e3:76:e0:2d:74:07:4b:c8:7e:95:
                    ae:30:5f:94:2e:80:26:f9:2c:e2:eb:1b:ba:f8:cf:
                    9b:51:9a:69:a7:4c:5d:a8:2e:c0:4c:0b:cc:39:a8:
                    88:e7:11:a9:c9:9a:6c:87:f2:0a:01:c5:f5:fa:1d:
                    f3:aa:db:b2:7c:22:4a:f3:09:05:b9:ac:ad:52:cd:
                    53:75:7c:88:8d:85:b8:30:ba:97:f8:a1:62:ee:8f:
                    01:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:69:89:57:4B:EE:97:43:38:1C:51:6A:3A:0B:99:55:F7:62:C7:FF
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb002a80-b810-486c-a567-9b05e3c926d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:f080::/46

    Signature Algorithm: sha256WithRSAEncryption
         57:8c:fe:48:c8:21:61:ac:57:c7:93:d6:3e:65:6c:15:f2:a1:
         0e:ff:43:3e:50:9d:54:89:2c:40:51:29:4a:66:80:18:27:50:
         fb:3b:7a:db:a2:db:ce:b8:17:07:1a:2a:1c:2d:dd:18:44:47:
         8a:27:ec:7b:75:ff:b1:54:c6:6b:c5:81:d8:2f:f0:46:0a:c7:
         83:5b:f0:c8:6d:db:9c:14:b9:e7:3b:2a:7d:6d:5e:53:4a:90:
         93:08:c2:28:bb:11:c7:86:37:23:4d:bf:b5:78:f7:d4:c9:94:
         8f:6e:aa:de:cd:4a:d7:92:39:bd:67:0d:0b:90:74:89:68:bb:
         09:ef:26:c1:34:51:ac:ca:b5:0a:08:01:8e:7b:d5:4b:74:96:
         7f:fe:ea:27:8b:08:b9:38:f9:e3:65:ba:97:b7:7d:96:47:ef:
         73:34:5d:3a:d7:0a:91:ac:70:49:89:3f:e4:39:24:b5:c2:2d:
         c9:45:1e:eb:7e:d6:ca:4c:24:43:54:e3:b8:bc:29:82:06:01:
         8b:20:1e:69:3c:2a:e3:1b:12:6a:3c:d2:e5:14:4d:f8:76:3d:
         d6:bf:83:4a:81:a3:31:65:36:b8:31:f1:bb:12:67:78:a7:e2:
         d0:44:eb:b0:39:7b:6e:54:a2:df:42:51:b0:c3:3b:96:83:a7:
         55:7c:6e:13
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUGHsjp5Oo4+K5UG9+GnoAFXLezH8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTA1NVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANTJmZmEwNGM5NTk3ZjlhYzU5ZGMx
ZGQwNTQ3MDQwMmE4MTg1ZTAzZGFiMTA0OTk2ZTQyMTQyMzlkN2JiNzVlYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/6Lp+/MJ4qG1KKbGs34fiNtuiN/
D4SYOMgyFfNToz23BP6NNYxLAu5VVy+xfas8QWpz2d2z1epkHS8MZ1aAccyh4aGO
q8/bfIEyMBPQUfTrDYEkeHxNCQ20acVwfuTdc7VvzEfjXA84EuWhb9uM6dA3Zis2
qC1Ij7d8JK36cGDne52EHNpdhNZmyR5Ns0dblEUH5IhyFIFjKLi2Qv7QgPZbNKjf
Hvu4qeN24C10B0vIfpWuMF+ULoAm+Szi6xu6+M+bUZppp0xdqC7ATAvMOaiI5xGp
yZpsh/IKAcX1+h3zqtuyfCJK8wkFuaytUs1TdXyIjYW4MLqX+KFi7o8BVQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOBpiVdL7pdDOBxRajoLmVX3Ysf/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZiMDAyYTgwLWI4MTAtNDg2Yy1hNTY3LTliMDVlM2M5MjZkMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9/CAMA0GCSqGSIb3DQEBCwUAA4IBAQBXjP5IyCFhrFfHk9Y+
ZWwV8qEO/0M+UJ1UiSxAUSlKZoAYJ1D7O3rbotvOuBcHGiocLd0YREeKJ+x7df+x
VMZrxYHYL/BGCseDW/DIbducFLnnOyp9bV5TSpCTCMIouxHHhjcjTb+1ePfUyZSP
bqrezUrXkjm9Zw0LkHSJaLsJ7ybBNFGsyrUKCAGOe9VLdJZ//uoniwi5OPnjZbqX
t32WR+9zNF061wqRrHBJiT/kOSS1wi3JRR7rftbKTCRDVOO4vCmCBgGLIB5pPCrj
GxJqPNLlFE34dj3Wv4NKgaMxZTa4MfG7Emd4p+LQROuwOXtuVKLfQlGwwzuWg6dV
fG4T
-----END CERTIFICATE-----