Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa
File:                     fb33c78e-80e8-48d7-8941-7ac54859b50c.roa (raw, json)
Hash identifier:          cptZ412u1pa5uTISuNfYeFuTUN4SEg9mXDZT/RV/Bew=
Subject key identifier:   76:C8:34:A1:43:00:F5:BC:A0:53:97:6E:AE:19:02:0C:B0:AF:90:3D
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       4A7774453E86AD689969B786D4BD976F1EABDCEE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa
Signing time:             Wed 30 Jul 2025 00:20:18 +0000
ROA not before:           Wed 30 Jul 2025 00:20:18 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:4080::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:37:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:77:74:45:3e:86:ad:68:99:69:b7:86:d4:bd:97:6f:1e:ab:dc:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:20:18 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=08a0d9b183ab51f7f0d8547fcad249a1fd2eba085e567f2842faf81e546073bc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:2c:b8:78:bf:e7:ee:39:1b:34:b8:7f:a4:09:
                    06:3c:66:7c:2c:76:c9:98:5e:50:04:08:ca:2c:b8:
                    7f:8b:f0:4a:92:db:6c:e6:fd:7c:20:f2:ad:ff:b5:
                    5c:f3:7e:95:7d:38:38:eb:a2:97:b5:45:4b:f0:bc:
                    6d:fd:50:08:62:bd:e7:a7:d0:99:be:72:34:2d:15:
                    8b:a2:6d:a2:f6:51:d0:2e:0b:01:90:c2:e5:58:89:
                    a3:87:c9:a3:cb:97:1a:c8:25:9d:f4:ab:c6:03:98:
                    01:89:df:d9:0c:cc:3b:0e:2c:e9:08:25:cb:48:d4:
                    93:02:e2:67:69:c7:11:46:45:6b:dd:36:8d:08:b5:
                    55:79:00:4f:de:fa:ef:5d:c2:de:5b:62:bd:d9:67:
                    04:61:bd:69:2e:4c:29:a1:a7:44:1b:ac:47:4e:86:
                    89:ba:e9:5e:21:15:45:c7:9f:3a:64:40:2f:a4:2e:
                    74:c9:52:22:70:fa:1c:00:f3:20:00:97:00:77:cb:
                    7e:e9:21:e6:ac:d6:50:61:a5:25:f8:37:0e:5f:93:
                    72:9d:e6:55:a9:0e:aa:7b:32:7e:0a:c8:fa:22:96:
                    f2:5f:99:60:04:83:78:10:ea:c6:cd:81:25:ce:2d:
                    0a:c1:a2:18:80:53:1d:a7:ed:6b:d2:a3:97:d1:d9:
                    5c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:C8:34:A1:43:00:F5:BC:A0:53:97:6E:AE:19:02:0C:B0:AF:90:3D
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:4080::/46

    Signature Algorithm: sha256WithRSAEncryption
         0e:1d:74:f4:cc:51:3f:e0:0c:3b:8a:bd:0d:78:52:ff:ec:77:
         c1:7e:f0:2d:84:1f:06:37:92:d0:76:ef:b2:ed:65:71:aa:3e:
         ef:0e:b7:2b:4e:58:e4:f5:18:51:1b:df:3f:92:c0:e8:73:be:
         f7:5d:4e:1d:45:93:27:4d:ba:b9:14:87:52:34:77:03:a6:f7:
         b7:fd:4e:70:c3:c1:ff:c4:28:2e:4b:6b:d3:fc:65:16:ce:a4:
         45:0c:96:e6:3b:28:c7:3f:cc:b8:24:f8:61:16:b1:3b:65:aa:
         7c:84:38:db:4e:2e:63:d2:2c:17:eb:51:cf:2b:d8:ba:5d:89:
         4b:4b:e5:99:bc:4a:8f:b8:45:d4:77:df:04:79:78:f3:83:68:
         e9:63:62:97:3e:8f:fb:d4:a5:19:33:c8:5b:9a:78:65:50:90:
         3b:97:2a:5d:92:a2:5d:a2:63:07:bb:c4:cd:b9:14:ce:47:92:
         c7:b6:c2:d5:24:bd:2e:f9:da:0b:43:17:a4:0d:5f:75:37:d0:
         bb:ea:3b:31:9a:46:34:ec:8c:1f:82:9d:f7:74:e0:03:44:f6:
         49:51:75:4f:e3:6c:76:8f:50:95:f4:bc:38:d7:d7:39:f0:a2:
         26:5c:42:53:8a:53:a6:c4:8a:c2:df:13:86:43:89:f0:4b:e4:
         60:5d:ff:a5
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUSnd0RT6GrWiZabeG1L2Xbx6r3O4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjAxOFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMDhhMGQ5YjE4M2FiNTFmN2YwZDg1
NDdmY2FkMjQ5YTFmZDJlYmEwODVlNTY3ZjI4NDJmYWY4MWU1NDYwNzNiYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyy4eL/n7jkbNLh/pAkGPGZ8LHbJ
mF5QBAjKLLh/i/BKktts5v18IPKt/7Vc836VfTg466KXtUVL8Lxt/VAIYr3np9CZ
vnI0LRWLom2i9lHQLgsBkMLlWImjh8mjy5cayCWd9KvGA5gBid/ZDMw7DizpCCXL
SNSTAuJnaccRRkVr3TaNCLVVeQBP3vrvXcLeW2K92WcEYb1pLkwpoadEG6xHToaJ
uuleIRVFx586ZEAvpC50yVIicPocAPMgAJcAd8t+6SHmrNZQYaUl+DcOX5NyneZV
qQ6qezJ+Csj6IpbyX5lgBIN4EOrGzYElzi0KwaIYgFMdp+1r0qOX0dlcDwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHbINKFDAPW8oFOXbq4ZAgywr5A9MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZiMzNjNzhlLTgwZTgtNDhkNy04OTQxLTdhYzU0ODU5YjUwYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+0CAMA0GCSqGSIb3DQEBCwUAA4IBAQAOHXT0zFE/4Aw7ir0N
eFL/7HfBfvAthB8GN5LQdu+y7WVxqj7vDrcrTljk9RhRG98/ksDoc773XU4dRZMn
Tbq5FIdSNHcDpve3/U5ww8H/xCguS2vT/GUWzqRFDJbmOyjHP8y4JPhhFrE7Zap8
hDjbTi5j0iwX61HPK9i6XYlLS+WZvEqPuEXUd98EeXjzg2jpY2KXPo/71KUZM8hb
mnhlUJA7lypdkqJdomMHu8TNuRTOR5LHtsLVJL0u+doLQxekDV91N9C76jsxmkY0
7Iwfgp33dOADRPZJUXVP42x2j1CV9Lw419c58KImXEJTilOmxIrC3xOGQ4nwS+Rg
Xf+l
-----END CERTIFICATE-----