Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fee398e5-86da-41a5-82fc-59abcaf6e855.roa
File:                     fee398e5-86da-41a5-82fc-59abcaf6e855.roa (raw, json)
Hash identifier:          /T74Zi6hZqz+x9Alytm/uNGrcVo5G9Mi2HanHmJ3eZA=
Subject key identifier:   B9:0E:1C:0F:F9:D5:12:2B:0A:94:75:02:09:45:C3:24:77:76:2A:EE
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       478E205CE42CEFAB392BEC12C13F2DCF40FB882A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fee398e5-86da-41a5-82fc-59abcaf6e855.roa
Signing time:             Wed 30 Jul 2025 00:40:16 +0000
ROA not before:           Wed 30 Jul 2025 00:40:16 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:840::/46 maxlen: 48
Validation:               Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:8e:20:5c:e4:2c:ef:ab:39:2b:ec:12:c1:3f:2d:cf:40:fb:88:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 30 00:40:16 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=a9a8bac8ccbaf791c769d17fc0c21f38d4531f62ca74df5d9c26b97446d91fff, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:65:fb:46:41:3e:73:fc:28:b0:fe:45:ca:0b:
                    2b:09:6a:7c:78:8e:d9:ee:b6:7b:01:41:22:a7:3f:
                    67:1b:ee:94:f0:39:9b:8e:41:9d:71:e3:63:0d:4d:
                    a7:7e:0b:c5:17:18:a7:36:23:93:83:63:00:26:b0:
                    fe:32:19:68:64:4a:b3:13:44:61:69:19:b7:aa:cd:
                    fd:35:65:76:cd:98:f3:25:c1:a1:f1:80:4b:eb:ef:
                    9a:b5:00:e4:82:51:6e:d6:a3:44:c3:6f:40:c0:10:
                    a9:06:a1:4a:92:cb:1a:06:f7:9f:95:6b:53:7a:3a:
                    ee:34:b9:88:33:36:4e:3a:a3:e2:78:0f:60:7a:d5:
                    0d:bd:29:e1:7c:9c:c6:69:96:5e:52:ed:7c:0d:5c:
                    9a:5b:14:78:d9:21:a0:0f:ba:d5:b0:d5:fb:8b:85:
                    d5:dd:1e:75:88:54:7a:25:5d:5b:13:13:d5:88:1a:
                    b9:ca:aa:a6:b0:6d:f9:c6:b6:2d:f1:78:bd:51:ad:
                    3c:1a:87:fe:e4:25:9e:4e:87:09:3d:c9:54:5d:ca:
                    41:82:2b:00:a0:c1:27:92:e3:d7:91:fe:93:17:67:
                    7e:89:ee:12:4b:41:1b:b8:72:1a:90:8c:08:6b:8a:
                    be:d5:63:d9:a1:4b:c0:06:ce:bf:5a:b7:a1:8f:6f:
                    a5:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:0E:1C:0F:F9:D5:12:2B:0A:94:75:02:09:45:C3:24:77:76:2A:EE
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fee398e5-86da-41a5-82fc-59abcaf6e855.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:840::/46

    Signature Algorithm: sha256WithRSAEncryption
         27:82:37:43:15:d2:26:2e:ce:07:b0:b9:46:97:7a:3a:bc:4a:
         98:d3:9f:f0:9e:44:40:b3:1e:5e:c4:0c:cf:22:47:ac:d1:1c:
         ef:bc:24:2b:8f:ca:57:e6:e3:bb:56:b8:d7:8f:f4:f1:86:c7:
         08:99:b3:c9:5f:77:59:88:50:93:74:98:89:3f:c5:f3:ee:5d:
         41:be:7d:db:c5:c9:36:97:4d:aa:ae:c9:a6:6e:06:c9:ca:81:
         cc:58:d4:ab:a6:e7:d7:8e:c9:e4:b6:a4:2f:46:35:f1:54:25:
         33:62:07:ed:45:bd:b2:a9:cb:ab:63:c4:01:32:1b:fe:e7:8c:
         8c:98:2f:36:75:38:b1:bf:d2:e3:dd:a4:5f:67:81:ad:ca:96:
         e4:bd:fa:c4:17:0e:4b:5d:cb:02:6e:c9:05:33:ec:a3:85:9f:
         58:6a:35:e3:84:4d:d2:c6:ab:24:ee:be:e6:9e:0e:d4:57:3b:
         e6:1c:72:d0:e5:ca:f8:ba:04:03:f1:ee:3b:0c:d8:be:13:20:
         8a:3b:c7:95:93:84:ee:c8:97:59:ab:46:ca:67:91:d3:4a:07:
         e6:ac:a8:c6:31:5e:f8:63:0c:72:e3:54:b1:82:ef:6d:76:62:
         2e:5e:7a:1f:f7:b9:6e:9a:d3:55:cf:99:2c:e2:9d:06:0d:34:
         ad:45:ce:79
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUR44gXOQs76s5K+wSwT8tz0D7iCowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDAxNloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYTlhOGJhYzhjY2JhZjc5MWM3Njlk
MTdmYzBjMjFmMzhkNDUzMWY2MmNhNzRkZjVkOWMyNmI5NzQ0NmQ5MWZmZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmX7RkE+c/wosP5FygsrCWp8eI7Z
7rZ7AUEipz9nG+6U8DmbjkGdceNjDU2nfgvFFxinNiOTg2MAJrD+MhloZEqzE0Rh
aRm3qs39NWV2zZjzJcGh8YBL6++atQDkglFu1qNEw29AwBCpBqFKkssaBveflWtT
ejruNLmIMzZOOqPieA9getUNvSnhfJzGaZZeUu18DVyaWxR42SGgD7rVsNX7i4XV
3R51iFR6JV1bExPViBq5yqqmsG35xrYt8Xi9Ua08Gof+5CWeTocJPclUXcpBgisA
oMEnkuPXkf6TF2d+ie4SS0EbuHIakIwIa4q+1WPZoUvABs6/Wrehj2+lWQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLkOHA/51RIrCpR1AglFwyR3diruMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZlZTM5OGU1LTg2ZGEtNDFhNS04MmZjLTU5YWJjYWY2ZTg1NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaQhAMA0GCSqGSIb3DQEBCwUAA4IBAQAngjdDFdImLs4HsLlG
l3o6vEqY05/wnkRAsx5exAzPIkes0RzvvCQrj8pX5uO7VrjXj/TxhscImbPJX3dZ
iFCTdJiJP8Xz7l1Bvn3bxck2l02qrsmmbgbJyoHMWNSrpufXjsnktqQvRjXxVCUz
YgftRb2yqcurY8QBMhv+54yMmC82dTixv9Lj3aRfZ4GtypbkvfrEFw5LXcsCbskF
M+yjhZ9YajXjhE3Sxqsk7r7mng7UVzvmHHLQ5cr4ugQD8e47DNi+EyCKO8eVk4Tu
yJdZq0bKZ5HTSgfmrKjGMV74Ywxy41Sxgu9tdmIuXnof97lumtNVz5ks4p0GDTSt
Rc55
-----END CERTIFICATE-----