Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffc2ab55-5edf-4d80-a378-85f7ff47d367.roa
File:                     ffc2ab55-5edf-4d80-a378-85f7ff47d367.roa (raw, json)
Hash identifier:          6tlTZzYWuThs8gBZwRiTtRh3D/1GjvixIYd8U+koz+I=
Subject key identifier:   DB:54:14:48:C7:A6:66:0B:73:D8:EF:50:5C:20:FB:A7:5B:E5:94:F7
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       714A47BE8DE032E2FEE83D422C792CD45B804012
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffc2ab55-5edf-4d80-a378-85f7ff47d367.roa
Signing time:             Mon 12 May 2025 15:10:40 +0000
ROA not before:           Mon 12 May 2025 15:10:40 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dabb:b000::/40 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:07:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:4a:47:be:8d:e0:32:e2:fe:e8:3d:42:2c:79:2c:d4:5b:80:40:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 12 15:10:40 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=d60884a316467348ba04551b78e13b16f349dff5be63ae86edabdb83ef158ed7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ab:94:5d:26:6c:4b:b2:d4:8b:c2:96:de:46:
                    a3:6b:a6:7b:24:c9:9c:3f:20:ae:bf:a2:67:00:be:
                    bb:96:55:b6:3c:ce:13:82:b7:fc:8d:51:70:37:8d:
                    42:39:c8:fe:45:42:50:32:06:08:0a:b2:43:f8:62:
                    29:c4:e2:e3:50:36:c7:e1:13:32:c0:f0:8a:b2:61:
                    bd:e4:49:f3:2a:20:34:49:ea:a8:95:ec:80:a9:2c:
                    55:27:27:7a:b7:38:05:7d:9c:50:c8:92:1d:ff:5f:
                    36:d6:17:cb:ca:3a:e6:75:25:5a:e4:6a:ed:24:f8:
                    b2:b2:ef:c2:57:ed:2b:85:52:d5:12:92:d4:b0:4a:
                    84:4a:f3:64:8a:88:12:53:b3:08:1c:52:ef:ce:1e:
                    a9:c5:3c:4e:f5:92:91:91:ed:ef:a3:9c:9c:6e:dd:
                    8f:7b:ca:f9:f9:eb:72:0e:91:89:46:e3:b5:7c:a1:
                    dd:fb:ff:b3:bf:19:25:07:f0:50:4b:93:68:d5:25:
                    69:e3:94:c5:50:e3:6b:d5:49:79:a4:e3:65:36:ae:
                    15:a6:f5:f8:76:f7:ff:8f:c0:fa:90:ad:d0:91:fc:
                    7f:9b:d3:c4:c5:09:6e:44:1c:3b:25:6c:c0:f7:77:
                    fb:8e:6b:72:fb:56:53:18:b2:05:ab:71:bc:78:66:
                    cb:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:54:14:48:C7:A6:66:0B:73:D8:EF:50:5C:20:FB:A7:5B:E5:94:F7
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffc2ab55-5edf-4d80-a378-85f7ff47d367.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dabb:b000::/40

    Signature Algorithm: sha256WithRSAEncryption
         bc:9d:f7:69:f0:bd:f8:15:9e:5d:93:89:36:6d:3c:f6:d3:3f:
         13:52:98:5f:c1:a9:2d:2f:34:39:a9:40:4b:14:86:8b:f9:70:
         a8:4b:cf:ae:0d:bf:28:26:8d:04:56:26:0d:a2:79:64:a3:2b:
         f0:53:9a:50:76:a8:7f:77:3e:8a:f9:09:d9:70:9c:f5:f3:f0:
         14:d2:09:0d:18:40:65:63:21:3b:4f:bd:86:16:63:2e:ac:49:
         df:33:45:a1:19:22:ee:90:15:4b:83:8d:7b:03:38:e6:bd:24:
         a0:04:10:3b:b1:06:b4:c1:1b:ce:f0:d2:cd:7b:af:b1:20:0e:
         66:03:3b:26:fc:92:d4:a3:3a:fc:e3:00:c7:4a:c8:65:4d:39:
         07:a0:6b:e6:46:83:a5:48:4a:e6:f0:e3:67:5b:a0:f9:ec:7b:
         24:30:f1:3e:65:04:31:ca:41:bf:9c:64:02:60:78:90:c5:74:
         d9:e9:54:b6:e6:7c:a9:3b:47:ee:36:71:4c:c6:bd:00:d3:5f:
         a9:6f:d6:cb:1a:23:78:d6:12:42:ed:69:4d:b3:9f:ab:83:a1:
         ea:f3:ac:2c:f7:2b:31:f3:5a:e6:2c:81:ca:91:28:7b:ff:37:
         a2:32:a5:55:6d:69:1a:07:a6:2f:bb:50:49:62:7e:a4:ab:8e:
         c9:0b:68:33
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUcUpHvo3gMuL+6D1CLHks1FuAQBIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MTA0MFoX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAZDYwODg0YTMxNjQ2NzM0OGJhMDQ1
NTFiNzhlMTNiMTZmMzQ5ZGZmNWJlNjNhZTg2ZWRhYmRiODNlZjE1OGVkNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6uUXSZsS7LUi8KW3kaja6Z7JMmc
PyCuv6JnAL67llW2PM4Tgrf8jVFwN41COcj+RUJQMgYICrJD+GIpxOLjUDbH4RMy
wPCKsmG95EnzKiA0SeqoleyAqSxVJyd6tzgFfZxQyJId/1821hfLyjrmdSVa5Grt
JPiysu/CV+0rhVLVEpLUsEqESvNkiogSU7MIHFLvzh6pxTxO9ZKRke3vo5ycbt2P
e8r5+etyDpGJRuO1fKHd+/+zvxklB/BQS5No1SVp45TFUONr1Ul5pONlNq4VpvX4
dvf/j8D6kK3Qkfx/m9PExQluRBw7JWzA93f7jmty+1ZTGLIFq3G8eGbL9wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNtUFEjHpmYLc9jvUFwg+6db5ZT3MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZmYzJhYjU1LTVlZGYtNGQ4MC1hMzc4LTg1ZjdmZjQ3ZDM2Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbau7AwDQYJKoZIhvcNAQELBQADggEBALyd92nwvfgVnl2TiTZt
PPbTPxNSmF/BqS0vNDmpQEsUhov5cKhLz64NvygmjQRWJg2ieWSjK/BTmlB2qH93
Por5CdlwnPXz8BTSCQ0YQGVjITtPvYYWYy6sSd8zRaEZIu6QFUuDjXsDOOa9JKAE
EDuxBrTBG87w0s17r7EgDmYDOyb8ktSjOvzjAMdKyGVNOQega+ZGg6VISubw42db
oPnseyQw8T5lBDHKQb+cZAJgeJDFdNnpVLbmfKk7R+42cUzGvQDTX6lv1ssaI3jW
EkLtaU2zn6uDoerzrCz3KzHzWuYsgcqRKHv/N6IypVVtaRoHpi+7UElifqSrjskL
aDM=
-----END CERTIFICATE-----