Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5cdd1fcb-5c76-4697-bc78-0d70a7ec670b.roa
File:                     5cdd1fcb-5c76-4697-bc78-0d70a7ec670b.roa (raw, json)
Hash identifier:          eD7gGVxo+jH94rxKNiFZl2tNitMTPxagAo8DX7+rT4g=
Subject key identifier:   1F:16:12:F5:58:F7:89:E6:6A:5A:65:BF:8A:44:9B:50:03:B7:7D:9E
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       13DEC8B10FC69A8D6D8C8EE6C804DB61EB756D9D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5cdd1fcb-5c76-4697-bc78-0d70a7ec670b.roa
Signing time:             Thu 17 Apr 2025 16:08:53 +0000
ROA not before:           Thu 17 Apr 2025 16:08:53 +0000
ROA not after:            Thu 22 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daee:b000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Thu 17 Apr 2025 20:22:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:de:c8:b1:0f:c6:9a:8d:6d:8c:8e:e6:c8:04:db:61:eb:75:6d:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Apr 17 16:08:53 2025 GMT
            Not After : May 22 23:59:59 2025 GMT
        Subject: serialNumber=e13f2bbb30e73d60410284256bd02d4989ef12fb255fe76d118e14cbc65af3f8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b7:42:b3:43:f1:c9:6f:5d:dd:01:3d:3d:3d:
                    10:ff:7a:83:54:11:3f:59:3f:e0:54:13:30:bc:33:
                    86:36:fc:57:76:b7:b0:e7:59:d1:67:fc:ff:e8:db:
                    10:dc:52:82:78:9e:3d:bb:11:52:7f:e6:93:1a:49:
                    9f:f1:21:f1:3b:e7:36:4d:04:cb:43:12:5d:c4:ee:
                    13:76:b5:88:0f:db:22:8e:c3:ea:69:2a:00:45:70:
                    2b:3b:45:a6:3f:31:94:9a:6c:dc:cd:71:52:e6:41:
                    9e:f9:8f:3b:5a:3b:16:ee:b5:d7:66:68:b1:c2:59:
                    e2:51:c0:f4:1e:9a:2c:ad:de:ab:a3:8b:d1:77:a3:
                    39:96:bd:1d:8f:fc:ee:c8:32:10:0a:79:f0:1c:78:
                    c8:32:ea:d7:d3:07:88:a5:7d:d3:96:14:ad:d6:be:
                    b8:35:4f:f6:1c:cb:5a:b1:de:d4:d7:10:af:c5:86:
                    18:30:9e:5e:7a:8e:28:80:80:03:79:59:f7:1c:c2:
                    86:53:89:98:c2:8b:54:9c:7c:e4:a8:e6:39:58:b5:
                    90:e9:f5:09:9c:16:96:fb:35:32:28:40:51:ab:1c:
                    50:76:7f:cf:8b:7a:ff:d0:e7:99:44:16:d1:6d:c4:
                    95:1b:b1:5f:56:2e:91:b6:ad:6f:7e:83:aa:4b:f9:
                    e5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:16:12:F5:58:F7:89:E6:6A:5A:65:BF:8A:44:9B:50:03:B7:7D:9E
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5cdd1fcb-5c76-4697-bc78-0d70a7ec670b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daee:b000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2f:ce:36:6b:27:82:b9:f6:f5:f9:66:cf:1c:00:8d:07:85:83:
         bb:05:d1:50:69:49:15:69:11:4f:d6:67:65:37:e5:48:cb:64:
         33:7c:4d:87:bb:f0:eb:0d:cb:ab:c6:43:b7:36:2b:54:7d:df:
         02:c4:37:e9:e6:e0:ea:0f:cf:4b:d4:2b:30:02:59:33:e5:20:
         cb:45:f9:c2:0c:09:4a:ca:8a:d4:1d:2c:29:87:25:f6:58:ef:
         30:d0:8e:d0:1b:a3:4c:d6:87:cc:24:5f:cb:c6:29:47:d7:62:
         3e:3e:ca:3e:47:0d:7f:89:8c:11:61:16:ab:93:7c:0a:ac:d8:
         08:28:8a:f9:64:db:12:a9:30:02:1a:f8:f5:01:94:07:96:5d:
         f2:7b:a5:ce:5e:ba:29:a4:ff:58:4b:14:a7:a4:8e:c4:fe:62:
         b9:9a:69:f5:69:6c:1d:3c:04:34:53:a1:32:da:82:fb:88:32:
         83:48:52:a6:d5:08:01:cc:76:f5:bd:15:e0:04:52:6f:f4:7a:
         e5:71:b4:1e:db:b5:c0:76:6e:cd:82:8e:47:70:0e:43:d0:4f:
         cb:12:2c:fa:f7:84:b5:72:64:1c:a0:4b:d3:07:6e:1d:4f:90:
         8a:ec:1d:eb:90:5f:07:06:0a:e1:ad:86:8e:ff:41:f0:f3:2a:
         63:a3:5d:55
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUE97IsQ/Gmo1tjI7myATbYet1bZ0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxNzE2MDg1M1oX
DTI1MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAZTEzZjJiYmIzMGU3M2Q2MDQxMDI4
NDI1NmJkMDJkNDk4OWVmMTJmYjI1NWZlNzZkMTE4ZTE0Y2JjNjVhZjNmODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7dCs0PxyW9d3QE9PT0Q/3qDVBE/
WT/gVBMwvDOGNvxXdrew51nRZ/z/6NsQ3FKCeJ49uxFSf+aTGkmf8SHxO+c2TQTL
QxJdxO4TdrWID9sijsPqaSoARXArO0WmPzGUmmzczXFS5kGe+Y87WjsW7rXXZmix
wlniUcD0Hposrd6ro4vRd6M5lr0dj/zuyDIQCnnwHHjIMurX0weIpX3TlhSt1r64
NU/2HMtasd7U1xCvxYYYMJ5eeo4ogIADeVn3HMKGU4mYwotUnHzkqOY5WLWQ6fUJ
nBaW+zUyKEBRqxxQdn/Pi3r/0OeZRBbRbcSVG7FfVi6Rtq1vfoOqS/nlXwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFB8WEvVY94nmalplv4pEm1ADt32eMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVjZGQxZmNiLTVjNzYtNDY5Ny1iYzc4LTBkNzBhN2VjNjcwYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7rAwDQYJKoZIhvcNAQELBQADggEBAC/ONmsngrn29flmzxwA
jQeFg7sF0VBpSRVpEU/WZ2U35UjLZDN8TYe78OsNy6vGQ7c2K1R93wLEN+nm4OoP
z0vUKzACWTPlIMtF+cIMCUrKitQdLCmHJfZY7zDQjtAbo0zWh8wkX8vGKUfXYj4+
yj5HDX+JjBFhFquTfAqs2Agoivlk2xKpMAIa+PUBlAeWXfJ7pc5euimk/1hLFKek
jsT+YrmaafVpbB08BDRToTLagvuIMoNIUqbVCAHMdvW9FeAEUm/0euVxtB7btcB2
bs2CjkdwDkPQT8sSLPr3hLVyZBygS9MHbh1PkIrsHeuQXwcGCuGtho7/QfDzKmOj
XVU=
-----END CERTIFICATE-----