Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6658889f-ec8b-4acf-8e6d-eb95d4d69696.roa
File:                     6658889f-ec8b-4acf-8e6d-eb95d4d69696.roa (raw, json)
Hash identifier:          SD2dzNGOWzY1xZVsyMp7bUhlakYuXUgHgmmn0uTO3i8=
Subject key identifier:   71:99:11:67:D1:69:7D:74:81:E0:36:91:C9:44:7C:A3:F8:55:E9:02
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6D43B4E726E0AD1A073DEC067046E2D32396F736
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6658889f-ec8b-4acf-8e6d-eb95d4d69696.roa
Signing time:             Thu 17 Apr 2025 16:07:30 +0000
ROA not before:           Thu 17 Apr 2025 16:07:30 +0000
ROA not after:            Thu 22 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daee:2000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Thu 17 Apr 2025 20:09:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:43:b4:e7:26:e0:ad:1a:07:3d:ec:06:70:46:e2:d3:23:96:f7:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Apr 17 16:07:30 2025 GMT
            Not After : May 22 23:59:59 2025 GMT
        Subject: serialNumber=42103548fae8dddbdef6508b4bd9892496b4c9de359a2a8a0df1ca10c405ddb6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:48:3a:9e:52:1b:1e:cf:70:54:54:30:9c:b4:
                    e2:13:22:bf:4b:f3:0f:22:fa:b0:18:41:a8:29:81:
                    fe:a3:db:40:55:13:23:bf:9a:5a:ca:00:39:2d:50:
                    71:a5:67:54:74:db:e6:93:48:6a:ce:b9:7b:89:6c:
                    23:76:82:95:47:72:12:a6:da:8a:62:60:d3:f1:46:
                    6f:c0:e5:83:c6:77:3f:3c:9e:f4:f6:81:2b:bf:d1:
                    d8:d2:cb:1c:ed:32:70:ff:e6:49:6a:59:7c:9a:b5:
                    51:2c:5e:a1:b5:74:3b:f5:ee:48:b6:67:52:df:8c:
                    dc:22:a6:fa:82:5b:13:ff:be:e2:17:06:83:fa:dd:
                    a1:84:08:3b:c1:5b:a2:2a:c2:7d:f4:17:6d:f3:6c:
                    5e:bb:a1:d4:4a:3c:b2:10:ee:a9:8c:6f:7c:88:30:
                    34:c3:96:ba:a7:ab:00:7f:73:46:a3:0b:ff:d6:47:
                    17:08:66:84:2f:af:5e:76:96:96:6e:88:11:d5:fb:
                    73:16:03:00:bb:bf:90:cd:fc:2e:36:fe:b3:7d:fe:
                    03:59:1d:a1:54:93:e5:dc:76:a8:41:8d:2b:0c:75:
                    ab:9b:2e:49:8e:9f:64:15:4c:f0:f2:28:27:e6:8c:
                    ac:b3:9a:d8:75:c8:57:1d:4c:8f:6e:70:c5:40:71:
                    7c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:99:11:67:D1:69:7D:74:81:E0:36:91:C9:44:7C:A3:F8:55:E9:02
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6658889f-ec8b-4acf-8e6d-eb95d4d69696.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daee:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         1c:20:cf:47:e7:18:c9:d4:aa:c4:c7:d5:c6:cd:1d:be:de:a2:
         bf:7e:27:bc:79:46:8d:22:de:b8:88:ae:f0:bc:94:b8:1e:e7:
         34:89:a1:0b:ef:19:01:b6:e9:e8:c1:21:7b:e9:4a:d3:73:0a:
         33:51:ce:e2:f9:b4:98:8e:84:b6:90:84:24:10:fc:9e:4b:c3:
         60:8a:36:7a:1c:8a:1c:6c:4c:bf:07:95:fc:55:54:58:93:0d:
         6e:10:ff:ae:bd:2d:de:85:ec:70:13:e2:ed:f3:e0:fb:c1:a4:
         ef:99:17:35:8d:6e:af:e8:1a:3d:a3:27:cd:aa:a2:c7:f0:b6:
         35:d5:3a:6a:9e:69:f5:78:cc:bd:ec:2f:2e:4c:8a:dd:e1:69:
         f1:71:02:17:49:19:51:dd:5d:d7:c5:ee:97:b3:6a:b4:3f:02:
         4a:f7:59:a1:16:37:83:aa:61:3c:cf:ad:12:bf:11:00:f8:37:
         dd:1d:ed:99:9c:e4:a5:bd:36:7d:c8:06:e7:ee:d6:f3:54:f4:
         8e:0d:01:09:24:cc:da:ec:72:a1:a1:03:23:66:fe:34:2d:90:
         44:dd:2f:cb:7b:68:bf:51:ab:ad:72:38:27:a6:b6:af:af:9a:
         62:cf:ec:05:62:c9:11:84:35:30:39:5a:9a:bf:38:ed:bc:3b:
         84:b4:ed:b5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbUO05ybgrRoHPewGcEbi0yOW9zYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxNzE2MDczMFoX
DTI1MDUyMjIzNTk1OVowejFJMEcGA1UEBRNANDIxMDM1NDhmYWU4ZGRkYmRlZjY1
MDhiNGJkOTg5MjQ5NmI0YzlkZTM1OWEyYThhMGRmMWNhMTBjNDA1ZGRiNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEg6nlIbHs9wVFQwnLTiEyK/S/MP
IvqwGEGoKYH+o9tAVRMjv5paygA5LVBxpWdUdNvmk0hqzrl7iWwjdoKVR3ISptqK
YmDT8UZvwOWDxnc/PJ709oErv9HY0ssc7TJw/+ZJall8mrVRLF6htXQ79e5ItmdS
34zcIqb6glsT/77iFwaD+t2hhAg7wVuiKsJ99Bdt82xeu6HUSjyyEO6pjG98iDA0
w5a6p6sAf3NGowv/1kcXCGaEL69edpaWbogR1ftzFgMAu7+QzfwuNv6zff4DWR2h
VJPl3HaoQY0rDHWrmy5Jjp9kFUzw8ign5oyss5rYdchXHUyPbnDFQHF8VQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHGZEWfRaX10geA2kclEfKP4VekCMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzY2NTg4ODlmLWVjOGItNGFjZi04ZTZkLWViOTVkNGQ2OTY5Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7iAwDQYJKoZIhvcNAQELBQADggEBABwgz0fnGMnUqsTH1cbN
Hb7eor9+J7x5Ro0i3riIrvC8lLge5zSJoQvvGQG26ejBIXvpStNzCjNRzuL5tJiO
hLaQhCQQ/J5Lw2CKNnocihxsTL8HlfxVVFiTDW4Q/669Ld6F7HAT4u3z4PvBpO+Z
FzWNbq/oGj2jJ82qosfwtjXVOmqeafV4zL3sLy5Mit3hafFxAhdJGVHdXdfF7pez
arQ/Akr3WaEWN4OqYTzPrRK/EQD4N90d7Zmc5KW9Nn3IBufu1vNU9I4NAQkkzNrs
cqGhAyNm/jQtkETdL8t7aL9Rq61yOCemtq+vmmLP7AViyRGENTA5Wpq/OO28O4S0
7bU=
-----END CERTIFICATE-----