Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d6c0f9b-e016-48c7-9b6d-d9fe2595f372.roa
File:                     6d6c0f9b-e016-48c7-9b6d-d9fe2595f372.roa (raw, json)
Hash identifier:          AInciBXVDq5G0wA0TEt3YonPi3EaMLMWTy373kPc/rE=
Subject key identifier:   3E:7A:BA:08:12:DB:B8:47:FA:4E:20:20:2E:3A:DF:01:87:97:57:11
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       743B937285773B7D8CC26E1599A45B4E0B1594A6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d6c0f9b-e016-48c7-9b6d-d9fe2595f372.roa
Signing time:             Mon 12 May 2025 15:01:05 +0000
ROA not before:           Mon 12 May 2025 15:01:05 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daee:800::/40 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:08:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:3b:93:72:85:77:3b:7d:8c:c2:6e:15:99:a4:5b:4e:0b:15:94:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 12 15:01:05 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=68b83b83ccd6e4e5f2fc1522fd363db933aa098b695faa307e9c743edf1537a3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:01:69:c3:35:29:6c:a8:10:74:40:1d:39:b0:
                    b6:c9:a6:56:73:93:d0:6b:32:df:92:48:f8:d8:a7:
                    69:c8:4d:d8:28:d0:76:f3:c5:fc:c0:e4:0a:32:5a:
                    49:3b:e4:ae:30:13:e3:d5:7b:cd:a0:88:5c:81:de:
                    6d:ac:36:83:14:02:97:72:eb:f7:6f:75:db:32:29:
                    f8:72:47:1d:cb:9f:df:6a:1f:35:59:a8:fc:10:0d:
                    dc:55:0c:3b:ff:c6:3e:1a:d3:d1:36:ef:d5:55:ff:
                    36:db:b8:d8:9f:25:ee:17:70:87:95:dc:ba:36:04:
                    df:9c:a3:de:60:5c:7f:97:be:36:15:56:c5:3a:a0:
                    ea:c9:fb:8e:83:b5:95:7e:3c:8a:8b:60:fc:34:5a:
                    a4:4a:7f:2d:ba:fd:41:87:a2:aa:5e:f5:41:27:eb:
                    4c:26:47:07:e6:d1:cb:ae:a9:bf:8e:88:a6:ab:04:
                    e4:0e:b6:42:de:a2:25:43:1a:6f:c2:76:bb:b9:96:
                    37:79:3e:8e:1f:ba:5a:77:ff:27:51:14:44:b0:3a:
                    fb:4f:7b:8c:a4:9a:6a:ed:aa:b1:31:be:b3:a1:1c:
                    72:ac:d8:56:81:59:6a:9f:5c:2f:4d:13:65:34:80:
                    05:5a:22:bf:fa:27:8e:af:c9:08:40:ea:8a:2a:4e:
                    d1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:7A:BA:08:12:DB:B8:47:FA:4E:20:20:2E:3A:DF:01:87:97:57:11
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d6c0f9b-e016-48c7-9b6d-d9fe2595f372.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daee:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         cb:dc:f1:20:02:48:17:c0:59:d3:fc:81:e6:f2:54:ad:4b:0b:
         d7:22:6b:ba:76:2c:96:95:c0:d9:6e:a6:c1:1c:81:99:97:f9:
         59:65:99:b8:3c:8a:6e:7e:1d:36:9a:04:ff:e3:e4:bf:eb:b4:
         35:55:dc:d3:b0:17:d3:e3:ec:4f:f2:fe:a8:cd:cf:2a:b1:18:
         d5:e6:f0:ac:5d:60:80:a9:79:22:a1:38:b0:69:0b:55:63:d8:
         87:3a:1e:cc:53:9d:66:59:c5:08:b0:3d:06:db:91:a4:06:03:
         d1:db:2c:07:54:0b:d8:57:56:24:4b:cc:ff:12:10:f1:5e:0a:
         05:f8:4a:39:74:45:1c:a2:01:37:49:03:49:87:04:1b:5f:0a:
         3a:a1:f5:61:8f:5a:9d:63:05:3f:33:e0:6d:17:8b:40:2a:32:
         e4:e8:95:9d:d2:f0:a8:ba:18:8c:6e:4d:70:ba:ee:51:ab:d4:
         95:b3:e2:20:ae:fd:ad:a6:79:e7:12:2f:f9:f2:15:3a:82:d8:
         b5:16:d8:66:97:6c:b0:a2:4e:dc:05:e6:31:01:e0:d3:9f:3d:
         42:cc:b3:dc:3a:76:a5:09:76:32:ff:64:bf:ef:e2:e0:1b:8a:
         f8:33:f8:7c:fc:6d:18:8c:13:ff:07:4f:dc:07:ab:a1:a2:46:
         d2:0c:31:15
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUdDuTcoV3O32Mwm4VmaRbTgsVlKYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MDEwNVoX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNANjhiODNiODNjY2Q2ZTRlNWYyZmMx
NTIyZmQzNjNkYjkzM2FhMDk4YjY5NWZhYTMwN2U5Yzc0M2VkZjE1MzdhMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gFpwzUpbKgQdEAdObC2yaZWc5PQ
azLfkkj42KdpyE3YKNB288X8wOQKMlpJO+SuMBPj1XvNoIhcgd5trDaDFAKXcuv3
b3XbMin4ckcdy5/fah81Waj8EA3cVQw7/8Y+GtPRNu/VVf8227jYnyXuF3CHldy6
NgTfnKPeYFx/l742FVbFOqDqyfuOg7WVfjyKi2D8NFqkSn8tuv1Bh6KqXvVBJ+tM
JkcH5tHLrqm/joimqwTkDrZC3qIlQxpvwna7uZY3eT6OH7pad/8nURREsDr7T3uM
pJpq7aqxMb6zoRxyrNhWgVlqn1wvTRNlNIAFWiK/+ieOr8kIQOqKKk7RrQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFD56uggS27hH+k4gIC463wGHl1cRMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZkNmMwZjliLWUwMTYtNDhjNy05YjZkLWQ5ZmUyNTk1ZjM3Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7ggwDQYJKoZIhvcNAQELBQADggEBAMvc8SACSBfAWdP8geby
VK1LC9cia7p2LJaVwNlupsEcgZmX+Vllmbg8im5+HTaaBP/j5L/rtDVV3NOwF9Pj
7E/y/qjNzyqxGNXm8KxdYICpeSKhOLBpC1Vj2Ic6HsxTnWZZxQiwPQbbkaQGA9Hb
LAdUC9hXViRLzP8SEPFeCgX4Sjl0RRyiATdJA0mHBBtfCjqh9WGPWp1jBT8z4G0X
i0AqMuTolZ3S8Ki6GIxuTXC67lGr1JWz4iCu/a2meecSL/nyFTqC2LUW2GaXbLCi
TtwF5jEB4NOfPULMs9w6dqUJdjL/ZL/v4uAbivgz+Hz8bRiME/8HT9wHq6GiRtIM
MRU=
-----END CERTIFICATE-----