Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0b0c357-7b15-4ff5-afb6-8cd1b38c1fa2.roa
File:                     c0b0c357-7b15-4ff5-afb6-8cd1b38c1fa2.roa (raw, json)
Hash identifier:          78qqdxbRYZgAVXLsUp8DziCkksOQimulzMs9y+46KmM=
Subject key identifier:   D7:CB:03:E3:30:B9:BF:59:34:56:50:D3:06:0B:E3:F9:15:12:87:CB
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       138FCA71CFA40363DE4B60E198728A81315E9EDB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0b0c357-7b15-4ff5-afb6-8cd1b38c1fa2.roa
Signing time:             Thu 17 Apr 2025 16:07:28 +0000
ROA not before:           Thu 17 Apr 2025 16:07:28 +0000
ROA not after:            Thu 22 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daee:1000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Thu 17 Apr 2025 20:09:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:8f:ca:71:cf:a4:03:63:de:4b:60:e1:98:72:8a:81:31:5e:9e:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Apr 17 16:07:28 2025 GMT
            Not After : May 22 23:59:59 2025 GMT
        Subject: serialNumber=ee3d5254bd8454aaa062c9f6820b0315198e0d2ca5740ed4181625f6a4affbc3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ec:27:da:6c:37:7f:2e:66:78:17:51:d7:0f:
                    87:e0:70:22:30:17:47:f9:d0:40:bf:96:dd:92:a5:
                    ad:f1:c2:79:14:b4:b4:6f:2c:a1:c8:a5:d0:5c:cf:
                    ac:e6:4d:f6:4b:65:82:b7:c8:ef:8a:f2:97:c5:e2:
                    0c:0e:4e:46:6b:d5:97:81:a0:61:da:6c:a4:9d:8f:
                    9b:82:49:ce:1d:e1:e9:a1:de:66:01:a8:59:71:ed:
                    e5:68:6a:53:a6:69:e6:17:bc:1b:61:9c:cf:15:7f:
                    13:76:7c:db:c0:1f:c8:9e:18:78:1c:03:3d:1f:a0:
                    88:b6:a8:b4:1f:80:37:a3:78:ca:21:5a:9d:c0:a6:
                    26:89:1b:4f:10:c6:1b:bb:bb:77:11:69:97:5c:27:
                    d0:1c:38:58:4b:57:c2:1e:48:84:b6:fd:98:07:e7:
                    17:99:15:4d:96:2d:a1:df:17:d0:e3:57:9d:69:b8:
                    7d:65:8c:d4:3a:d4:5d:8b:3a:22:02:cb:08:4d:d9:
                    01:6d:79:73:eb:97:48:ea:57:dc:c0:ca:98:b3:d8:
                    b8:87:ec:d3:2d:83:8e:f0:dd:69:88:7d:14:35:c0:
                    6e:13:d0:3d:63:9f:21:45:51:b3:a0:05:bd:4e:25:
                    df:ae:62:75:2d:f4:36:77:70:c8:9e:31:c6:22:f4:
                    7c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:CB:03:E3:30:B9:BF:59:34:56:50:D3:06:0B:E3:F9:15:12:87:CB
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0b0c357-7b15-4ff5-afb6-8cd1b38c1fa2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daee:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2b:e7:d1:1f:e5:9a:91:49:69:44:88:ac:3b:aa:b6:b2:8c:45:
         37:6b:4c:ba:ec:31:84:3e:8a:b3:78:a3:33:8b:f1:b1:4b:84:
         10:44:82:78:14:f3:95:56:a5:68:de:8c:92:b3:97:b4:22:f5:
         72:01:2b:5f:83:e2:42:46:54:14:39:28:38:b5:9b:f1:fb:36:
         2e:e0:9b:36:28:aa:95:f3:0f:c7:ce:e6:bb:6c:14:ab:bd:e6:
         7b:a9:4e:62:db:b5:11:eb:cf:ea:bc:f3:48:e5:bd:ce:3b:4d:
         16:0c:fb:f7:ae:de:87:e2:01:14:a2:8a:b7:f0:2e:82:41:29:
         77:51:96:ab:a4:c9:cb:84:c8:94:ed:70:0f:65:e8:d9:a7:a9:
         9a:6c:72:b8:d3:1e:7c:41:19:73:61:9b:6d:9d:ef:10:7b:4b:
         fe:a0:7d:45:9d:5b:91:70:30:a9:ad:5f:c5:24:8e:23:76:32:
         a6:ab:51:d8:c3:0c:1a:ff:cf:dd:23:a8:d9:33:ac:e5:36:9a:
         01:fa:17:85:9d:4a:fe:ea:5a:99:9e:80:82:e6:2d:23:2f:13:
         f6:74:a1:7a:2a:ad:04:17:7c:07:de:cf:50:34:00:72:f8:94:
         8b:02:04:7b:13:b8:d2:d7:5f:3b:cf:e9:de:1b:19:cb:61:ad:
         22:39:0b:a3
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUE4/Kcc+kA2PeS2DhmHKKgTFentswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxNzE2MDcyOFoX
DTI1MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAZWUzZDUyNTRiZDg0NTRhYWEwNjJj
OWY2ODIwYjAzMTUxOThlMGQyY2E1NzQwZWQ0MTgxNjI1ZjZhNGFmZmJjMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApewn2mw3fy5meBdR1w+H4HAiMBdH
+dBAv5bdkqWt8cJ5FLS0byyhyKXQXM+s5k32S2WCt8jvivKXxeIMDk5Ga9WXgaBh
2myknY+bgknOHeHpod5mAahZce3laGpTpmnmF7wbYZzPFX8TdnzbwB/Inhh4HAM9
H6CItqi0H4A3o3jKIVqdwKYmiRtPEMYbu7t3EWmXXCfQHDhYS1fCHkiEtv2YB+cX
mRVNli2h3xfQ41edabh9ZYzUOtRdizoiAssITdkBbXlz65dI6lfcwMqYs9i4h+zT
LYOO8N1piH0UNcBuE9A9Y58hRVGzoAW9TiXfrmJ1LfQ2d3DInjHGIvR84QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNfLA+Mwub9ZNFZQ0wYL4/kVEofLMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MwYjBjMzU3LTdiMTUtNGZmNS1hZmI2LThjZDFiMzhjMWZhMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7hAwDQYJKoZIhvcNAQELBQADggEBACvn0R/lmpFJaUSIrDuq
trKMRTdrTLrsMYQ+irN4ozOL8bFLhBBEgngU85VWpWjejJKzl7Qi9XIBK1+D4kJG
VBQ5KDi1m/H7Ni7gmzYoqpXzD8fO5rtsFKu95nupTmLbtRHrz+q880jlvc47TRYM
+/eu3ofiARSiirfwLoJBKXdRlqukycuEyJTtcA9l6NmnqZpscrjTHnxBGXNhm22d
7xB7S/6gfUWdW5FwMKmtX8UkjiN2MqarUdjDDBr/z90jqNkzrOU2mgH6F4WdSv7q
WpmegILmLSMvE/Z0oXoqrQQXfAfez1A0AHL4lIsCBHsTuNLXXzvP6d4bGcthrSI5
C6M=
-----END CERTIFICATE-----