Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/590d6f40-01c9-4b1d-be58-3b5d32faf602.roa
File:                     590d6f40-01c9-4b1d-be58-3b5d32faf602.roa (raw, json)
Hash identifier:          39Zj0ImEaN/Q0U8G4JtWYD1FoCV2geeXj99N8BAzwsw=
Subject key identifier:   07:57:C5:6E:0A:26:C0:64:85:36:E6:40:A9:77:13:9E:0B:4D:BF:4E
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       0A873730FDD57CE811C5F22FCD89ECA6AF1CF2A3
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/590d6f40-01c9-4b1d-be58-3b5d32faf602.roa
Signing time:             Mon 10 Jun 2024 00:00:00 +0000
ROA not before:           Mon 10 Jun 2024 00:00:00 +0000
ROA not after:            Mon 15 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:f02c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 19:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:87:37:30:fd:d5:7c:e8:11:c5:f2:2f:cd:89:ec:a6:af:1c:f2:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun 10 00:00:00 2024 GMT
            Not After : Jul 15 23:59:59 2024 GMT
        Subject: serialNumber=903a26fd29f32c92bf55cc4ccd951902c6165fffb8e5f84cd47002f7fb9be6f1, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:95:89:a8:bc:17:c4:c9:6b:70:01:0a:70:56:
                    87:af:8a:14:c0:bc:e4:11:34:b1:86:81:2d:a3:fb:
                    0a:73:c6:e5:53:50:ce:53:9a:d6:f1:15:b5:8d:c9:
                    1d:db:52:c1:58:b4:1f:06:60:52:29:11:5f:27:49:
                    c3:8a:d1:cb:84:5a:d2:f3:37:f6:9c:d9:f8:b0:31:
                    1b:e4:13:98:14:33:8c:89:d9:92:a8:8c:09:59:87:
                    9c:49:f8:54:4d:9b:fe:e8:80:33:9c:65:00:5c:80:
                    49:45:66:6c:2a:70:cb:21:ea:d3:9e:98:00:ba:d9:
                    3c:bf:91:3f:cd:87:e7:47:ad:99:db:97:67:cb:90:
                    96:92:8f:60:70:9c:61:77:d8:86:b3:1e:5a:21:11:
                    af:a1:98:4a:7d:db:60:84:49:e6:14:94:47:7d:b9:
                    a4:8c:ec:d8:27:3d:da:f7:a4:21:6e:23:0a:7a:de:
                    18:7a:9c:08:44:65:b7:46:bc:e9:4b:c8:16:4a:c0:
                    ce:1a:72:62:9b:37:77:22:e1:f9:08:95:59:ab:ce:
                    cb:0d:e7:22:9e:40:b4:30:c4:c7:af:ba:23:78:15:
                    2f:fb:d9:d4:bc:64:07:b1:96:6a:53:57:9d:d3:d7:
                    63:02:b5:6b:6c:99:a5:95:4e:72:82:e9:96:bc:11:
                    e2:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:57:C5:6E:0A:26:C0:64:85:36:E6:40:A9:77:13:9E:0B:4D:BF:4E
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/590d6f40-01c9-4b1d-be58-3b5d32faf602.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f02c::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:b6:e0:44:fa:11:23:52:ba:16:2d:5b:ec:22:17:af:5a:74:
         b3:56:81:8b:99:b7:d4:df:67:9a:bb:6d:30:0e:37:d5:45:a2:
         61:76:91:08:fc:e6:3a:e3:11:11:57:52:6e:c1:57:9c:25:da:
         e3:fb:72:2f:b3:d7:dc:f6:d3:db:b9:0a:4b:fc:ff:c4:44:9e:
         fa:19:5a:fd:76:8e:62:8a:68:2f:3c:51:cf:ef:a4:1a:18:62:
         5d:c4:54:97:73:16:ca:86:62:43:33:90:ae:b7:9f:44:6c:04:
         f9:6b:2e:45:cc:c3:35:c3:3c:f6:eb:11:84:da:8a:e8:8d:e9:
         3d:84:b8:37:dd:56:7c:2f:ff:14:8b:66:60:72:b8:e8:3f:6d:
         fd:77:2c:ad:99:1d:fd:32:da:cc:5f:4a:60:81:6c:e2:13:74:
         50:79:31:05:5c:06:54:53:44:15:d2:a0:41:fc:3d:88:71:a4:
         22:ba:96:68:8b:76:45:0f:f6:b1:34:7c:b6:6e:15:0c:f5:23:
         6d:5f:ab:40:5a:22:46:a4:56:b9:5a:02:0e:d9:3a:4f:db:7a:
         f3:f2:d8:e1:69:4a:16:9f:2c:55:87:a4:dc:33:5e:c1:c0:ab:
         5d:8c:f2:d7:8f:e3:08:38:d4:5a:7a:18:23:49:94:5c:50:e4:
         a7:1b:8d:a3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUCoc3MP3VfOgRxfIvzYnspq8c8qMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjEwMDAwMDAwWhcNMjQwNzE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MDNhMjZmZDI5ZjMyYzkyYmY1NWNjNGNjZDk1MTkwMmM2
MTY1ZmZmYjhlNWY4NGNkNDcwMDJmN2ZiOWJlNmYxMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD1lYmovBfEyWtwAQpwVoevihTAvOQRNLGGgS2j+wpzxuVT
UM5TmtbxFbWNyR3bUsFYtB8GYFIpEV8nScOK0cuEWtLzN/ac2fiwMRvkE5gUM4yJ
2ZKojAlZh5xJ+FRNm/7ogDOcZQBcgElFZmwqcMsh6tOemAC62Ty/kT/Nh+dHrZnb
l2fLkJaSj2BwnGF32IazHlohEa+hmEp922CESeYUlEd9uaSM7NgnPdr3pCFuIwp6
3hh6nAhEZbdGvOlLyBZKwM4acmKbN3ci4fkIlVmrzssN5yKeQLQwxMevuiN4FS/7
2dS8ZAexlmpTV53T12MCtWtsmaWVTnKC6Za8EeIhAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUB1fFbgomwGSFNuZAqXcTngtNv04wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzU5MGQ2ZjQwLTAxYzktNGIxZC1iZTU4LTNiNWQzMmZhZjYwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8CwwDQYJKoZIhvcNAQELBQADggEBAFK24ET6ESNSuhYtW+wiF69a
dLNWgYuZt9TfZ5q7bTAON9VFomF2kQj85jrjERFXUm7BV5wl2uP7ci+z19z209u5
Ckv8/8REnvoZWv12jmKKaC88Uc/vpBoYYl3EVJdzFsqGYkMzkK63n0RsBPlrLkXM
wzXDPPbrEYTaiuiN6T2EuDfdVnwv/xSLZmByuOg/bf13LK2ZHf0y2sxfSmCBbOIT
dFB5MQVcBlRTRBXSoEH8PYhxpCK6lmiLdkUP9rE0fLZuFQz1I21fq0BaIkakVrla
Ag7ZOk/bevPy2OFpShafLFWHpNwzXsHAq12M8teP4wg41Fp6GCNJlFxQ5KcbjaM=
-----END CERTIFICATE-----