Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/599f63dc-f3ac-4ed9-919a-1e154e3e433d.roa
File:                     599f63dc-f3ac-4ed9-919a-1e154e3e433d.roa (raw, json)
Hash identifier:          yo893rt/MbKljfD2MGI4moHZ0SGi06VUOutwL1JBRyg=
Subject key identifier:   C6:38:C5:B4:CC:D0:FE:7C:83:8D:ED:4B:2E:C4:E6:01:3C:3E:CE:C5
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       31DCED6B29FE32D1151A0A9253B76F62761A78BC
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/599f63dc-f3ac-4ed9-919a-1e154e3e433d.roa
Signing time:             Mon 10 Jun 2024 00:00:00 +0000
ROA not before:           Mon 10 Jun 2024 00:00:00 +0000
ROA not after:            Mon 15 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:f028::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 19:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:dc:ed:6b:29:fe:32:d1:15:1a:0a:92:53:b7:6f:62:76:1a:78:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun 10 00:00:00 2024 GMT
            Not After : Jul 15 23:59:59 2024 GMT
        Subject: serialNumber=5b048ebe751b6ca64ec842dbc1d5201af841128d7aa58f0aa232836e7f900651, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:13:da:cd:27:44:b9:70:45:53:74:79:79:4a:
                    f6:fc:72:12:15:96:ea:6b:f6:1d:fa:90:83:cf:9d:
                    ac:12:27:21:9b:86:b7:de:6e:b6:8c:b4:24:9b:38:
                    01:81:bc:58:ac:54:11:82:aa:ff:ae:cd:9d:75:a1:
                    f9:5f:4e:ea:77:2d:90:8d:39:51:60:06:44:d5:ed:
                    ad:1b:9e:67:a5:c9:d2:3a:2e:e4:7e:67:dc:ec:77:
                    7b:8e:d7:74:c4:5c:84:6a:df:34:7b:e5:b9:18:d0:
                    0b:3f:bf:84:11:df:05:5c:76:a8:1e:44:95:2a:5c:
                    65:0d:59:90:a7:ea:d8:c9:7f:cc:12:17:b2:82:09:
                    43:06:03:86:72:6f:e8:2f:27:df:25:08:49:73:45:
                    14:da:7e:93:05:75:c9:82:5a:41:07:4c:ff:10:ee:
                    df:a8:2b:42:d7:58:0b:05:27:3f:ed:02:32:dc:aa:
                    a1:a1:68:bf:18:b9:c6:e8:e3:36:32:c5:4e:6e:56:
                    72:2b:a7:6f:2e:da:4d:9f:47:51:04:2b:da:0e:5d:
                    0b:0c:d8:84:79:51:8a:43:ef:b7:f1:c5:a2:b5:89:
                    24:b5:14:f9:f5:a0:1f:cb:4f:37:b5:88:21:38:68:
                    93:44:97:e5:76:bd:06:11:da:14:e4:14:9b:12:3a:
                    40:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:38:C5:B4:CC:D0:FE:7C:83:8D:ED:4B:2E:C4:E6:01:3C:3E:CE:C5
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/599f63dc-f3ac-4ed9-919a-1e154e3e433d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f028::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:5a:91:dd:b1:5e:1f:09:45:57:6c:ee:97:4d:bf:2f:3f:34:
         bd:ae:85:8b:d0:b0:49:e5:fb:da:aa:0f:73:29:71:2d:e0:b4:
         b3:b8:44:27:ca:bb:1a:57:cd:2f:d6:e9:02:5c:2d:48:6c:d3:
         4a:f9:47:b8:96:97:f8:33:6c:90:2e:97:59:2d:e4:92:19:7b:
         57:31:10:69:2a:10:11:a1:68:e2:02:9f:d6:db:11:fc:36:68:
         a3:88:5a:7b:0a:2e:c9:6f:8d:36:1c:d3:ec:dd:42:72:ab:9a:
         40:8d:eb:02:57:f6:81:2e:61:7f:8c:96:96:d2:5f:6e:17:9f:
         77:48:3b:c4:84:89:48:56:eb:a0:da:eb:ca:9a:ce:fd:a5:27:
         8b:b5:5a:31:27:6e:f0:64:18:0b:56:48:26:9b:30:18:6a:4b:
         1d:25:1b:f7:74:29:f6:eb:59:33:8b:4b:a0:fc:97:34:75:62:
         3d:be:e0:ea:e8:d0:56:de:ad:89:7d:ba:46:f9:07:78:3b:24:
         32:bc:4d:65:25:b6:af:56:8b:98:ad:13:35:df:a7:a6:e2:78:
         36:ed:f7:bb:b1:a1:24:54:a3:8d:0b:b9:35:8e:13:d6:2a:1d:
         90:0a:48:ff:51:98:41:b5:e1:80:53:a9:38:8f:a9:35:ce:9d:
         2b:44:c3:bc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMdztayn+MtEVGgqSU7dvYnYaeLwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjEwMDAwMDAwWhcNMjQwNzE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjA0OGViZTc1MWI2Y2E2NGVjODQyZGJjMWQ1MjAxYWY4
NDExMjhkN2FhNThmMGFhMjMyODM2ZTdmOTAwNjUxMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtE9rNJ0S5cEVTdHl5Svb8chIVlupr9h36kIPPnawSJyGb
hrfebraMtCSbOAGBvFisVBGCqv+uzZ11oflfTup3LZCNOVFgBkTV7a0bnmelydI6
LuR+Z9zsd3uO13TEXIRq3zR75bkY0As/v4QR3wVcdqgeRJUqXGUNWZCn6tjJf8wS
F7KCCUMGA4Zyb+gvJ98lCElzRRTafpMFdcmCWkEHTP8Q7t+oK0LXWAsFJz/tAjLc
qqGhaL8Yucbo4zYyxU5uVnIrp28u2k2fR1EEK9oOXQsM2IR5UYpD77fxxaK1iSS1
FPn1oB/LTze1iCE4aJNEl+V2vQYR2hTkFJsSOkBzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUxjjFtMzQ/nyDje1LLsTmATw+zsUwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzU5OWY2M2RjLWYzYWMtNGVkOS05MTlhLTFlMTU0ZTNlNDMzZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8CgwDQYJKoZIhvcNAQELBQADggEBAB1akd2xXh8JRVds7pdNvy8/
NL2uhYvQsEnl+9qqD3MpcS3gtLO4RCfKuxpXzS/W6QJcLUhs00r5R7iWl/gzbJAu
l1kt5JIZe1cxEGkqEBGhaOICn9bbEfw2aKOIWnsKLslvjTYc0+zdQnKrmkCN6wJX
9oEuYX+MlpbSX24Xn3dIO8SEiUhW66Da68qazv2lJ4u1WjEnbvBkGAtWSCabMBhq
Sx0lG/d0KfbrWTOLS6D8lzR1Yj2+4Oro0FberYl9ukb5B3g7JDK8TWUltq9Wi5it
EzXfp6bieDbt97uxoSRUo40LuTWOE9YqHZAKSP9RmEG14YBTqTiPqTXOnStEw7w=
-----END CERTIFICATE-----