Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/94cd6c78-eb74-48d6-820d-ce0e8ce4559a.roa
File:                     94cd6c78-eb74-48d6-820d-ce0e8ce4559a.roa (raw, json)
Hash identifier:          3zPs/VIW3r+MTWJybErXkaJmJpBLFnNSFOq2GHdfIiY=
Subject key identifier:   ED:21:B2:8C:7E:8F:E7:94:77:AA:A5:B9:96:9E:83:19:12:3C:A6:DB
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       20FA2A3ED38ED263270CECF121674586E38EA3CD
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/94cd6c78-eb74-48d6-820d-ce0e8ce4559a.roa
Signing time:             Fri 07 Jun 2024 00:00:00 +0000
ROA not before:           Fri 07 Jun 2024 00:00:00 +0000
ROA not after:            Fri 12 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:f00b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 18:56:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:fa:2a:3e:d3:8e:d2:63:27:0c:ec:f1:21:67:45:86:e3:8e:a3:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  7 00:00:00 2024 GMT
            Not After : Jul 12 23:59:59 2024 GMT
        Subject: serialNumber=96528fbe3002ff1ebb3825ad830f6c413a6b016d76e9f9dd4bd4464a3d1afb17, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:14:2a:49:e4:38:ab:f3:34:3b:b9:a9:8e:f7:
                    fe:a3:7e:a4:f5:38:21:ed:d2:df:37:81:51:79:4e:
                    16:ad:37:98:4a:ce:34:0d:c0:c0:94:6f:a9:8c:a3:
                    ce:ad:c4:1f:35:aa:c9:a1:d5:ca:7b:8a:30:d1:c6:
                    f8:4d:07:75:26:51:5b:6b:16:8b:4f:0f:26:92:5c:
                    43:86:79:3e:90:7f:fd:fc:7d:b9:54:0d:fb:b5:53:
                    55:4f:dd:4c:e1:98:57:9f:84:00:8f:c6:7d:a9:81:
                    ab:2b:90:9e:11:ae:95:1f:e4:b9:73:4f:1b:67:fa:
                    b1:50:a4:49:ed:1e:f4:02:00:ed:85:dd:0d:32:c6:
                    30:25:b4:27:a2:37:72:5f:75:d5:8c:f8:de:72:42:
                    73:a6:f0:a6:87:ee:85:21:d7:17:73:3f:c1:c2:09:
                    b5:6a:11:bd:5d:4c:cd:93:36:6a:e5:da:d9:fc:a3:
                    5d:4e:b8:36:93:82:2c:d7:6e:75:b9:48:21:67:75:
                    d2:04:6c:95:b2:01:1a:f3:11:c3:56:d9:d4:e6:20:
                    37:09:63:4f:27:01:74:9f:3a:a8:86:24:4e:14:8a:
                    36:12:a7:4a:85:4a:6a:59:b3:6a:00:59:51:76:83:
                    43:39:d7:d4:64:5f:d4:1d:d1:0e:2b:2a:27:13:3d:
                    72:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:21:B2:8C:7E:8F:E7:94:77:AA:A5:B9:96:9E:83:19:12:3C:A6:DB
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/94cd6c78-eb74-48d6-820d-ce0e8ce4559a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:51:1d:2c:25:49:57:17:46:8f:cc:78:6b:67:07:da:00:e5:
         5b:a1:b1:fa:d0:5d:95:f4:ff:70:82:bf:c2:35:32:70:38:fe:
         ee:3e:ef:d7:13:f0:02:19:d7:f9:33:c9:3f:fb:d1:fd:53:b1:
         cc:b8:93:a8:cb:d8:92:b8:90:fe:cb:f2:92:e1:6b:f9:7c:fb:
         81:be:5b:80:d0:94:d7:1c:57:c5:3b:e9:18:a5:e9:ca:2a:de:
         9c:45:c3:88:f2:1e:16:09:e1:f1:db:58:04:67:e9:26:01:13:
         7c:76:49:95:c5:bf:97:38:43:c1:67:25:6f:7c:3a:02:21:bf:
         78:0b:bf:73:1e:d3:e5:b9:b0:04:53:c1:18:dc:1b:b0:49:ee:
         d6:7d:54:33:a9:f1:8f:97:2c:b1:4e:74:10:8b:e1:31:40:26:
         3b:e3:9c:c4:18:93:1c:17:df:5d:25:82:5e:2e:e4:72:8b:8d:
         e0:46:67:84:6d:24:a3:93:14:03:b6:df:c6:96:86:11:57:79:
         4e:11:de:d5:f3:ec:36:4a:1f:40:b0:17:bb:cc:0d:69:2e:f6:
         1e:c5:f8:a6:85:4e:69:44:23:18:0d:5f:67:0d:b0:2f:e4:43:
         33:83:92:1a:67:ae:05:05:5d:0a:6c:9c:6b:5b:4f:15:32:e7:
         aa:88:0a:64
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUIPoqPtOO0mMnDOzxIWdFhuOOo80wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjA3MDAwMDAwWhcNMjQwNzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NjUyOGZiZTMwMDJmZjFlYmIzODI1YWQ4MzBmNmM0MTNh
NmIwMTZkNzZlOWY5ZGQ0YmQ0NDY0YTNkMWFmYjE3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUFCpJ5Dir8zQ7uamO9/6jfqT1OCHt0t83gVF5ThatN5hK
zjQNwMCUb6mMo86txB81qsmh1cp7ijDRxvhNB3UmUVtrFotPDyaSXEOGeT6Qf/38
fblUDfu1U1VP3UzhmFefhACPxn2pgasrkJ4RrpUf5LlzTxtn+rFQpEntHvQCAO2F
3Q0yxjAltCeiN3JfddWM+N5yQnOm8KaH7oUh1xdzP8HCCbVqEb1dTM2TNmrl2tn8
o11OuDaTgizXbnW5SCFnddIEbJWyARrzEcNW2dTmIDcJY08nAXSfOqiGJE4UijYS
p0qFSmpZs2oAWVF2g0M519RkX9Qd0Q4rKicTPXLnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU7SGyjH6P55R3qqW5lp6DGRI8ptswHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzk0Y2Q2Yzc4LWViNzQtNDhkNi04MjBkLWNlMGU4Y2U0NTU5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8AswDQYJKoZIhvcNAQELBQADggEBAChRHSwlSVcXRo/MeGtnB9oA
5VuhsfrQXZX0/3CCv8I1MnA4/u4+79cT8AIZ1/kzyT/70f1Tscy4k6jL2JK4kP7L
8pLha/l8+4G+W4DQlNccV8U76Ril6coq3pxFw4jyHhYJ4fHbWARn6SYBE3x2SZXF
v5c4Q8FnJW98OgIhv3gLv3Me0+W5sARTwRjcG7BJ7tZ9VDOp8Y+XLLFOdBCL4TFA
JjvjnMQYkxwX310lgl4u5HKLjeBGZ4RtJKOTFAO238aWhhFXeU4R3tXz7DZKH0Cw
F7vMDWku9h7F+KaFTmlEIxgNX2cNsC/kQzODkhpnrgUFXQpsnGtbTxUy56qICmQ=
-----END CERTIFICATE-----