Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a0b069c4-2fbd-488a-a3ef-35b62317ea42.roa
File:                     a0b069c4-2fbd-488a-a3ef-35b62317ea42.roa (raw, json)
Hash identifier:          6B7DrQPrVDKHSvBTJQ2BnNULYBsDyTQ04o9uTEJY6xU=
Subject key identifier:   4B:34:20:DF:13:06:FA:3D:70:E6:ED:48:1B:F8:5A:0E:D1:84:BB:9F
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       3F4BE09541C6AB55336350D9B44C8EEAE24DD245
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a0b069c4-2fbd-488a-a3ef-35b62317ea42.roa
Signing time:             Sat 08 Jun 2024 00:00:00 +0000
ROA not before:           Sat 08 Jun 2024 00:00:00 +0000
ROA not after:            Sat 13 Jul 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:f01b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 18:59:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:4b:e0:95:41:c6:ab:55:33:63:50:d9:b4:4c:8e:ea:e2:4d:d2:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  8 00:00:00 2024 GMT
            Not After : Jul 13 23:59:59 2024 GMT
        Subject: serialNumber=f765d82f5eb7153d797c19ba598464ca02d3a365864c45d4fa200f39cb6ad012, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:48:67:df:e9:d8:68:1c:72:28:92:32:84:39:
                    a8:c2:b0:4f:ba:50:0f:ce:cd:ca:d5:04:27:31:8c:
                    42:f3:6d:5a:29:64:7e:b3:99:dc:4f:c0:6a:60:0e:
                    d8:29:2d:9c:09:83:05:bc:53:58:b5:a7:4c:81:a2:
                    4c:00:69:9e:8c:5e:32:22:b7:18:41:bd:c4:73:6b:
                    ed:2c:b6:c2:f6:e6:98:17:53:f8:ad:9e:45:4a:d0:
                    44:73:18:62:11:69:cb:49:86:20:82:4a:3f:ba:d5:
                    8b:92:e8:7f:4c:25:c5:0c:47:5e:e7:07:e9:8f:50:
                    dc:57:8b:4b:29:3d:88:f5:29:98:bd:37:bf:e5:4b:
                    69:73:d1:9b:fe:1c:84:b6:be:65:2f:ce:2d:84:76:
                    d9:32:b7:1c:05:f8:9e:47:24:21:05:e8:e6:e4:68:
                    5c:dc:ae:df:50:e5:68:38:f9:ba:4d:7b:dd:3c:3e:
                    4e:a3:2b:3a:2e:c0:be:51:9c:72:c4:04:1f:9a:22:
                    16:25:5f:00:b5:b6:57:95:cc:52:04:03:36:ae:25:
                    71:70:17:0f:1c:d5:a3:04:e6:4d:95:7e:ab:f8:49:
                    ee:e1:9d:06:a2:df:1f:9b:6d:72:a9:45:a8:ab:4d:
                    3d:2e:6f:28:65:c0:47:e1:8c:f3:22:73:00:c0:79:
                    47:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:34:20:DF:13:06:FA:3D:70:E6:ED:48:1B:F8:5A:0E:D1:84:BB:9F
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a0b069c4-2fbd-488a-a3ef-35b62317ea42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f01b::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:87:e9:37:68:19:c8:f7:45:8e:1a:89:d5:8e:f6:cd:d4:3a:
         c3:f5:ae:42:e9:7d:4a:3f:53:68:d6:8e:21:91:b1:53:b9:66:
         6b:3f:6b:a0:b0:c9:74:81:7d:39:f8:e0:3f:0b:01:89:d2:c8:
         e8:6b:c3:66:12:fc:fa:ce:a4:31:e6:83:9b:fe:a4:07:86:5f:
         74:f3:40:a5:30:1e:28:d8:cb:2f:84:2e:f1:ab:f5:73:d2:50:
         56:aa:bf:39:89:d9:f1:e9:69:f0:75:e8:c2:7d:b8:67:79:a4:
         e5:2c:f7:ff:79:88:3c:f9:66:1d:b0:23:6c:e2:c8:fa:13:5f:
         32:57:4a:d5:64:e8:e4:ac:3a:d7:7c:c8:4a:90:bd:e5:bd:98:
         b7:f5:2b:d1:67:fa:bb:45:42:a1:01:5b:30:f1:48:29:25:73:
         ac:11:8b:61:c9:c6:f1:49:7f:87:db:00:59:ae:68:57:b7:5f:
         97:38:43:ee:78:c9:3d:29:ef:70:69:a6:e4:6b:f6:da:12:d3:
         24:4d:cd:20:1d:08:30:48:cf:37:5c:63:47:c2:aa:fb:59:d0:
         fb:b5:ed:9e:59:26:13:33:33:96:3c:42:6d:12:63:e2:4a:05:
         11:cf:bb:d3:d2:29:49:95:dd:7f:c2:9b:69:ce:2c:fa:b6:d8:
         95:25:fa:81
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUP0vglUHGq1UzY1DZtEyO6uJN0kUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjA4MDAwMDAwWhcNMjQwNzEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzY1ZDgyZjVlYjcxNTNkNzk3YzE5YmE1OTg0NjRjYTAy
ZDNhMzY1ODY0YzQ1ZDRmYTIwMGYzOWNiNmFkMDEyMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+SGff6dhoHHIokjKEOajCsE+6UA/OzcrVBCcxjELzbVop
ZH6zmdxPwGpgDtgpLZwJgwW8U1i1p0yBokwAaZ6MXjIitxhBvcRza+0stsL25pgX
U/itnkVK0ERzGGIRactJhiCCSj+61YuS6H9MJcUMR17nB+mPUNxXi0spPYj1KZi9
N7/lS2lz0Zv+HIS2vmUvzi2EdtkytxwF+J5HJCEF6ObkaFzcrt9Q5Wg4+bpNe908
Pk6jKzouwL5RnHLEBB+aIhYlXwC1tleVzFIEAzauJXFwFw8c1aME5k2Vfqv4Se7h
nQai3x+bbXKpRairTT0ubyhlwEfhjPMicwDAeUc3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUSzQg3xMG+j1w5u1IG/haDtGEu58wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2EwYjA2OWM0LTJmYmQtNDg4YS1hM2VmLTM1YjYyMzE3ZWE0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8BswDQYJKoZIhvcNAQELBQADggEBAB2H6TdoGcj3RY4aidWO9s3U
OsP1rkLpfUo/U2jWjiGRsVO5Zms/a6CwyXSBfTn44D8LAYnSyOhrw2YS/PrOpDHm
g5v+pAeGX3TzQKUwHijYyy+ELvGr9XPSUFaqvzmJ2fHpafB16MJ9uGd5pOUs9/95
iDz5Zh2wI2ziyPoTXzJXStVk6OSsOtd8yEqQveW9mLf1K9Fn+rtFQqEBWzDxSCkl
c6wRi2HJxvFJf4fbAFmuaFe3X5c4Q+54yT0p73BppuRr9toS0yRNzSAdCDBIzzdc
Y0fCqvtZ0Pu17Z5ZJhMzM5Y8Qm0SY+JKBRHPu9PSKUmV3X/Cm2nOLPq22JUl+oE=
-----END CERTIFICATE-----