Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a5b21a25-68ef-44d5-a81a-8c36fd70b567.roa
File:                     a5b21a25-68ef-44d5-a81a-8c36fd70b567.roa (raw, json)
Hash identifier:          T8a21vvSfm0xX8uKPHFOPJ3eCX06icywS0znD0PJbdg=
Subject key identifier:   BE:BA:59:AD:37:2C:F9:09:5C:28:D9:07:2E:91:AE:0B:91:17:67:D5
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4AE09EE020E5496E18AB843178151DF96ADF7EB9
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a5b21a25-68ef-44d5-a81a-8c36fd70b567.roa
Signing time:             Fri 07 Jun 2024 00:00:00 +0000
ROA not before:           Fri 07 Jun 2024 00:00:00 +0000
ROA not after:            Fri 12 Jul 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:f003::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 18:56:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:e0:9e:e0:20:e5:49:6e:18:ab:84:31:78:15:1d:f9:6a:df:7e:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  7 00:00:00 2024 GMT
            Not After : Jul 12 23:59:59 2024 GMT
        Subject: serialNumber=0182581d1c2ac5cbf35a6b07a92b5d5dcc3f7d67bbca22b5c27ab1b156f338b8, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:73:3f:43:f9:78:80:76:2b:66:fc:ca:ca:8a:
                    db:d4:fc:a2:28:e8:60:b6:d5:aa:da:ae:97:49:07:
                    79:c2:61:bf:5a:a2:26:39:ab:9a:b3:4a:06:6a:34:
                    9c:28:86:e0:42:14:a3:88:53:1f:01:48:53:65:f3:
                    89:a5:6b:28:50:35:81:d9:f6:5b:3c:f6:d6:c7:79:
                    83:23:b4:29:89:0b:60:63:2e:d2:ec:49:f9:69:9c:
                    e3:4b:04:c1:a3:e4:d8:ce:55:24:4b:31:84:a1:a2:
                    f0:97:c5:5f:84:d7:de:3b:8d:af:c6:51:ae:6e:d9:
                    3a:e8:64:f3:bb:60:7b:a5:4b:d9:ed:f9:c9:1f:03:
                    e5:ac:89:8b:32:34:b2:6c:07:2d:74:ab:76:8c:e5:
                    e4:fd:61:77:59:94:5a:e8:56:da:b7:52:db:55:a9:
                    c6:92:8f:f5:f0:5d:72:64:46:0a:c6:e7:0d:c7:5c:
                    a6:3e:f1:8a:02:dc:9d:8f:9d:b3:4f:80:d1:e7:e1:
                    13:02:4c:12:22:2e:6c:19:19:be:4c:56:86:f4:42:
                    d7:6a:20:32:90:9d:45:3a:26:fc:aa:a1:af:99:2a:
                    87:19:7f:99:16:a0:27:9e:45:a0:02:98:f2:6d:17:
                    52:51:11:3d:85:87:b2:1e:2a:5b:d4:06:d4:7a:de:
                    ba:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:BA:59:AD:37:2C:F9:09:5C:28:D9:07:2E:91:AE:0B:91:17:67:D5
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a5b21a25-68ef-44d5-a81a-8c36fd70b567.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f003::/48

    Signature Algorithm: sha256WithRSAEncryption
         a3:15:15:f8:5b:29:6d:58:58:4d:d7:8f:35:6d:1a:f4:45:ed:
         01:dd:80:03:a3:3f:04:7f:16:b0:22:32:0b:1f:1b:49:a2:c4:
         6a:7b:66:a1:b0:3e:c4:be:e8:2e:41:f9:25:92:10:fd:8a:ff:
         18:c3:b5:a6:1e:6c:61:6e:c6:a7:fb:33:08:15:5b:78:66:9a:
         6e:1d:0b:3b:5e:fc:30:a4:0e:09:78:2c:41:77:03:11:d2:93:
         cb:b2:0b:04:ff:ff:77:85:08:ef:e7:9e:f0:e6:cd:d1:60:93:
         63:5a:bd:0b:d5:36:aa:66:4d:23:87:01:1f:24:d2:94:f7:46:
         91:b3:40:b6:01:cf:b3:37:eb:4c:0c:9b:cc:2b:8a:78:ab:3a:
         93:67:a9:c9:d9:8c:30:92:6d:3c:01:90:e4:68:c3:3e:65:9d:
         9b:9f:de:b6:ab:29:cf:0f:d5:e5:78:8b:1a:0c:bd:d3:29:79:
         d5:63:ea:ac:65:a3:3c:fc:6b:40:e7:d3:0c:97:48:86:7f:da:
         bc:95:01:86:84:e5:f4:0f:f0:d4:e9:0b:f0:f3:f7:8f:02:f2:
         f2:6e:57:69:a4:85:7e:f8:c4:90:93:a9:e5:80:ff:4b:50:ef:
         e3:9e:4e:77:b3:53:cc:0f:c3:16:e8:d7:83:e8:fb:fd:3b:a1:
         28:1a:66:f9
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSuCe4CDlSW4Yq4QxeBUd+WrffrkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjA3MDAwMDAwWhcNMjQwNzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTgyNTgxZDFjMmFjNWNiZjM1YTZiMDdhOTJiNWQ1ZGNj
M2Y3ZDY3YmJjYTIyYjVjMjdhYjFiMTU2ZjMzOGI4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0cz9D+XiAditm/MrKitvU/KIo6GC21ararpdJB3nCYb9a
oiY5q5qzSgZqNJwohuBCFKOIUx8BSFNl84mlayhQNYHZ9ls89tbHeYMjtCmJC2Bj
LtLsSflpnONLBMGj5NjOVSRLMYShovCXxV+E1947ja/GUa5u2TroZPO7YHulS9nt
+ckfA+WsiYsyNLJsBy10q3aM5eT9YXdZlFroVtq3UttVqcaSj/XwXXJkRgrG5w3H
XKY+8YoC3J2PnbNPgNHn4RMCTBIiLmwZGb5MVob0QtdqIDKQnUU6Jvyqoa+ZKocZ
f5kWoCeeRaACmPJtF1JRET2Fh7IeKlvUBtR63roXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUvrpZrTcs+QlcKNkHLpGuC5EXZ9UwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2E1YjIxYTI1LTY4ZWYtNDRkNS1hODFhLThjMzZmZDcwYjU2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8AMwDQYJKoZIhvcNAQELBQADggEBAKMVFfhbKW1YWE3XjzVtGvRF
7QHdgAOjPwR/FrAiMgsfG0mixGp7ZqGwPsS+6C5B+SWSEP2K/xjDtaYebGFuxqf7
MwgVW3hmmm4dCzte/DCkDgl4LEF3AxHSk8uyCwT//3eFCO/nnvDmzdFgk2NavQvV
NqpmTSOHAR8k0pT3RpGzQLYBz7M360wMm8wrinirOpNnqcnZjDCSbTwBkORowz5l
nZuf3rarKc8P1eV4ixoMvdMpedVj6qxlozz8a0Dn0wyXSIZ/2ryVAYaE5fQP8NTp
C/Dz948C8vJuV2mkhX74xJCTqeWA/0tQ7+OeTnezU8wPwxbo14Po+/07oSgaZvk=
-----END CERTIFICATE-----