Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c18f7738-0b76-4278-b789-8ad684281027.roa
File:                     c18f7738-0b76-4278-b789-8ad684281027.roa (raw, json)
Hash identifier:          cDA2bJDwJxvHWhyX7ZBsvSK+Wzb1PFD8QldRY8BRhMs=
Subject key identifier:   69:82:F9:EB:72:A9:4A:2E:0B:1B:D3:4B:D5:4C:29:15:FF:FA:4F:79
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       20D65E9BE82ED362F7AF765A0864A0D2AABE28CD
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c18f7738-0b76-4278-b789-8ad684281027.roa
Signing time:             Sat 08 Jun 2024 00:00:00 +0000
ROA not before:           Sat 08 Jun 2024 00:00:00 +0000
ROA not after:            Sat 13 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:f019::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 18:59:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:d6:5e:9b:e8:2e:d3:62:f7:af:76:5a:08:64:a0:d2:aa:be:28:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  8 00:00:00 2024 GMT
            Not After : Jul 13 23:59:59 2024 GMT
        Subject: serialNumber=3db78089d1dbb5b39c453c004c91fd22e4bef411550678d84f08212ec2d9f2b0, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:1f:1d:11:7f:97:54:36:86:6c:c5:eb:d3:39:
                    5f:fe:a3:79:72:bf:80:61:85:3a:59:97:5f:10:84:
                    18:45:83:fc:8b:2f:42:f8:9b:5a:14:8b:dd:21:20:
                    fc:47:f1:24:28:c2:6b:06:ff:20:cc:62:44:e0:26:
                    b5:97:8b:cf:ab:d6:72:5a:ca:f9:15:cd:44:62:4c:
                    30:f3:8d:79:64:60:54:86:a7:81:2a:42:fc:6c:fe:
                    ab:9b:eb:b2:36:55:58:f4:b8:6f:d9:bb:69:a0:1b:
                    52:05:10:62:21:dc:5f:76:f1:2a:3a:6f:cf:2e:83:
                    12:c1:cb:96:c1:27:83:69:c5:2d:0f:27:3d:07:0a:
                    87:cf:3c:0c:c9:c1:a0:ca:b7:1a:c2:da:64:2e:d9:
                    ef:27:83:4f:e1:61:44:ba:ba:33:3c:c1:c7:e9:ed:
                    c0:f4:83:a6:6d:f3:b3:13:01:8f:11:a0:2b:42:e7:
                    60:5c:73:ef:b5:c5:b8:f0:ae:92:af:35:3e:c5:ef:
                    53:24:71:38:bf:05:a0:b0:b8:b8:a9:a3:e0:f8:3c:
                    03:46:57:a9:5d:0c:29:67:58:ac:0b:b5:81:01:2d:
                    c3:3b:9d:59:ea:8e:c1:ec:f6:8d:bb:2f:ad:d2:19:
                    97:63:e5:e2:0d:39:d6:5c:0a:e5:03:2e:4e:5a:36:
                    77:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:82:F9:EB:72:A9:4A:2E:0B:1B:D3:4B:D5:4C:29:15:FF:FA:4F:79
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c18f7738-0b76-4278-b789-8ad684281027.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f019::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:be:92:82:a4:7e:93:0b:e7:b6:1a:95:f9:b3:90:16:74:80:
         7f:33:e3:b9:14:3e:9c:55:d6:df:13:f4:81:54:b2:4d:59:09:
         1f:b7:ee:c8:66:a6:93:7b:0b:79:80:4b:40:19:63:c5:74:3e:
         87:d8:91:39:e7:a8:dd:d9:ba:46:98:49:0c:a2:7f:dc:ae:79:
         9f:a5:50:79:54:a3:04:1d:4f:b3:a2:d9:f9:c4:13:7b:90:37:
         8a:67:81:48:1a:19:8e:60:50:19:9e:4f:96:08:73:7c:e9:ae:
         5e:c4:58:5f:62:93:b4:f5:9c:da:3d:0d:8d:b5:7b:24:d8:44:
         a5:5f:c4:78:92:a2:24:8a:9d:83:da:62:f9:db:c2:45:39:d9:
         20:24:13:d8:25:61:55:e7:11:96:b1:3a:62:b4:69:c3:f0:05:
         ae:9b:17:cc:ab:55:7e:ee:79:d6:de:fd:9c:c3:09:89:2e:b5:
         49:8c:81:6a:06:58:ad:ee:c3:20:c0:83:fd:69:d8:b4:16:b5:
         28:f6:ca:fb:43:56:1b:74:43:19:50:2a:5d:38:db:6a:96:20:
         de:1b:dc:8a:2e:63:30:63:ec:0c:19:74:1e:8c:d0:40:86:08:
         23:dc:bd:f9:46:6e:74:6d:ef:32:52:6c:bc:4b:9a:1d:2c:68:
         f4:e4:20:71
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUINZem+gu02L3r3ZaCGSg0qq+KM0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjA4MDAwMDAwWhcNMjQwNzEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzZGI3ODA4OWQxZGJiNWIzOWM0NTNjMDA0YzkxZmQyMmU0
YmVmNDExNTUwNjc4ZDg0ZjA4MjEyZWMyZDlmMmIwMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrHx0Rf5dUNoZsxevTOV/+o3lyv4BhhTpZl18QhBhFg/yL
L0L4m1oUi90hIPxH8SQowmsG/yDMYkTgJrWXi8+r1nJayvkVzURiTDDzjXlkYFSG
p4EqQvxs/qub67I2VVj0uG/Zu2mgG1IFEGIh3F928So6b88ugxLBy5bBJ4NpxS0P
Jz0HCofPPAzJwaDKtxrC2mQu2e8ng0/hYUS6ujM8wcfp7cD0g6Zt87MTAY8RoCtC
52Bcc++1xbjwrpKvNT7F71MkcTi/BaCwuLipo+D4PANGV6ldDClnWKwLtYEBLcM7
nVnqjsHs9o27L63SGZdj5eINOdZcCuUDLk5aNneFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUaYL563KpSi4LG9NL1UwpFf/6T3kwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2MxOGY3NzM4LTBiNzYtNDI3OC1iNzg5LThhZDY4NDI4MTAyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8BkwDQYJKoZIhvcNAQELBQADggEBABy+koKkfpML57YalfmzkBZ0
gH8z47kUPpxV1t8T9IFUsk1ZCR+37shmppN7C3mAS0AZY8V0PofYkTnnqN3ZukaY
SQyif9yueZ+lUHlUowQdT7Oi2fnEE3uQN4pngUgaGY5gUBmeT5YIc3zprl7EWF9i
k7T1nNo9DY21eyTYRKVfxHiSoiSKnYPaYvnbwkU52SAkE9glYVXnEZaxOmK0acPw
Ba6bF8yrVX7uedbe/ZzDCYkutUmMgWoGWK3uwyDAg/1p2LQWtSj2yvtDVht0QxlQ
Kl0422qWIN4b3IouYzBj7AwZdB6M0ECGCCPcvflGbnRt7zJSbLxLmh0saPTkIHE=
-----END CERTIFICATE-----