Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ca378fa8-7ec4-4a8b-b0f4-8a10eef8a66c.roa
File:                     ca378fa8-7ec4-4a8b-b0f4-8a10eef8a66c.roa (raw, json)
Hash identifier:          s1DTyBlJ7/M9GXVWM1W/q+IFi6vGqqexhhrzl0pidIs=
Subject key identifier:   9D:9E:9E:09:30:6E:58:38:E5:D2:1D:20:45:D9:F9:B1:4D:CF:FB:40
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       1DD680E9BCEC8A8E605FA57F08D324AAE08253C0
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ca378fa8-7ec4-4a8b-b0f4-8a10eef8a66c.roa
Signing time:             Sat 08 Jun 2024 00:00:00 +0000
ROA not before:           Sat 08 Jun 2024 00:00:00 +0000
ROA not after:            Sat 13 Jul 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:f023::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:d6:80:e9:bc:ec:8a:8e:60:5f:a5:7f:08:d3:24:aa:e0:82:53:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  8 00:00:00 2024 GMT
            Not After : Jul 13 23:59:59 2024 GMT
        Subject: serialNumber=f4c4cb26479f54ca89efaf5943be3cdb27068b44314a69a341fd61209e93f832, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:99:76:af:33:5c:92:71:c7:c2:65:a0:14:e8:
                    f3:8c:5f:2f:71:f7:33:26:1b:62:a5:0f:82:d1:e9:
                    cf:80:2b:67:bb:f0:db:7d:05:50:1a:0a:6d:1d:4f:
                    cf:5a:6b:ed:05:5a:44:03:fc:46:f7:a9:a9:d8:1e:
                    b9:29:aa:74:e7:3e:48:7e:fc:82:b0:51:92:55:95:
                    b1:bb:dc:80:94:8b:2c:0b:71:e5:eb:4d:85:2d:9a:
                    86:11:da:84:af:1d:86:9a:e3:62:65:67:36:cb:ea:
                    16:1d:7e:af:b1:cd:34:7c:1f:ff:81:6a:06:9b:f2:
                    f8:72:b3:89:14:28:a6:85:db:a8:b2:39:21:ac:3d:
                    84:5b:f1:4d:3b:09:0d:9d:3e:70:6a:b8:2a:69:f4:
                    b4:31:88:82:01:93:9f:cc:a4:76:f5:14:8d:03:98:
                    bb:72:06:0d:08:39:ea:ef:a2:60:fe:10:a7:83:c9:
                    2d:30:f8:3e:54:bf:fd:5f:34:27:6c:a2:17:3e:9b:
                    96:0a:df:41:dd:7c:18:9c:98:20:c1:ac:d2:6e:f8:
                    76:66:a8:76:8e:dd:91:18:44:7a:8f:c6:43:26:c8:
                    ee:00:af:5b:fd:eb:61:98:6c:3c:b9:6b:7a:23:e8:
                    aa:b8:12:e3:b2:00:3c:a0:87:0a:da:f4:77:7e:56:
                    30:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:9E:9E:09:30:6E:58:38:E5:D2:1D:20:45:D9:F9:B1:4D:CF:FB:40
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ca378fa8-7ec4-4a8b-b0f4-8a10eef8a66c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f023::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:c9:a7:f1:85:bd:12:0b:12:81:11:36:15:b1:f4:f3:4d:21:
         22:23:36:15:71:45:eb:28:9e:eb:e4:0b:5a:5c:d5:cc:52:6e:
         2d:93:37:94:72:1b:ff:2c:89:fd:7b:80:c7:57:d4:f1:76:46:
         d8:67:92:c5:e1:a3:75:1e:bf:e8:64:5c:cf:f1:c4:25:83:d2:
         45:f5:7f:73:bc:b5:2a:aa:8a:c7:8a:1b:b6:b1:e6:a5:28:d6:
         a9:f8:12:c4:46:b5:c0:8a:3b:27:8b:a8:ec:42:aa:0e:21:64:
         8c:39:59:e5:11:48:4d:c3:a0:c1:fd:6f:3c:e0:b3:3e:b8:e4:
         db:2e:97:a9:dd:89:9a:2e:48:f5:07:1f:ef:c8:48:c8:f9:14:
         63:51:cf:b4:7c:1d:af:77:34:46:97:57:04:43:4d:97:84:32:
         26:f5:3f:eb:87:59:d3:b1:2c:44:11:c4:80:10:6e:59:86:3e:
         dc:db:4a:5d:27:8a:fe:71:28:d7:ac:ff:29:4c:fc:1d:91:4a:
         53:45:32:ab:3b:d1:04:e4:77:61:18:3a:d9:7c:f3:bd:d0:a0:
         02:38:56:22:1d:49:f3:e2:ef:27:17:10:6b:66:24:4f:ce:17:
         f5:b8:ba:88:93:85:07:c8:a6:d6:33:cb:76:ae:af:c2:4a:8e:
         f4:04:74:8a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUHdaA6bzsio5gX6V/CNMkquCCU8AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjA4MDAwMDAwWhcNMjQwNzEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNGM0Y2IyNjQ3OWY1NGNhODllZmFmNTk0M2JlM2NkYjI3
MDY4YjQ0MzE0YTY5YTM0MWZkNjEyMDllOTNmODMyMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHmXavM1ySccfCZaAU6POMXy9x9zMmG2KlD4LR6c+AK2e7
8Nt9BVAaCm0dT89aa+0FWkQD/Eb3qanYHrkpqnTnPkh+/IKwUZJVlbG73ICUiywL
ceXrTYUtmoYR2oSvHYaa42JlZzbL6hYdfq+xzTR8H/+Bagab8vhys4kUKKaF26iy
OSGsPYRb8U07CQ2dPnBquCpp9LQxiIIBk5/MpHb1FI0DmLtyBg0IOervomD+EKeD
yS0w+D5Uv/1fNCdsohc+m5YK30HdfBicmCDBrNJu+HZmqHaO3ZEYRHqPxkMmyO4A
r1v962GYbDy5a3oj6Kq4EuOyADyghwra9Hd+VjBxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUnZ6eCTBuWDjl0h0gRdn5sU3P+0AwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2NhMzc4ZmE4LTdlYzQtNGE4Yi1iMGY0LThhMTBlZWY4YTY2Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8CMwDQYJKoZIhvcNAQELBQADggEBAGDJp/GFvRILEoERNhWx9PNN
ISIjNhVxResonuvkC1pc1cxSbi2TN5RyG/8sif17gMdX1PF2RthnksXho3Uev+hk
XM/xxCWD0kX1f3O8tSqqiseKG7ax5qUo1qn4EsRGtcCKOyeLqOxCqg4hZIw5WeUR
SE3DoMH9bzzgsz645Nsul6ndiZouSPUHH+/ISMj5FGNRz7R8Ha93NEaXVwRDTZeE
Mib1P+uHWdOxLEQRxIAQblmGPtzbSl0niv5xKNes/ylM/B2RSlNFMqs70QTkd2EY
Otl8873QoAI4ViIdSfPi7ycXEGtmJE/OF/W4uoiThQfIptYzy3aur8JKjvQEdIo=
-----END CERTIFICATE-----