Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0b71d6e2-79c4-4601-8775-5f073cbc9397.roa
File:                     0b71d6e2-79c4-4601-8775-5f073cbc9397.roa (raw, json)
Hash identifier:          l7g/pS68FTgedFDVw6FJuhEIVG5Is7AxP1fwm9kaYrA=
Subject key identifier:   B1:22:86:DB:B2:C0:DA:90:47:83:73:7D:1F:F2:6F:66:65:40:1C:02
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       7E5431E9603F0ED9D5313538AEC31078D57F2EAE
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0b71d6e2-79c4-4601-8775-5f073cbc9397.roa
Signing time:             Mon 01 Jul 2024 00:00:00 +0000
ROA not before:           Mon 01 Jul 2024 00:00:00 +0000
ROA not after:            Mon 05 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jul 2024 21:53:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:54:31:e9:60:3f:0e:d9:d5:31:35:38:ae:c3:10:78:d5:7f:2e:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  1 00:00:00 2024 GMT
            Not After : Aug  5 23:59:59 2024 GMT
        Subject: serialNumber=d63fcca0a5849d8f9ce11b00d77c0d084be78c3470601591ce4d5dd2b4f3a8d5, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:24:4e:c3:b5:5a:06:74:da:0b:d1:c1:2f:50:
                    49:1f:0c:62:3f:aa:8a:87:60:0e:87:be:02:f7:8e:
                    10:9e:bd:43:94:53:0f:83:e2:50:0c:84:26:7f:e5:
                    7c:f0:15:f1:f8:69:ad:50:be:c9:a0:8c:e8:a1:31:
                    19:cb:bf:8a:7e:a9:f1:1a:bc:09:ee:e3:e6:2a:2d:
                    6c:8f:dd:7c:17:9a:5f:e5:ca:52:b5:e6:c6:ef:25:
                    ee:ab:cf:91:0a:c2:34:8e:e1:13:e5:3c:11:61:30:
                    78:48:ae:d8:1c:4a:f8:8e:10:1a:f5:5c:2c:84:bd:
                    6f:66:c6:fb:a5:37:56:e6:cf:b6:12:03:fc:f7:3d:
                    93:41:17:b3:96:05:43:d0:8d:9a:6e:94:9f:d0:39:
                    d5:fb:8c:89:3e:53:50:3e:7b:d9:7e:2e:ce:dc:e9:
                    87:19:c8:d3:94:0f:4b:1c:15:08:08:2f:f7:dd:15:
                    fa:6c:64:6f:87:c3:12:c3:d3:d6:20:92:85:7e:12:
                    6a:c4:a2:94:81:96:56:12:fc:bb:2c:6c:3d:d9:69:
                    c0:f7:f7:7b:c5:07:c3:a4:4d:a3:bb:ba:7b:18:57:
                    03:3a:34:4e:a1:a2:6d:65:33:28:28:65:e9:6e:a6:
                    94:bf:b0:76:eb:00:b1:df:dd:9f:d6:23:28:b8:46:
                    16:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:22:86:DB:B2:C0:DA:90:47:83:73:7D:1F:F2:6F:66:65:40:1C:02
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0b71d6e2-79c4-4601-8775-5f073cbc9397.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:aa:dc:0e:d0:29:a3:10:aa:47:45:85:f0:0d:d4:5c:97:4d:
         1f:ca:97:1d:9f:61:d7:d5:83:27:87:3e:7e:8a:4d:3d:56:66:
         e3:45:e6:ba:12:11:db:06:e9:35:b1:1d:69:0f:3b:7b:ec:a8:
         e5:15:7f:a8:4b:fc:e7:df:a9:c8:79:db:69:77:c3:a1:5d:28:
         1f:6a:aa:a9:d7:4f:cc:da:33:d4:aa:20:75:46:42:96:f7:be:
         1c:e3:3a:0f:62:f5:94:4d:ea:3e:2b:60:16:ff:57:b8:10:ad:
         96:ed:b3:28:05:b6:1d:e8:5f:9d:62:db:0d:dc:01:ed:e4:71:
         44:65:86:21:6c:75:58:d4:72:c8:8d:13:9f:04:b1:57:05:68:
         53:82:93:52:81:b4:00:4e:45:4f:a2:e4:9c:17:8e:42:7f:3b:
         28:e4:27:ec:d4:85:d7:99:33:f2:23:6d:8d:f2:ff:85:c5:64:
         e3:da:31:51:15:db:f1:c2:de:1c:3e:22:27:59:68:bf:39:1c:
         75:bf:29:87:7c:45:8a:5a:0a:fa:97:42:45:3e:a0:bc:82:d7:
         e1:6d:c1:d7:eb:bc:21:a8:72:9e:b5:d6:4b:af:82:44:45:fd:
         2d:0d:67:10:e4:41:01:71:c0:a5:57:f0:94:17:42:b1:4f:f5:
         26:7b:74:ed
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUflQx6WA/DtnVMTU4rsMQeNV/Lq4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzAxMDAwMDAwWhcNMjQwODA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNjNmY2NhMGE1ODQ5ZDhmOWNlMTFiMDBkNzdjMGQwODRi
ZTc4YzM0NzA2MDE1OTFjZTRkNWRkMmI0ZjNhOGQ1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZJE7DtVoGdNoL0cEvUEkfDGI/qoqHYA6HvgL3jhCevUOU
Uw+D4lAMhCZ/5XzwFfH4aa1QvsmgjOihMRnLv4p+qfEavAnu4+YqLWyP3XwXml/l
ylK15sbvJe6rz5EKwjSO4RPlPBFhMHhIrtgcSviOEBr1XCyEvW9mxvulN1bmz7YS
A/z3PZNBF7OWBUPQjZpulJ/QOdX7jIk+U1A+e9l+Ls7c6YcZyNOUD0scFQgIL/fd
FfpsZG+HwxLD09YgkoV+EmrEopSBllYS/LssbD3ZacD393vFB8OkTaO7unsYVwM6
NE6hom1lMygoZeluppS/sHbrALHf3Z/WIyi4RhaHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsSKG27LA2pBHg3N9H/JvZmVAHAIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBiNzFkNmUyLTc5YzQtNDYwMS04Nzc1LTVmMDczY2JjOTM5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAiq3A7QKaMQqkdFhfAN1FyXTR/K
lx2fYdfVgyeHPn6KTT1WZuNF5roSEdsG6TWxHWkPO3vsqOUVf6hL/Offqch522l3
w6FdKB9qqqnXT8zaM9SqIHVGQpb3vhzjOg9i9ZRN6j4rYBb/V7gQrZbtsygFth3o
X51i2w3cAe3kcURlhiFsdVjUcsiNE58EsVcFaFOCk1KBtABORU+i5JwXjkJ/Oyjk
J+zUhdeZM/IjbY3y/4XFZOPaMVEV2/HC3hw+IidZaL85HHW/KYd8RYpaCvqXQkU+
oLyC1+FtwdfrvCGocp611kuvgkRF/S0NZxDkQQFxwKVX8JQXQrFP9SZ7dO0=
-----END CERTIFICATE-----