Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1566e0ef-e54f-4c45-8082-249b7675ea72.roa
File:                     1566e0ef-e54f-4c45-8082-249b7675ea72.roa (raw, json)
Hash identifier:          JrDrBkVBQj+cS4/J2Xgdd4X8iIqcwvoxGPttSR9eq1Y=
Subject key identifier:   EF:F3:E5:B1:05:15:FC:9D:35:2C:A9:8B:4E:70:8D:DE:D2:32:A5:DA
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6626227368A10388C5FC7A49702823E8732C9DC2
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1566e0ef-e54f-4c45-8082-249b7675ea72.roa
Signing time:             Sat 04 May 2024 00:00:00 +0000
ROA not before:           Sat 04 May 2024 00:00:00 +0000
ROA not after:            Sat 08 Jun 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 04 May 2024 07:35:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:26:22:73:68:a1:03:88:c5:fc:7a:49:70:28:23:e8:73:2c:9d:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May  4 00:00:00 2024 GMT
            Not After : Jun  8 23:59:59 2024 GMT
        Subject: serialNumber=4dbdbe14782b3633544be894309440018ad47a559d988737a8729f6c645599c0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:17:d6:57:a4:94:a4:18:77:5a:ad:a4:11:7e:
                    93:d6:bb:73:5d:1b:cb:3e:17:a6:a0:83:fb:22:b3:
                    12:1b:54:7d:38:fc:e5:ab:af:c5:2b:9f:ab:77:eb:
                    ff:d0:4f:84:7d:0d:2b:d7:73:1d:a7:21:b6:d1:4a:
                    60:bd:e8:51:34:6b:3e:85:ce:85:41:39:ba:cf:8b:
                    81:3e:d7:fa:a4:de:c1:8a:3c:e9:cc:9e:5f:c4:24:
                    e7:39:5c:94:56:61:2c:e3:6f:e4:38:e2:88:26:69:
                    62:de:ba:09:9b:95:0d:28:c1:89:a6:98:0e:1f:de:
                    6c:aa:a0:c5:ee:8b:41:6a:34:4c:f5:72:16:aa:c6:
                    81:8d:c3:cd:e4:5e:c1:68:3f:e8:63:d4:36:c2:08:
                    50:56:09:c5:1c:a7:bc:2c:71:83:f4:d7:09:2b:2e:
                    c9:dc:68:e4:92:3d:a7:d7:76:04:9f:6c:57:8c:d0:
                    a8:d4:40:20:c7:ca:0a:2d:62:a4:87:d6:f9:d4:7e:
                    42:95:2a:25:5a:7e:e5:d0:37:85:db:36:24:6b:0d:
                    d4:e8:8e:bc:7f:af:1f:02:41:a2:40:c6:6b:4f:07:
                    9f:85:f2:19:1b:da:04:d6:3e:e5:7a:2e:e4:8c:9a:
                    7b:dc:cd:00:c8:6b:b6:08:e1:e1:51:9d:e6:29:37:
                    84:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:F3:E5:B1:05:15:FC:9D:35:2C:A9:8B:4E:70:8D:DE:D2:32:A5:DA
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1566e0ef-e54f-4c45-8082-249b7675ea72.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:9c:78:27:1b:6f:e3:95:ba:62:00:70:1f:d7:58:fe:e8:c2:
         f1:d1:2e:0d:60:ba:b3:d1:77:69:cd:58:21:59:28:76:41:71:
         83:32:d2:95:c0:04:82:1f:86:47:11:cb:7c:c9:ad:ea:72:fd:
         71:73:64:0a:6b:a1:da:4a:af:20:00:bc:0a:5f:11:ce:c4:59:
         88:24:7d:e1:e4:41:20:64:a1:c8:10:b1:9d:c4:03:f2:76:7f:
         b0:fb:49:db:d0:8a:a3:81:63:e7:e4:c0:c5:cb:ed:7d:ec:36:
         d1:69:b1:29:65:c5:9a:55:63:ee:91:b5:08:95:cf:0e:2b:56:
         28:08:c4:12:5a:fa:60:f6:2a:da:30:cb:c0:72:b7:56:6d:24:
         58:5f:eb:2f:88:35:ec:ca:ba:32:c7:3f:c1:9a:6e:dc:a8:b7:
         8b:f7:49:f6:e1:66:a0:6d:5e:ac:76:40:1a:f9:1e:81:63:82:
         08:4e:13:7b:77:b8:36:0f:12:a5:be:78:d6:64:24:8a:e9:57:
         b4:ea:3a:4d:4e:18:1b:45:c8:eb:27:ab:0e:7a:1f:ee:15:f6:
         0d:c9:bf:25:63:6b:8f:9a:94:d6:26:72:00:ce:1e:2d:42:7d:
         db:7b:3b:ed:04:ef:84:da:56:5d:65:ff:c6:dd:bb:1f:b9:5f:
         88:c0:4d:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZiYic2ihA4jF/HpJcCgj6HMsncIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTA0MDAwMDAwWhcNMjQwNjA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZGJkYmUxNDc4MmIzNjMzNTQ0YmU4OTQzMDk0NDAwMThh
ZDQ3YTU1OWQ5ODg3MzdhODcyOWY2YzY0NTU5OWMwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCCF9ZXpJSkGHdaraQRfpPWu3NdG8s+F6agg/sisxIbVH04
/OWrr8Urn6t36//QT4R9DSvXcx2nIbbRSmC96FE0az6FzoVBObrPi4E+1/qk3sGK
POnMnl/EJOc5XJRWYSzjb+Q44ogmaWLeugmblQ0owYmmmA4f3myqoMXui0FqNEz1
chaqxoGNw83kXsFoP+hj1DbCCFBWCcUcp7wscYP01wkrLsncaOSSPafXdgSfbFeM
0KjUQCDHygotYqSH1vnUfkKVKiVafuXQN4XbNiRrDdTojrx/rx8CQaJAxmtPB5+F
8hkb2gTWPuV6LuSMmnvczQDIa7YI4eFRneYpN4RrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7/PlsQUV/J01LKmLTnCN3tIypdowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE1NjZlMGVmLWU1NGYtNGM0NS04MDgyLTI0OWI3Njc1ZWE3Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABuceCcbb+OVumIAcB/XWP7owvHR
Lg1gurPRd2nNWCFZKHZBcYMy0pXABIIfhkcRy3zJrepy/XFzZAprodpKryAAvApf
Ec7EWYgkfeHkQSBkocgQsZ3EA/J2f7D7SdvQiqOBY+fkwMXL7X3sNtFpsSllxZpV
Y+6RtQiVzw4rVigIxBJa+mD2Ktowy8Byt1ZtJFhf6y+INezKujLHP8Gabtyot4v3
SfbhZqBtXqx2QBr5HoFjgghOE3t3uDYPEqW+eNZkJIrpV7TqOk1OGBtFyOsnqw56
H+4V9g3JvyVja4+alNYmcgDOHi1Cfdt7O+0E74TaVl1l/8bdux+5X4jATRw=
-----END CERTIFICATE-----