Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1842a71e-2b1b-42a3-86f9-b24ac9e7a96c.roa
File:                     1842a71e-2b1b-42a3-86f9-b24ac9e7a96c.roa (raw, json)
Hash identifier:          6zJVvMm6krapGRBcKJRTrwfqlecejrBp6a0lKRFgPJk=
Subject key identifier:   57:CF:B7:11:D7:AE:3D:A2:DE:EF:BC:62:F3:CF:40:BF:00:20:24:DC
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       61A09D236B33F00A96B475EF63DC42F85A341CE6
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1842a71e-2b1b-42a3-86f9-b24ac9e7a96c.roa
Signing time:             Sun 01 Sep 2024 00:00:00 +0000
ROA not before:           Sun 01 Sep 2024 00:00:00 +0000
ROA not after:            Sun 06 Oct 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 01 Sep 2024 09:54:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:a0:9d:23:6b:33:f0:0a:96:b4:75:ef:63:dc:42:f8:5a:34:1c:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep  1 00:00:00 2024 GMT
            Not After : Oct  6 23:59:59 2024 GMT
        Subject: serialNumber=a5d294e90ce3d2682a13b80250adcfd1cee50730992ed896d19296d0491137bc, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:91:e7:73:9a:3d:af:d6:f8:9f:7a:d1:12:ca:
                    68:11:ae:f3:b0:c6:65:13:b8:aa:7e:d6:e0:b2:b3:
                    d7:b9:62:b4:ea:34:f1:ef:26:61:a5:24:5f:f8:75:
                    b8:d7:bc:3a:6b:a0:7a:f6:48:20:bc:40:d6:dc:1b:
                    20:1a:d4:3d:a6:c5:90:fc:66:ba:81:0a:a3:e3:d1:
                    27:d4:d3:82:bb:62:ae:8f:12:d3:a0:cd:49:37:e4:
                    7b:c2:e7:86:10:cd:ea:cd:fe:d6:64:1c:99:30:96:
                    09:e4:0c:a3:41:18:2c:25:71:ad:0f:65:1f:0b:19:
                    b7:1b:e6:18:9a:54:f4:29:49:3d:56:02:41:ea:ca:
                    76:56:9f:95:c1:83:21:e0:78:e1:22:9d:04:e6:97:
                    27:2c:3c:67:7a:a2:2e:e6:26:79:c1:05:fa:75:37:
                    1e:90:6c:2d:5f:8b:63:45:94:07:d2:28:2c:2b:0a:
                    9c:4d:0b:a3:59:b4:27:f0:c2:f0:90:3c:c6:f0:c3:
                    a7:c7:40:c8:55:a8:f0:c2:0e:23:58:d6:a1:7d:03:
                    c1:4a:c9:f4:cd:01:8f:a3:79:a9:8b:f6:69:93:90:
                    9d:a3:8a:52:30:01:26:85:ea:ca:28:78:9d:ea:92:
                    65:07:da:51:62:45:a8:db:50:ec:78:81:6f:0c:76:
                    c9:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:CF:B7:11:D7:AE:3D:A2:DE:EF:BC:62:F3:CF:40:BF:00:20:24:DC
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1842a71e-2b1b-42a3-86f9-b24ac9e7a96c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:18:c1:56:d7:ed:e5:c1:fc:cb:e8:f8:21:0b:ef:18:05:8b:
         f0:45:d0:03:fc:45:32:af:95:a9:79:9c:ae:1d:bd:b1:9e:bc:
         62:7a:03:f9:6b:da:ef:8e:ac:66:1c:68:1e:bc:54:ae:2a:8b:
         45:7d:32:bc:31:27:31:76:34:50:70:46:27:ba:da:3a:d5:a5:
         60:3b:a1:c9:70:ef:00:c5:79:88:c1:bf:75:08:c7:94:11:3e:
         d1:11:77:74:3f:95:2c:6a:ba:a1:eb:2b:a9:71:37:4c:a2:ea:
         df:a0:a0:12:79:f2:9e:99:11:a1:f5:97:df:44:5e:50:24:79:
         bb:05:84:4f:6f:b0:7e:fc:98:5c:da:10:fd:d9:c9:cf:d1:74:
         4a:7f:db:8f:55:0d:f9:9a:a8:0c:99:dc:22:f4:8d:c4:83:ef:
         62:ed:cb:a8:e4:df:64:3a:0f:05:6e:51:80:ef:8c:2e:20:b7:
         1f:ff:17:b7:4d:43:0a:71:55:e3:d8:71:72:d6:aa:81:e4:c9:
         5c:2b:b4:21:7b:38:72:ad:e3:3b:72:be:50:85:d6:d5:0f:c9:
         a6:1e:40:f4:21:dc:9a:33:b9:83:c8:e7:e8:d0:49:fd:ef:d9:
         6f:ce:90:67:8f:28:3f:f6:dd:a5:8f:fd:dc:39:80:08:2e:d5:
         92:c0:79:91
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYaCdI2sz8AqWtHXvY9xC+Fo0HOYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTAxMDAwMDAwWhcNMjQxMDA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNWQyOTRlOTBjZTNkMjY4MmExM2I4MDI1MGFkY2ZkMWNl
ZTUwNzMwOTkyZWQ4OTZkMTkyOTZkMDQ5MTEzN2JjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpkedzmj2v1vifetESymgRrvOwxmUTuKp+1uCys9e5YrTq
NPHvJmGlJF/4dbjXvDproHr2SCC8QNbcGyAa1D2mxZD8ZrqBCqPj0SfU04K7Yq6P
EtOgzUk35HvC54YQzerN/tZkHJkwlgnkDKNBGCwlca0PZR8LGbcb5hiaVPQpST1W
AkHqynZWn5XBgyHgeOEinQTmlycsPGd6oi7mJnnBBfp1Nx6QbC1fi2NFlAfSKCwr
CpxNC6NZtCfwwvCQPMbww6fHQMhVqPDCDiNY1qF9A8FKyfTNAY+jeamL9mmTkJ2j
ilIwASaF6sooeJ3qkmUH2lFiRajbUOx4gW8MdslDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUV8+3EdeuPaLe77xi889AvwAgJNwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE4NDJhNzFlLTJiMWItNDJhMy04NmY5LWIyNGFjOWU3YTk2Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAC8YwVbX7eXB/Mvo+CEL7xgFi/BF
0AP8RTKvlal5nK4dvbGevGJ6A/lr2u+OrGYcaB68VK4qi0V9MrwxJzF2NFBwRie6
2jrVpWA7oclw7wDFeYjBv3UIx5QRPtERd3Q/lSxquqHrK6lxN0yi6t+goBJ58p6Z
EaH1l99EXlAkebsFhE9vsH78mFzaEP3Zyc/RdEp/249VDfmaqAyZ3CL0jcSD72Lt
y6jk32Q6DwVuUYDvjC4gtx//F7dNQwpxVePYcXLWqoHkyVwrtCF7OHKt4ztyvlCF
1tUPyaYeQPQh3JozuYPI5+jQSf3v2W/OkGePKD/23aWP/dw5gAgu1ZLAeZE=
-----END CERTIFICATE-----