Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/23530527-37e5-41d5-bd0c-6d3be9c5b230.roa
File:                     23530527-37e5-41d5-bd0c-6d3be9c5b230.roa (raw, json)
Hash identifier:          lFJFH68PU/p95B4I8CqfckTBlCuzaDcqHozK6Db6i7g=
Subject key identifier:   0C:22:B1:2B:9D:12:FC:C1:80:33:A3:02:16:30:16:83:D9:25:50:12
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       14ACFA9D4DC3102B53B9F8610D7ED5A722D808E7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/23530527-37e5-41d5-bd0c-6d3be9c5b230.roa
Signing time:             Tue 19 Nov 2024 00:00:00 +0000
ROA not before:           Tue 19 Nov 2024 00:00:00 +0000
ROA not after:            Tue 24 Dec 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Nov 2024 22:38:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:ac:fa:9d:4d:c3:10:2b:53:b9:f8:61:0d:7e:d5:a7:22:d8:08:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 19 00:00:00 2024 GMT
            Not After : Dec 24 23:59:59 2024 GMT
        Subject: serialNumber=19cf5177be1a7682a529a1689cff6cd50fd105d33495628103632fe5f7bee84f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:47:b7:09:37:af:22:40:d8:b9:bb:83:71:57:
                    35:84:17:b1:95:ba:c3:7d:d3:82:fe:7a:af:5f:7c:
                    5f:7b:bc:c2:cd:32:53:56:a4:ac:47:d2:22:0e:12:
                    f4:34:25:74:d7:f2:de:3e:43:1d:0c:28:11:52:92:
                    89:7b:81:d4:ed:a4:04:cd:dc:7a:fe:a4:1b:ab:47:
                    94:97:09:ae:20:6f:cf:d6:55:2f:7c:af:e4:d7:6e:
                    cd:ad:4c:bb:82:b2:04:c6:40:84:da:55:1d:29:21:
                    c2:c2:f9:3c:7b:7c:78:64:14:12:3c:f2:0c:32:59:
                    70:b4:38:55:86:03:9a:96:4f:1f:36:10:b6:53:46:
                    fd:9a:19:71:d1:b7:cf:4b:e3:a5:0f:d9:81:4d:c2:
                    60:fc:0a:75:b4:bf:7f:8f:d3:e2:57:44:a0:65:c2:
                    7f:be:d5:b8:c5:19:8c:5e:4e:0b:f3:73:43:ba:bd:
                    b2:55:a6:55:14:a0:8f:de:39:3a:36:ad:66:bb:a7:
                    08:63:87:5a:e5:99:84:f4:49:13:f5:93:19:08:55:
                    6d:b4:cc:b8:4a:4d:f8:a4:b4:61:d2:65:ff:8a:c1:
                    02:f8:b1:c8:f0:3a:4d:3b:ef:db:fa:e5:ae:12:6c:
                    c9:f6:2e:85:a9:6c:17:64:cc:f5:7f:1f:d3:59:b0:
                    36:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:22:B1:2B:9D:12:FC:C1:80:33:A3:02:16:30:16:83:D9:25:50:12
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/23530527-37e5-41d5-bd0c-6d3be9c5b230.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:af:2b:87:40:95:d6:f9:2c:1d:04:81:53:c4:9c:c4:55:80:
         9d:55:c8:d9:b7:14:94:4d:7e:df:93:d9:b7:27:1b:70:4c:f8:
         42:96:9a:19:eb:90:86:c1:07:33:b3:2b:9c:1e:71:ae:71:34:
         9b:3f:7e:6c:b7:11:14:a6:54:75:6c:b7:18:60:16:60:dc:27:
         54:7b:32:02:f0:e0:b2:18:e5:70:90:e0:b9:24:84:c6:50:26:
         22:eb:02:9a:5a:e3:82:5d:05:aa:1b:64:0e:c9:6a:1a:ea:e2:
         53:fa:31:a9:fd:63:a7:27:8f:b2:0b:76:29:84:05:64:19:8f:
         24:f5:40:d2:d6:12:f7:15:1b:92:5d:e0:6d:48:c9:9c:6e:88:
         d2:75:28:92:ea:eb:60:3e:51:09:fb:b4:cc:a8:af:89:d2:9c:
         69:33:97:cd:b9:ef:59:b3:5f:0a:f6:c6:39:b5:61:8f:8c:a1:
         30:5d:39:81:9d:f2:cb:20:44:e8:0e:13:ab:52:5f:76:aa:44:
         03:34:95:ef:f8:a2:7f:df:11:1d:a2:0c:8f:45:34:45:6f:fc:
         2d:39:09:3a:a7:aa:47:d3:b4:ce:6c:60:af:99:27:f1:c3:f4:
         f5:53:9b:6e:19:b9:59:2b:74:c4:3a:2e:27:be:33:68:70:c0:
         12:6d:db:70
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFKz6nU3DECtTufhhDX7VpyLYCOcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTE5MDAwMDAwWhcNMjQxMjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxOWNmNTE3N2JlMWE3NjgyYTUyOWExNjg5Y2ZmNmNkNTBm
ZDEwNWQzMzQ5NTYyODEwMzYzMmZlNWY3YmVlODRmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUR7cJN68iQNi5u4NxVzWEF7GVusN904L+eq9ffF97vMLN
MlNWpKxH0iIOEvQ0JXTX8t4+Qx0MKBFSkol7gdTtpATN3Hr+pBurR5SXCa4gb8/W
VS98r+TXbs2tTLuCsgTGQITaVR0pIcLC+Tx7fHhkFBI88gwyWXC0OFWGA5qWTx82
ELZTRv2aGXHRt89L46UP2YFNwmD8CnW0v3+P0+JXRKBlwn++1bjFGYxeTgvzc0O6
vbJVplUUoI/eOTo2rWa7pwhjh1rlmYT0SRP1kxkIVW20zLhKTfiktGHSZf+KwQL4
scjwOk0779v65a4SbMn2LoWpbBdkzPV/H9NZsDYHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDCKxK50S/MGAM6MCFjAWg9klUBIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzIzNTMwNTI3LTM3ZTUtNDFkNS1iZDBjLTZkM2JlOWM1YjIzMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAivK4dAldb5LB0EgVPEnMRVgJ1V
yNm3FJRNft+T2bcnG3BM+EKWmhnrkIbBBzOzK5weca5xNJs/fmy3ERSmVHVstxhg
FmDcJ1R7MgLw4LIY5XCQ4LkkhMZQJiLrAppa44JdBaobZA7Jahrq4lP6Man9Y6cn
j7ILdimEBWQZjyT1QNLWEvcVG5Jd4G1IyZxuiNJ1KJLq62A+UQn7tMyor4nSnGkz
l82571mzXwr2xjm1YY+MoTBdOYGd8ssgROgOE6tSX3aqRAM0le/4on/fER2iDI9F
NEVv/C05CTqnqkfTtM5sYK+ZJ/HD9PVTm24ZuVkrdMQ6Lie+M2hwwBJt23A=
-----END CERTIFICATE-----