Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25fb93e7-4da4-45e2-afaa-8c03410666a9.roa
File:                     25fb93e7-4da4-45e2-afaa-8c03410666a9.roa (raw, json)
Hash identifier:          25bCzoes8mp5EgOvVjB2QLOeUmKgtCNw/5q1Zd1JgPY=
Subject key identifier:   96:D8:21:0F:21:0C:04:9D:24:FC:09:B0:8B:D6:A1:5C:F5:CD:BD:83
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       23803CFC4F9E976797FFC71892D42EF8FF205A26
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25fb93e7-4da4-45e2-afaa-8c03410666a9.roa
Signing time:             Thu 09 May 2024 00:00:00 +0000
ROA not before:           Thu 09 May 2024 00:00:00 +0000
ROA not after:            Thu 13 Jun 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 May 2024 13:45:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:80:3c:fc:4f:9e:97:67:97:ff:c7:18:92:d4:2e:f8:ff:20:5a:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May  9 00:00:00 2024 GMT
            Not After : Jun 13 23:59:59 2024 GMT
        Subject: serialNumber=b85953b91e07cbe47e843244da29b4fdf7c8641309e8ffd83d7033c51c7f43f1, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:df:ac:8d:36:18:fb:e2:c3:2c:7c:76:07:b9:
                    a0:b8:8f:8b:99:92:f2:1e:94:65:88:ee:54:38:d1:
                    29:f5:77:84:c1:08:f9:d2:95:29:b8:d6:8f:f8:cd:
                    07:02:7c:9b:93:9f:ba:de:c9:5f:6f:73:0f:46:b8:
                    da:70:74:7e:9c:3e:d3:67:cc:ef:36:a5:0b:eb:33:
                    97:65:da:f4:15:a9:4f:8c:0c:0b:6f:7f:09:9b:41:
                    5e:1a:e1:d5:77:23:fa:33:94:f7:e9:78:66:7f:39:
                    63:05:80:90:91:cc:bb:de:1b:86:82:c6:dd:d8:72:
                    7f:2b:47:17:3a:4f:d0:7e:af:1f:d3:0d:fb:6e:d9:
                    64:6b:e4:5d:49:46:9e:cd:2c:23:bd:c1:66:a4:fb:
                    da:e2:45:96:d3:9a:3d:f0:74:51:f0:d9:48:3f:9b:
                    8b:cc:9f:e9:fc:c8:a4:d3:c6:48:d1:76:a6:6e:6b:
                    ea:64:22:58:91:fc:82:e9:2b:8d:0b:cc:1f:cc:02:
                    7f:97:f1:a7:14:f3:fd:17:bf:c5:d5:05:b0:60:66:
                    91:38:44:eb:d4:03:20:b1:c8:3d:8a:b8:00:88:4e:
                    ba:c4:48:a3:e4:84:69:03:73:11:2f:4d:9f:fc:79:
                    64:a2:a1:d0:96:30:a4:5e:76:e1:1a:0e:78:06:fe:
                    ec:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:D8:21:0F:21:0C:04:9D:24:FC:09:B0:8B:D6:A1:5C:F5:CD:BD:83
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25fb93e7-4da4-45e2-afaa-8c03410666a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:df:db:75:b2:00:9e:90:44:71:31:0f:eb:07:6a:ff:60:b7:
         71:66:e7:3e:db:fb:d0:0f:38:b9:9c:d1:04:10:47:5a:55:c6:
         ba:d6:c5:f3:29:43:db:bf:d2:99:87:74:e0:20:1a:5e:0d:aa:
         29:c4:85:e2:b5:93:69:d6:87:7b:e1:b4:72:a7:e7:80:43:70:
         7a:fa:ea:65:3c:15:55:97:be:7a:96:3a:19:9b:d9:b2:31:ff:
         02:2c:94:f2:9e:16:c5:76:cb:1f:53:76:bb:22:bd:b8:f2:e9:
         bb:a4:84:fc:ef:32:1b:79:4f:2d:8d:7b:83:3d:db:46:f0:fc:
         85:02:9b:4f:e8:6c:a7:09:2c:0e:7e:3e:4a:07:8b:8a:b2:1f:
         a5:27:c9:3f:6e:36:62:8e:a7:c3:8e:86:66:5b:c2:d3:22:24:
         44:03:c1:e5:58:ec:5e:e8:08:e7:90:21:a0:1a:c4:d7:92:2f:
         ba:29:23:f5:b6:6a:df:79:90:4f:a3:c5:cc:a6:d3:d3:a5:b9:
         60:04:27:bb:94:c7:7f:0b:d9:1d:7d:88:48:aa:0a:09:1c:f1:
         9a:80:45:ae:85:c2:65:b7:d2:08:4d:33:7a:04:2e:da:65:b5:
         d2:01:51:44:15:b4:05:09:9f:e3:93:42:e3:93:06:b4:9f:af:
         db:03:9e:b7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI4A8/E+el2eX/8cYktQu+P8gWiYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTA5MDAwMDAwWhcNMjQwNjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiODU5NTNiOTFlMDdjYmU0N2U4NDMyNDRkYTI5YjRmZGY3
Yzg2NDEzMDllOGZmZDgzZDcwMzNjNTFjN2Y0M2YxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDN36yNNhj74sMsfHYHuaC4j4uZkvIelGWI7lQ40Sn1d4TB
CPnSlSm41o/4zQcCfJuTn7reyV9vcw9GuNpwdH6cPtNnzO82pQvrM5dl2vQVqU+M
DAtvfwmbQV4a4dV3I/ozlPfpeGZ/OWMFgJCRzLveG4aCxt3Ycn8rRxc6T9B+rx/T
Dftu2WRr5F1JRp7NLCO9wWak+9riRZbTmj3wdFHw2Ug/m4vMn+n8yKTTxkjRdqZu
a+pkIliR/ILpK40LzB/MAn+X8acU8/0Xv8XVBbBgZpE4ROvUAyCxyD2KuACITrrE
SKPkhGkDcxEvTZ/8eWSiodCWMKReduEaDngG/uyTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUltghDyEMBJ0k/Amwi9ahXPXNvYMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI1ZmI5M2U3LTRkYTQtNDVlMi1hZmFhLThjMDM0MTA2NjZhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALXf23WyAJ6QRHExD+sHav9gt3Fm
5z7b+9APOLmc0QQQR1pVxrrWxfMpQ9u/0pmHdOAgGl4NqinEheK1k2nWh3vhtHKn
54BDcHr66mU8FVWXvnqWOhmb2bIx/wIslPKeFsV2yx9Tdrsivbjy6bukhPzvMht5
Ty2Ne4M920bw/IUCm0/obKcJLA5+PkoHi4qyH6UnyT9uNmKOp8OOhmZbwtMiJEQD
weVY7F7oCOeQIaAaxNeSL7opI/W2at95kE+jxcym09OluWAEJ7uUx38L2R19iEiq
Cgkc8ZqARa6FwmW30ghNM3oELtpltdIBUUQVtAUJn+OTQuOTBrSfr9sDnrc=
-----END CERTIFICATE-----