Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/28894cc0-48a0-4019-b791-49a02594043c.roa
File:                     28894cc0-48a0-4019-b791-49a02594043c.roa (raw, json)
Hash identifier:          0YvM6d9b7N5vB9VE3eAv1z+lwTwojJPMPY69+fa0VPA=
Subject key identifier:   6D:21:B4:2E:14:2B:4B:37:0D:7C:DE:CF:4C:2C:46:95:06:A3:B2:FB
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       31039B44170445B554400C98348FAEBFA4D8180C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/28894cc0-48a0-4019-b791-49a02594043c.roa
Signing time:             Thu 14 Nov 2024 00:00:00 +0000
ROA not before:           Thu 14 Nov 2024 00:00:00 +0000
ROA not after:            Thu 19 Dec 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Nov 2024 03:33:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:03:9b:44:17:04:45:b5:54:40:0c:98:34:8f:ae:bf:a4:d8:18:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 14 00:00:00 2024 GMT
            Not After : Dec 19 23:59:59 2024 GMT
        Subject: serialNumber=058d5de789b5b9fffc2a18e7f944e4cb35238f5cf9ba2fb089a2bc54705af761, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2f:e3:7d:d5:5f:4a:47:cb:77:73:17:b1:3e:
                    ac:f6:c2:6a:2d:a4:a0:19:a5:ec:8e:95:2b:d5:67:
                    79:b3:4f:99:e0:3d:22:01:a8:0b:46:86:81:d7:e1:
                    d1:33:40:e1:69:2f:ac:0d:16:8b:c0:8e:f9:a1:fb:
                    fe:01:d2:e2:8e:09:f5:c7:59:0c:14:73:2d:85:dd:
                    e4:0d:9c:d7:2d:a7:93:98:7a:b8:b4:1c:c5:dd:d0:
                    16:4c:08:34:3e:18:87:d8:2e:dc:79:f5:9a:fb:07:
                    bb:b6:61:2e:6e:a4:3f:52:63:df:0c:38:80:b6:6c:
                    51:2c:fc:44:55:5a:9b:e8:53:91:22:18:61:33:b5:
                    b1:fe:00:dc:05:7b:50:8e:30:a9:57:1f:b4:63:8f:
                    0c:76:94:73:87:57:57:b0:93:93:1b:54:83:a9:12:
                    40:34:e5:66:fa:35:47:a4:6f:37:e0:4b:57:1b:8c:
                    8c:44:9e:d3:75:79:6a:1e:b0:d3:23:81:c4:32:31:
                    93:dd:aa:42:e6:78:0e:c9:0f:11:b8:d4:df:b3:12:
                    71:b3:82:6b:d8:4c:1e:2d:13:50:04:28:73:c9:46:
                    35:f1:f0:76:29:d4:64:26:01:1f:22:27:bd:2c:39:
                    2b:7e:38:22:8e:d6:2b:bd:01:93:f7:09:ab:ed:b3:
                    e3:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:21:B4:2E:14:2B:4B:37:0D:7C:DE:CF:4C:2C:46:95:06:A3:B2:FB
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/28894cc0-48a0-4019-b791-49a02594043c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:ca:8a:8a:f5:be:bc:f9:a9:41:55:a0:a8:d2:c5:c7:1e:6e:
         78:81:dd:37:9b:28:96:08:25:85:bf:67:86:50:3d:82:09:1e:
         1f:cd:75:20:16:42:82:b3:d3:96:b8:1b:d8:50:ec:66:17:3d:
         2d:a4:f7:3f:a6:dd:41:b5:68:a1:97:ef:eb:21:0a:63:b0:f9:
         5c:26:36:f2:ab:a9:64:30:58:d9:7a:92:1b:e4:4f:2d:e9:9e:
         09:f7:1c:9c:8f:f6:49:07:fe:15:71:4a:2b:b0:b1:19:27:1e:
         c5:53:a7:ec:e2:fb:8a:e6:35:59:32:8a:e4:98:94:f0:e5:98:
         93:d4:b1:a8:96:40:f7:40:37:51:93:e8:b3:de:fa:58:44:9f:
         2b:23:7a:13:70:4f:fe:d4:b1:e9:d6:98:16:11:4c:ec:21:cc:
         bf:a9:06:0c:b9:1d:a8:8a:48:c2:d1:a3:cb:93:6b:60:25:95:
         90:17:0d:22:0a:fc:42:bf:ab:90:25:62:2e:9f:ad:9e:6c:54:
         e9:bf:21:52:45:52:ac:0a:85:63:1e:06:9f:c7:5f:8c:a8:cf:
         e3:21:4e:16:87:db:7c:4e:50:24:00:6f:fa:cc:01:78:73:0d:
         0e:b0:aa:b6:da:3b:29:fc:dc:96:50:84:d1:c0:e3:a3:03:35:
         cd:45:31:40
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMQObRBcERbVUQAyYNI+uv6TYGAwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTE0MDAwMDAwWhcNMjQxMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNThkNWRlNzg5YjViOWZmZmMyYTE4ZTdmOTQ0ZTRjYjM1
MjM4ZjVjZjliYTJmYjA4OWEyYmM1NDcwNWFmNzYxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyL+N91V9KR8t3cxexPqz2wmotpKAZpeyOlSvVZ3mzT5ng
PSIBqAtGhoHX4dEzQOFpL6wNFovAjvmh+/4B0uKOCfXHWQwUcy2F3eQNnNctp5OY
eri0HMXd0BZMCDQ+GIfYLtx59Zr7B7u2YS5upD9SY98MOIC2bFEs/ERVWpvoU5Ei
GGEztbH+ANwFe1COMKlXH7Rjjwx2lHOHV1ewk5MbVIOpEkA05Wb6NUekbzfgS1cb
jIxEntN1eWoesNMjgcQyMZPdqkLmeA7JDxG41N+zEnGzgmvYTB4tE1AEKHPJRjXx
8HYp1GQmAR8iJ70sOSt+OCKO1iu9AZP3Cavts+MzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbSG0LhQrSzcNfN7PTCxGlQajsvswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI4ODk0Y2MwLTQ4YTAtNDAxOS1iNzkxLTQ5YTAyNTk0MDQzYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAG7Kior1vrz5qUFVoKjSxccebniB
3TebKJYIJYW/Z4ZQPYIJHh/NdSAWQoKz05a4G9hQ7GYXPS2k9z+m3UG1aKGX7+sh
CmOw+VwmNvKrqWQwWNl6khvkTy3pngn3HJyP9kkH/hVxSiuwsRknHsVTp+zi+4rm
NVkyiuSYlPDlmJPUsaiWQPdAN1GT6LPe+lhEnysjehNwT/7UsenWmBYRTOwhzL+p
Bgy5HaiKSMLRo8uTa2AllZAXDSIK/EK/q5AlYi6frZ5sVOm/IVJFUqwKhWMeBp/H
X4yoz+MhThaH23xOUCQAb/rMAXhzDQ6wqrbaOyn83JZQhNHA46MDNc1FMUA=
-----END CERTIFICATE-----