Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2eb3df81-77bc-4940-af61-e2292ebcc99e.roa
File:                     2eb3df81-77bc-4940-af61-e2292ebcc99e.roa (raw, json)
Hash identifier:          tm2sPSH39jgvY+SiiIzkzLE6scDniWeH83PBCICR2h0=
Subject key identifier:   05:DC:F2:2E:50:A0:10:B4:00:09:5E:61:B8:20:E9:C5:26:2C:B6:AA
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       76BD01A0A5E6CB793D5ED5FBF166DEC2A1F86D1B
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2eb3df81-77bc-4940-af61-e2292ebcc99e.roa
Signing time:             Tue 23 Jul 2024 00:00:00 +0000
ROA not before:           Tue 23 Jul 2024 00:00:00 +0000
ROA not after:            Tue 27 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jul 2024 06:13:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:bd:01:a0:a5:e6:cb:79:3d:5e:d5:fb:f1:66:de:c2:a1:f8:6d:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 23 00:00:00 2024 GMT
            Not After : Aug 27 23:59:59 2024 GMT
        Subject: serialNumber=8bd91d1a9cadbdefe85f097ff8ab013554454a04e56ca9e6adaaee36ec40b196, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:cd:4c:fc:49:76:6f:26:dc:62:69:e1:b5:41:
                    ba:c5:f6:70:e0:db:77:4c:05:71:a7:8a:55:09:14:
                    d9:e0:69:24:2c:aa:39:f2:42:15:eb:61:04:0a:f1:
                    de:40:d5:d1:a4:75:c9:03:c0:46:ab:95:e6:7f:9f:
                    e7:9f:e3:3a:79:d1:40:24:44:7c:7f:b3:2a:5d:19:
                    43:c2:a7:11:39:24:ff:76:fa:94:2e:97:df:f0:97:
                    ea:a6:86:eb:0a:09:f4:1f:00:80:61:1e:d9:09:4f:
                    4f:fc:98:7c:5a:8b:96:49:d9:03:f3:9f:07:8f:f6:
                    0f:ab:b2:a9:5e:76:be:fa:2d:05:b0:7b:66:69:f8:
                    c4:bd:57:9b:9b:ce:a6:49:fd:0c:2a:07:05:24:bd:
                    11:c1:7e:44:06:9c:cb:27:23:93:82:36:0c:31:4b:
                    05:19:49:78:2a:6d:ac:40:22:88:6e:fb:af:01:43:
                    fb:8d:17:85:0c:5c:73:69:30:b9:cb:3b:78:54:af:
                    32:ef:ae:9d:1d:f5:f6:ec:a8:28:80:7d:97:a0:3b:
                    65:a7:02:bf:67:e9:94:8c:8e:ad:5f:36:ed:5e:b3:
                    8f:7c:f9:2d:6e:e3:5e:97:c0:5c:ca:d7:4d:78:2b:
                    f5:13:22:1a:75:b7:f0:bb:28:44:83:eb:ce:cc:cb:
                    73:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:DC:F2:2E:50:A0:10:B4:00:09:5E:61:B8:20:E9:C5:26:2C:B6:AA
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2eb3df81-77bc-4940-af61-e2292ebcc99e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:e4:2b:77:cf:0d:bb:cd:25:9f:8e:b8:5c:72:14:5a:0a:88:
         15:d7:73:2b:d7:0d:b3:12:22:f6:18:61:73:96:b5:69:d0:29:
         e8:01:f6:09:7f:eb:1c:6e:b1:a7:be:2a:95:76:cb:3d:52:4b:
         6f:01:52:98:41:f8:e6:aa:61:87:fe:7d:0e:0a:09:10:00:a6:
         ad:84:f0:74:ba:7d:ca:cb:81:d6:bf:ba:38:6a:78:da:a0:c5:
         00:8e:37:35:c7:a4:86:40:49:b5:32:a5:de:83:3a:d4:72:a3:
         57:40:87:0a:df:59:90:ed:41:f5:ef:53:13:7f:de:74:2f:bf:
         5b:28:80:65:45:7f:4d:fc:70:f4:48:c3:75:05:dc:d8:f1:54:
         89:ee:cb:83:15:76:94:f4:87:d5:a2:80:7d:ce:d8:54:be:2c:
         fd:75:b9:12:0b:5f:94:f7:6c:45:f1:4b:c7:75:dc:a9:68:77:
         2a:54:04:73:eb:ab:1b:a8:d1:cb:11:50:c5:b7:6d:f2:bf:8e:
         74:22:95:19:0d:91:9a:d6:6d:15:de:72:6c:d7:bc:a3:6b:a7:
         48:4b:46:51:3a:a3:e1:f1:de:ab:eb:45:28:1c:9b:4f:6f:77:
         06:e9:f8:3d:06:b8:00:76:fd:80:57:ee:3c:c7:c7:cd:eb:67:
         d6:da:82:ff
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdr0BoKXmy3k9XtX78WbewqH4bRswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzIzMDAwMDAwWhcNMjQwODI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YmQ5MWQxYTljYWRiZGVmZTg1ZjA5N2ZmOGFiMDEzNTU0
NDU0YTA0ZTU2Y2E5ZTZhZGFhZWUzNmVjNDBiMTk2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3zUz8SXZvJtxiaeG1QbrF9nDg23dMBXGnilUJFNngaSQs
qjnyQhXrYQQK8d5A1dGkdckDwEarleZ/n+ef4zp50UAkRHx/sypdGUPCpxE5JP92
+pQul9/wl+qmhusKCfQfAIBhHtkJT0/8mHxai5ZJ2QPznweP9g+rsqledr76LQWw
e2Zp+MS9V5ubzqZJ/QwqBwUkvRHBfkQGnMsnI5OCNgwxSwUZSXgqbaxAIohu+68B
Q/uNF4UMXHNpMLnLO3hUrzLvrp0d9fbsqCiAfZegO2WnAr9n6ZSMjq1fNu1es498
+S1u416XwFzK1014K/UTIhp1t/C7KESD687My3NRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBdzyLlCgELQACV5huCDpxSYstqowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJlYjNkZjgxLTc3YmMtNDk0MC1hZjYxLWUyMjkyZWJjYzk5ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADnkK3fPDbvNJZ+OuFxyFFoKiBXX
cyvXDbMSIvYYYXOWtWnQKegB9gl/6xxusae+KpV2yz1SS28BUphB+OaqYYf+fQ4K
CRAApq2E8HS6fcrLgda/ujhqeNqgxQCONzXHpIZASbUypd6DOtRyo1dAhwrfWZDt
QfXvUxN/3nQvv1sogGVFf038cPRIw3UF3NjxVInuy4MVdpT0h9WigH3O2FS+LP11
uRILX5T3bEXxS8d13KlodypUBHPrqxuo0csRUMW3bfK/jnQilRkNkZrWbRXecmzX
vKNrp0hLRlE6o+Hx3qvrRSgcm09vdwbp+D0GuAB2/YBX7jzHx83rZ9bagv8=
-----END CERTIFICATE-----