Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ff387ba-0e3b-4fb3-8738-5fcb456686a4.roa
File:                     2ff387ba-0e3b-4fb3-8738-5fcb456686a4.roa (raw, json)
Hash identifier:          LkaWUyRLFU4F/x7qjsEmaRxfUIiF2BZjjKVGEzAT5hI=
Subject key identifier:   4C:90:82:0E:25:06:89:F6:31:FA:A1:2A:18:CE:22:12:F9:42:3E:E4
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       52FEAE3D613D172AF74065D9D4F1FA1503AF9E1C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ff387ba-0e3b-4fb3-8738-5fcb456686a4.roa
Signing time:             Sat 13 Jul 2024 00:00:00 +0000
ROA not before:           Sat 13 Jul 2024 00:00:00 +0000
ROA not after:            Sat 17 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 13 Jul 2024 09:38:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:fe:ae:3d:61:3d:17:2a:f7:40:65:d9:d4:f1:fa:15:03:af:9e:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 13 00:00:00 2024 GMT
            Not After : Aug 17 23:59:59 2024 GMT
        Subject: serialNumber=f85cbc22ff4673f746e86d5faac8993078b2165f56231c76384057413605c0d3, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:3b:5f:f8:fc:e6:07:9a:d7:38:5a:dd:8e:b6:
                    cb:99:d8:bc:17:3a:4f:1c:2d:3a:88:fc:98:86:4f:
                    85:29:56:05:16:f5:63:f5:67:20:02:f0:f3:e2:47:
                    5f:6a:bb:e3:3a:85:70:15:b4:b0:8d:a4:3d:57:3c:
                    6e:03:bc:76:c4:ec:53:8d:40:6f:f2:4f:ef:1f:8a:
                    3a:9d:e3:17:c1:20:25:59:1a:5c:00:67:37:11:60:
                    4a:b1:0c:6b:1f:6b:fe:2f:97:bb:28:2a:a2:0e:cc:
                    7e:83:44:03:f4:89:5e:9f:8c:9e:f2:6b:8f:ec:2f:
                    5a:cf:a1:b5:27:6f:ea:77:a5:82:65:2e:49:a5:e3:
                    c1:e7:f8:f6:23:72:7b:e6:06:bd:9a:7f:66:6c:82:
                    52:25:66:e2:58:d1:e6:b6:e5:5e:fd:af:41:fa:d0:
                    77:c5:96:70:04:35:0e:96:6e:f4:fe:df:f1:fc:64:
                    47:eb:df:f6:cd:29:7e:02:8f:90:97:af:ae:96:e1:
                    19:f8:23:10:17:fb:1d:2e:b2:44:64:eb:97:df:c2:
                    3c:60:ca:81:88:0f:0f:88:b1:c9:b5:48:f3:1d:9e:
                    50:9e:75:54:e8:c1:6f:0f:80:00:47:34:43:3c:2c:
                    9c:4c:cc:af:46:1d:34:af:ce:42:8c:d9:fc:62:ce:
                    56:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:90:82:0E:25:06:89:F6:31:FA:A1:2A:18:CE:22:12:F9:42:3E:E4
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ff387ba-0e3b-4fb3-8738-5fcb456686a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:0e:16:34:fe:31:b5:1d:d7:6a:0c:b7:69:c3:ef:3f:59:c5:
         16:b1:27:99:cb:c7:ea:89:8f:c9:b0:9a:ac:40:b1:3e:97:c2:
         f7:74:d8:10:a8:2c:18:e7:d4:8c:0d:02:83:3d:8f:f0:3a:48:
         f2:86:61:77:d4:99:a7:6d:08:8a:ee:12:db:a7:60:b1:6b:1b:
         00:76:39:a0:3e:2b:e3:eb:91:51:0d:94:13:12:6b:74:0e:52:
         0a:04:b4:5f:65:cb:29:62:14:cd:20:22:7b:28:5f:6a:ed:49:
         43:13:91:a2:9d:dd:95:d3:9a:3c:30:4c:31:d3:e4:b6:88:01:
         b6:cd:c1:a9:8f:a5:40:bb:8c:1d:59:58:a3:53:d4:30:4c:8b:
         63:e4:2a:9d:71:c0:3e:0d:26:63:f2:5d:da:41:a8:ec:3d:42:
         3d:7c:60:35:24:43:15:07:da:76:d3:8c:89:ff:42:1f:98:7f:
         90:0c:57:4f:f5:ed:0b:ed:83:31:2f:17:95:af:b3:cf:22:d6:
         60:7f:46:b0:73:40:30:8e:51:6b:4a:f4:a6:79:e4:61:ec:6d:
         31:66:2e:24:f7:b5:c2:1e:ae:45:98:51:0d:7d:40:f5:6b:88:
         55:f7:d7:ff:e6:32:76:a3:4f:f5:c9:c4:f9:b3:67:7e:11:5f:
         29:60:6b:ab
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUv6uPWE9Fyr3QGXZ1PH6FQOvnhwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzEzMDAwMDAwWhcNMjQwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmODVjYmMyMmZmNDY3M2Y3NDZlODZkNWZhYWM4OTkzMDc4
YjIxNjVmNTYyMzFjNzYzODQwNTc0MTM2MDVjMGQzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDgO1/4/OYHmtc4Wt2OtsuZ2LwXOk8cLTqI/JiGT4UpVgUW
9WP1ZyAC8PPiR19qu+M6hXAVtLCNpD1XPG4DvHbE7FONQG/yT+8fijqd4xfBICVZ
GlwAZzcRYEqxDGsfa/4vl7soKqIOzH6DRAP0iV6fjJ7ya4/sL1rPobUnb+p3pYJl
Lkml48Hn+PYjcnvmBr2af2ZsglIlZuJY0ea25V79r0H60HfFlnAENQ6WbvT+3/H8
ZEfr3/bNKX4Cj5CXr66W4Rn4IxAX+x0uskRk65ffwjxgyoGIDw+Iscm1SPMdnlCe
dVTowW8PgABHNEM8LJxMzK9GHTSvzkKM2fxizlYlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTJCCDiUGifYx+qEqGM4iEvlCPuQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJmZjM4N2JhLTBlM2ItNGZiMy04NzM4LTVmY2I0NTY2ODZhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFUOFjT+MbUd12oMt2nD7z9ZxRax
J5nLx+qJj8mwmqxAsT6Xwvd02BCoLBjn1IwNAoM9j/A6SPKGYXfUmadtCIruEtun
YLFrGwB2OaA+K+PrkVENlBMSa3QOUgoEtF9lyyliFM0gInsoX2rtSUMTkaKd3ZXT
mjwwTDHT5LaIAbbNwamPpUC7jB1ZWKNT1DBMi2PkKp1xwD4NJmPyXdpBqOw9Qj18
YDUkQxUH2nbTjIn/Qh+Yf5AMV0/17QvtgzEvF5Wvs88i1mB/RrBzQDCOUWtK9KZ5
5GHsbTFmLiT3tcIerkWYUQ19QPVriFX31//mMnajT/XJxPmzZ34RXylga6s=
-----END CERTIFICATE-----