Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/304d81ac-82d4-4c35-9751-e28a49405601.roa
File:                     304d81ac-82d4-4c35-9751-e28a49405601.roa (raw, json)
Hash identifier:          nZqnTEA567wBl1ztGP2v2hiNU5c2ZMrCk4mNHB0ymBk=
Subject key identifier:   D3:5A:AE:C1:35:88:6D:AF:6B:E1:FA:41:17:1E:76:8D:85:5B:EF:D5
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       59C579682A67636AE097AC44A30BFEB2E827FEE5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/304d81ac-82d4-4c35-9751-e28a49405601.roa
Signing time:             Mon 08 Jul 2024 00:00:00 +0000
ROA not before:           Mon 08 Jul 2024 00:00:00 +0000
ROA not after:            Mon 12 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Jul 2024 16:53:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:c5:79:68:2a:67:63:6a:e0:97:ac:44:a3:0b:fe:b2:e8:27:fe:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  8 00:00:00 2024 GMT
            Not After : Aug 12 23:59:59 2024 GMT
        Subject: serialNumber=f17cfa0194b549ec8e7559c88e523cd7072d90a6c7f9e46c384052876a8d320f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f3:c7:4e:c6:82:ad:a4:ac:3d:40:1e:09:64:
                    7e:6e:62:4a:cb:5f:d1:36:92:7e:78:a2:1b:d4:c8:
                    d9:47:8d:c3:e6:81:66:6d:27:75:d1:24:24:bf:cb:
                    66:e4:6d:dc:83:87:96:3a:9f:bd:9e:b8:e9:4a:39:
                    84:69:0a:d7:75:8d:03:0c:f9:1d:00:66:c4:cf:f3:
                    63:52:ab:27:92:65:59:ae:d6:d6:38:57:07:e0:78:
                    c8:04:21:40:b6:8e:6f:6a:2a:df:89:c3:f3:01:9c:
                    fc:02:d6:07:71:80:7d:3a:ca:23:29:07:58:67:2b:
                    9d:b4:bc:9b:4b:c4:c0:5a:c1:b2:bf:4f:53:61:9b:
                    7f:6b:e6:6f:f8:16:7b:b3:e9:b5:2b:3a:6d:c3:52:
                    46:ed:5d:c9:dc:ca:8d:39:a7:8a:f8:3a:21:30:cc:
                    52:51:cc:09:fd:69:a2:4d:ad:3c:2e:48:1a:0c:23:
                    74:24:73:87:93:d3:74:12:33:6c:f9:35:48:eb:2b:
                    9f:3e:ae:a5:ac:e9:89:81:71:52:13:40:25:76:6e:
                    9b:f4:86:b2:d8:ec:50:4f:6b:a5:a8:a2:63:c7:c6:
                    5e:30:82:b7:d9:7e:4d:ee:28:5b:21:ea:ff:1c:11:
                    79:8e:ea:fb:99:27:f6:1f:0f:ed:fa:84:5f:70:ee:
                    c3:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:5A:AE:C1:35:88:6D:AF:6B:E1:FA:41:17:1E:76:8D:85:5B:EF:D5
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/304d81ac-82d4-4c35-9751-e28a49405601.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:ec:07:1d:45:da:05:ab:66:70:a6:b6:23:d7:94:7f:c0:c9:
         8b:5e:53:54:97:79:ca:e8:62:6d:57:a3:3b:ae:ce:16:ef:80:
         3f:9b:b5:eb:51:97:1f:13:1d:9b:59:a8:bc:77:e5:a5:11:0e:
         cb:78:35:72:f3:b5:63:ad:00:cc:b6:b7:9f:78:e4:b7:52:84:
         14:80:25:f2:f9:3f:29:8f:4e:b2:f9:a2:d0:4b:e4:0d:47:d5:
         e4:7d:cf:13:ea:c7:76:e7:51:77:fa:c4:ba:b7:59:b0:2f:f8:
         a6:27:72:78:cf:6d:4f:ad:e9:55:f5:4f:7b:af:46:8c:f3:52:
         f5:29:a2:f3:be:fd:39:6c:01:90:57:72:e9:44:41:bd:73:27:
         12:1e:33:29:e2:78:a8:73:df:ca:c3:2c:ab:17:b1:1f:cb:2b:
         2c:47:ac:61:2e:96:88:f4:8e:e7:ba:9f:21:a6:95:6e:97:17:
         3a:a1:e5:cf:eb:6c:34:06:53:9f:46:a8:98:75:3d:30:4f:f0:
         95:1e:0d:1a:49:01:20:da:bd:d5:9a:48:24:ff:53:6b:f2:e9:
         cc:13:ca:66:43:64:59:5f:54:47:e1:e2:e0:8e:e7:67:9c:78:
         57:fe:ab:77:13:72:9b:a7:b3:8e:c1:1b:85:e7:a4:24:65:04:
         22:14:5e:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWcV5aCpnY2rgl6xEowv+sugn/uUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzA4MDAwMDAwWhcNMjQwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMTdjZmEwMTk0YjU0OWVjOGU3NTU5Yzg4ZTUyM2NkNzA3
MmQ5MGE2YzdmOWU0NmMzODQwNTI4NzZhOGQzMjBmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz88dOxoKtpKw9QB4JZH5uYkrLX9E2kn54ohvUyNlHjcPm
gWZtJ3XRJCS/y2bkbdyDh5Y6n72euOlKOYRpCtd1jQMM+R0AZsTP82NSqyeSZVmu
1tY4VwfgeMgEIUC2jm9qKt+Jw/MBnPwC1gdxgH06yiMpB1hnK520vJtLxMBawbK/
T1Nhm39r5m/4Fnuz6bUrOm3DUkbtXcncyo05p4r4OiEwzFJRzAn9aaJNrTwuSBoM
I3Qkc4eT03QSM2z5NUjrK58+rqWs6YmBcVITQCV2bpv0hrLY7FBPa6WoomPHxl4w
grfZfk3uKFsh6v8cEXmO6vuZJ/YfD+36hF9w7sNrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU01quwTWIba9r4fpBFx52jYVb79UwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzMwNGQ4MWFjLTgyZDQtNGMzNS05NzUxLWUyOGE0OTQwNTYwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADLsBx1F2gWrZnCmtiPXlH/AyYte
U1SXecroYm1XozuuzhbvgD+btetRlx8THZtZqLx35aURDst4NXLztWOtAMy2t594
5LdShBSAJfL5PymPTrL5otBL5A1H1eR9zxPqx3bnUXf6xLq3WbAv+KYncnjPbU+t
6VX1T3uvRozzUvUpovO+/TlsAZBXculEQb1zJxIeMynieKhz38rDLKsXsR/LKyxH
rGEuloj0jue6nyGmlW6XFzqh5c/rbDQGU59GqJh1PTBP8JUeDRpJASDavdWaSCT/
U2vy6cwTymZDZFlfVEfh4uCO52eceFf+q3cTcpuns47BG4XnpCRlBCIUXmo=
-----END CERTIFICATE-----