Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/30aeb8c9-ab6c-4254-9703-fac9aacdcf0c.roa
File:                     30aeb8c9-ab6c-4254-9703-fac9aacdcf0c.roa (raw, json)
Hash identifier:          rSQv6RSW2olZ+EXA3mzKrHV4kkIJxIkgh2XSNWX5zrQ=
Subject key identifier:   C1:2E:EE:F6:27:09:5A:77:B6:3C:26:80:28:E6:0F:09:78:05:8F:38
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       14D4F41380BC22D57F2E3469EE6BB31831F1741A
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/30aeb8c9-ab6c-4254-9703-fac9aacdcf0c.roa
Signing time:             Sat 28 Sep 2024 00:00:00 +0000
ROA not before:           Sat 28 Sep 2024 00:00:00 +0000
ROA not after:            Sat 02 Nov 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 28 Sep 2024 07:49:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:d4:f4:13:80:bc:22:d5:7f:2e:34:69:ee:6b:b3:18:31:f1:74:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 28 00:00:00 2024 GMT
            Not After : Nov  2 23:59:59 2024 GMT
        Subject: serialNumber=0fdcd6b8de3bfb645a7e7936bb8ff67df4c4a0d81dd8298979715502a5ab7337, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:5f:70:64:10:ae:f0:ac:09:63:1a:44:c8:4a:
                    e1:44:36:b3:d6:1f:90:d2:b9:3b:8d:2e:6b:7d:37:
                    a2:50:06:a2:1b:ae:38:a8:11:f7:64:f0:b4:84:de:
                    9e:12:82:e3:7c:13:95:eb:31:61:38:36:37:08:37:
                    cf:31:4a:e5:eb:ed:58:5e:c2:4f:e7:a9:49:fc:1b:
                    3e:06:09:5b:1f:84:0e:99:9a:24:ab:3c:95:3f:28:
                    ff:f4:34:ff:71:89:e6:7d:60:d3:25:5e:22:b6:e7:
                    02:8a:ec:59:7d:eb:73:37:05:65:4a:48:9b:7b:52:
                    32:f8:cf:81:a9:c5:14:99:3e:96:09:0b:35:16:91:
                    dd:66:7f:c3:03:08:28:67:31:af:5e:16:ac:1f:42:
                    75:36:ad:ff:d7:6d:70:27:ab:89:d2:c7:ac:62:b3:
                    b7:3a:c6:a7:a8:cf:5d:b1:d7:62:3e:86:de:da:fb:
                    05:30:05:30:6a:30:f3:d7:34:84:52:de:83:b9:89:
                    19:7e:60:bf:4a:46:fd:77:4c:19:2f:ea:f4:d8:5b:
                    4e:8e:3e:d8:26:f6:b5:62:bb:a3:d7:83:dc:e0:cb:
                    a1:0d:8d:1e:98:72:7e:3b:77:c6:ee:11:7b:f3:9e:
                    d8:e2:9c:12:34:d1:57:e6:3a:38:aa:0d:85:2f:ae:
                    68:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:2E:EE:F6:27:09:5A:77:B6:3C:26:80:28:E6:0F:09:78:05:8F:38
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/30aeb8c9-ab6c-4254-9703-fac9aacdcf0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:a1:4c:31:00:cd:fc:bb:11:04:73:4b:1a:a0:56:ab:ee:ae:
         81:e5:f4:2c:69:ae:f9:33:a8:64:47:37:36:bf:87:a0:82:50:
         15:63:3f:ee:78:05:cc:b1:95:ed:32:7d:14:e8:00:ec:44:b1:
         58:61:fa:40:60:70:0e:37:cc:25:a0:96:7a:7e:35:6b:e1:e0:
         5c:d6:ec:81:eb:af:2d:1c:ed:79:6f:9f:4e:bf:6d:05:6b:38:
         23:af:70:30:5b:0a:ed:fa:a1:73:d4:63:68:0f:09:47:34:97:
         2f:d7:31:16:c3:a4:24:ee:c5:87:4e:e5:31:6c:1e:93:d3:8f:
         bb:d2:93:80:a9:fd:e4:ac:ff:88:04:4e:2c:6b:4e:75:3f:00:
         18:aa:d3:33:d6:3f:f1:cb:f7:c9:a4:f2:a1:95:74:9d:8e:99:
         f4:7e:4c:78:d2:e3:61:b3:df:f3:25:99:35:5e:9e:bd:bb:fb:
         40:80:77:ea:eb:70:d9:0e:7d:9d:bc:f7:b7:61:c3:5e:57:ff:
         41:7f:80:7d:10:93:59:75:62:a8:9d:77:78:df:70:2a:34:fa:
         9b:7f:39:32:81:83:ac:3d:bf:f8:af:fb:d7:43:41:4b:c5:39:
         6d:4d:5d:ea:8c:44:47:80:48:4f:78:9f:bb:e8:0a:08:8c:26:
         78:17:1d:1d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFNT0E4C8ItV/LjRp7muzGDHxdBowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTI4MDAwMDAwWhcNMjQxMTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZmRjZDZiOGRlM2JmYjY0NWE3ZTc5MzZiYjhmZjY3ZGY0
YzRhMGQ4MWRkODI5ODk3OTcxNTUwMmE1YWI3MzM3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLX3BkEK7wrAljGkTISuFENrPWH5DSuTuNLmt9N6JQBqIb
rjioEfdk8LSE3p4SguN8E5XrMWE4NjcIN88xSuXr7Vhewk/nqUn8Gz4GCVsfhA6Z
miSrPJU/KP/0NP9xieZ9YNMlXiK25wKK7Fl963M3BWVKSJt7UjL4z4GpxRSZPpYJ
CzUWkd1mf8MDCChnMa9eFqwfQnU2rf/XbXAnq4nSx6xis7c6xqeoz12x12I+ht7a
+wUwBTBqMPPXNIRS3oO5iRl+YL9KRv13TBkv6vTYW06OPtgm9rViu6PXg9zgy6EN
jR6Ycn47d8buEXvzntjinBI00VfmOjiqDYUvrmiXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwS7u9icJWne2PCaAKOYPCXgFjzgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzMwYWViOGM5LWFiNmMtNDI1NC05NzAzLWZhYzlhYWNkY2YwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEehTDEAzfy7EQRzSxqgVqvuroHl
9CxprvkzqGRHNza/h6CCUBVjP+54Bcyxle0yfRToAOxEsVhh+kBgcA43zCWglnp+
NWvh4FzW7IHrry0c7Xlvn06/bQVrOCOvcDBbCu36oXPUY2gPCUc0ly/XMRbDpCTu
xYdO5TFsHpPTj7vSk4Cp/eSs/4gETixrTnU/ABiq0zPWP/HL98mk8qGVdJ2OmfR+
THjS42Gz3/MlmTVenr27+0CAd+rrcNkOfZ2897dhw15X/0F/gH0Qk1l1Yqidd3jf
cCo0+pt/OTKBg6w9v/iv+9dDQUvFOW1NXeqMREeASE94n7voCgiMJngXHR0=
-----END CERTIFICATE-----