Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b4f44c2-bd31-4080-b164-19ff8da18f98.roa
File:                     3b4f44c2-bd31-4080-b164-19ff8da18f98.roa (raw, json)
Hash identifier:          2b058iZSYcK/YAKMteRUs+p6OFUrzRMnc2BuvM3hDEA=
Subject key identifier:   42:3B:D2:EE:87:42:E9:29:E8:6B:E3:D1:11:6B:F2:B1:CF:34:80:88
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       42B3CC31E333BB3E8F0E07D61200914D3EEA136C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b4f44c2-bd31-4080-b164-19ff8da18f98.roa
Signing time:             Sun 08 Sep 2024 00:00:00 +0000
ROA not before:           Sun 08 Sep 2024 00:00:00 +0000
ROA not after:            Sun 13 Oct 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 08 Sep 2024 01:03:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:b3:cc:31:e3:33:bb:3e:8f:0e:07:d6:12:00:91:4d:3e:ea:13:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep  8 00:00:00 2024 GMT
            Not After : Oct 13 23:59:59 2024 GMT
        Subject: serialNumber=1309f29f545e843dfe1e80233d87d1ff12ea0dd6fdb80963dd4d5b657b6274fd, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:7f:35:f4:c1:44:c0:5e:59:c2:9b:09:ba:65:
                    ff:26:a6:62:9b:17:6d:b1:b2:8d:43:d2:f8:dc:55:
                    16:7d:4c:d9:9f:13:d1:fa:fd:a0:14:e9:e8:59:91:
                    f8:5f:82:c5:85:a5:be:13:1c:6e:ca:62:c5:60:96:
                    f4:49:a8:73:ac:32:44:a7:97:a0:9f:73:9c:eb:fd:
                    49:24:95:4f:85:a3:8d:a8:f0:2f:3b:20:b5:8e:2a:
                    69:db:91:61:39:29:bb:86:be:a4:fb:4b:3a:56:f1:
                    0c:a9:0e:66:b4:a2:a2:e2:82:e5:06:55:27:c3:79:
                    32:03:96:70:39:3b:db:3f:87:cd:ac:13:e1:23:2a:
                    75:d5:7d:d2:9f:e1:e9:28:d7:53:92:ec:2f:e2:ad:
                    19:c8:45:ee:e3:31:50:3c:39:c1:06:87:ac:b4:63:
                    4b:f0:7e:0b:97:9b:08:48:62:c6:3f:64:07:38:d3:
                    ab:37:d0:56:91:19:ab:bb:3b:53:cf:36:2c:2c:fb:
                    f9:6b:81:1c:c9:06:a8:53:96:18:46:53:2b:9a:85:
                    65:c9:2d:b3:39:cf:aa:1d:20:94:e5:67:6d:99:a6:
                    e9:a7:bc:d5:ea:38:ee:a3:ac:e3:46:4b:2d:36:fe:
                    3f:13:bb:2a:af:2b:d0:86:0b:65:e6:4a:d7:16:7f:
                    df:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:3B:D2:EE:87:42:E9:29:E8:6B:E3:D1:11:6B:F2:B1:CF:34:80:88
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b4f44c2-bd31-4080-b164-19ff8da18f98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:55:61:9f:03:a1:6d:10:3c:2b:c9:18:45:eb:db:4d:87:4c:
         8e:48:45:3b:e1:8e:3d:2e:3c:8c:58:72:87:69:8b:c3:32:36:
         2b:60:6a:3a:77:88:32:08:73:d7:18:6e:eb:c6:72:41:c6:9f:
         23:16:dd:cf:88:87:16:eb:a5:b2:94:54:17:93:88:49:4d:fe:
         b4:52:a0:2d:2b:e7:39:02:1f:20:c5:c1:29:b8:b4:29:0b:0e:
         d3:ae:bc:5c:dd:b8:9c:e3:f5:cd:ad:49:3e:b7:17:63:9d:76:
         85:85:dc:12:af:10:98:ee:8b:17:0f:5e:1f:77:c9:21:5e:5f:
         34:ee:47:d1:14:33:d0:34:e6:bf:52:c4:77:9a:7f:cf:cc:43:
         98:13:4e:70:8b:35:ea:42:12:db:6f:a2:1a:31:bf:8b:d7:09:
         d5:cb:49:4c:69:a3:30:41:af:c1:bf:9f:be:29:cd:9d:67:7e:
         40:98:bf:1d:2e:5d:cd:aa:26:21:f9:a5:d0:70:0f:1a:d2:c3:
         8a:1a:10:99:25:3a:49:59:35:9a:40:78:e3:23:31:3b:92:25:
         18:1d:ef:50:4f:41:7b:d3:c4:e3:7a:bc:68:37:cd:02:29:1d:
         05:b4:8c:71:6a:bb:9f:e5:8f:5c:96:ab:0c:06:9c:0f:a9:2e:
         bd:84:5d:ea
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQrPMMeMzuz6PDgfWEgCRTT7qE2wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTA4MDAwMDAwWhcNMjQxMDEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzA5ZjI5ZjU0NWU4NDNkZmUxZTgwMjMzZDg3ZDFmZjEy
ZWEwZGQ2ZmRiODA5NjNkZDRkNWI2NTdiNjI3NGZkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTfzX0wUTAXlnCmwm6Zf8mpmKbF22xso1D0vjcVRZ9TNmf
E9H6/aAU6ehZkfhfgsWFpb4THG7KYsVglvRJqHOsMkSnl6Cfc5zr/UkklU+Fo42o
8C87ILWOKmnbkWE5KbuGvqT7SzpW8QypDma0oqLiguUGVSfDeTIDlnA5O9s/h82s
E+EjKnXVfdKf4eko11OS7C/irRnIRe7jMVA8OcEGh6y0Y0vwfguXmwhIYsY/ZAc4
06s30FaRGau7O1PPNiws+/lrgRzJBqhTlhhGUyuahWXJLbM5z6odIJTlZ22Zpumn
vNXqOO6jrONGSy02/j8TuyqvK9CGC2XmStcWf9+hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQjvS7odC6Snoa+PREWvysc80gIgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNiNGY0NGMyLWJkMzEtNDA4MC1iMTY0LTE5ZmY4ZGExOGY5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABlVYZ8DoW0QPCvJGEXr202HTI5I
RTvhjj0uPIxYcodpi8MyNitgajp3iDIIc9cYbuvGckHGnyMW3c+IhxbrpbKUVBeT
iElN/rRSoC0r5zkCHyDFwSm4tCkLDtOuvFzduJzj9c2tST63F2OddoWF3BKvEJju
ixcPXh93ySFeXzTuR9EUM9A05r9SxHeaf8/MQ5gTTnCLNepCEttvohoxv4vXCdXL
SUxpozBBr8G/n74pzZ1nfkCYvx0uXc2qJiH5pdBwDxrSw4oaEJklOklZNZpAeOMj
MTuSJRgd71BPQXvTxON6vGg3zQIpHQW0jHFqu5/lj1yWqwwGnA+pLr2EXeo=
-----END CERTIFICATE-----