Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4537ac6f-b7a7-4708-8afc-476c5f6144a4.roa
File:                     4537ac6f-b7a7-4708-8afc-476c5f6144a4.roa (raw, json)
Hash identifier:          AAhbDXWYXt2/b07InYEr0Yh7Tw5ifPu9XGuLene80Ag=
Subject key identifier:   3E:48:7D:5E:3C:F4:13:3B:3D:4B:0B:67:F0:2A:40:CA:05:CD:30:BB
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       618B41EB5559FCE37883D85A6D84F495C82F3DFB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4537ac6f-b7a7-4708-8afc-476c5f6144a4.roa
Signing time:             Fri 22 Nov 2024 00:00:00 +0000
ROA not before:           Fri 22 Nov 2024 00:00:00 +0000
ROA not after:            Fri 27 Dec 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Nov 2024 06:04:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:8b:41:eb:55:59:fc:e3:78:83:d8:5a:6d:84:f4:95:c8:2f:3d:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 22 00:00:00 2024 GMT
            Not After : Dec 27 23:59:59 2024 GMT
        Subject: serialNumber=85f1b14c7d81d920a89cca3b58676232a4dca7ea9eb17374207b6279b7d14a6f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ca:53:00:1b:25:45:94:fb:43:12:a6:39:0e:
                    65:3f:37:f8:35:94:09:b5:e2:d8:04:f4:c6:9c:b0:
                    a2:24:f6:65:75:53:d7:e2:37:eb:0d:02:a7:06:87:
                    ee:bb:3e:ea:a3:f6:5c:3d:ad:36:e1:1f:7e:b4:3b:
                    63:19:cf:9a:1e:60:c2:d0:0b:30:5d:10:db:35:3b:
                    2f:24:08:08:db:1a:8d:b4:7a:36:9d:af:a1:78:29:
                    7b:a5:a5:04:e0:5d:2a:33:8d:56:de:50:1b:b0:59:
                    08:52:9e:14:d1:ec:37:57:67:e3:d2:23:f5:83:53:
                    c5:b2:03:c2:cb:67:38:be:e0:9b:ca:86:b6:9b:03:
                    6e:0e:3f:06:4c:37:eb:8f:80:ba:de:8e:55:bf:60:
                    17:39:f6:77:df:e8:da:69:c3:92:1b:b4:5c:83:b7:
                    86:7f:ad:97:5b:41:74:20:3b:77:c1:de:d7:35:fc:
                    fe:76:d9:fe:ec:05:dd:76:6f:71:9a:f8:4d:80:8f:
                    3b:6f:29:9b:bc:89:33:b0:5f:59:38:55:32:4b:a9:
                    84:1d:4c:a4:09:94:4e:07:df:2d:24:3a:23:20:92:
                    6d:d2:fc:63:29:53:35:2c:03:84:dc:9f:e6:63:2c:
                    31:11:a8:cd:bf:3a:53:d4:22:38:88:61:6c:d7:db:
                    ba:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:48:7D:5E:3C:F4:13:3B:3D:4B:0B:67:F0:2A:40:CA:05:CD:30:BB
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4537ac6f-b7a7-4708-8afc-476c5f6144a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:d5:8c:47:59:f2:09:25:5e:b6:f2:04:e9:e4:3e:c9:99:b6:
         19:fc:bb:99:04:db:2c:4e:de:3d:77:a9:ec:6b:7a:2b:90:c6:
         1a:c0:e7:f1:6c:e4:23:46:fc:ee:26:1a:21:02:ae:e5:91:7e:
         85:a2:43:3e:87:ac:08:be:5a:f5:2c:b1:91:14:3f:fc:9c:3b:
         e0:f2:2d:ec:d6:dc:af:c3:91:ba:9c:a8:08:f8:53:42:90:db:
         b3:4b:5b:74:1a:00:44:87:8c:68:cb:d4:39:32:aa:e2:29:9b:
         1c:c0:b5:fc:2a:23:b1:b7:f0:88:aa:0a:67:d3:62:d0:c0:91:
         a2:a8:50:ab:03:1d:2a:3e:be:bb:26:86:96:c2:5a:4c:89:32:
         bd:7c:dd:4f:cf:5a:d5:86:d8:64:3c:35:a3:5e:06:a5:5e:e2:
         51:68:8b:31:e5:21:4e:39:1d:bc:3a:64:31:70:c9:0e:7f:68:
         c7:11:d0:76:98:03:56:31:ef:12:5e:d6:1c:e7:02:59:cf:79:
         6c:95:a7:72:8a:2a:c9:ba:dc:65:65:b4:6e:21:df:37:d4:8c:
         07:cc:26:5c:b0:11:ac:60:88:38:12:87:d5:58:3d:e5:39:e7:
         62:4d:77:d5:cf:9f:7d:55:51:70:56:e7:a6:e6:dc:dd:a7:cc:
         2b:46:ac:84
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYYtB61VZ/ON4g9habYT0lcgvPfswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTIyMDAwMDAwWhcNMjQxMjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NWYxYjE0YzdkODFkOTIwYTg5Y2NhM2I1ODY3NjIzMmE0
ZGNhN2VhOWViMTczNzQyMDdiNjI3OWI3ZDE0YTZmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/ylMAGyVFlPtDEqY5DmU/N/g1lAm14tgE9MacsKIk9mV1
U9fiN+sNAqcGh+67Puqj9lw9rTbhH360O2MZz5oeYMLQCzBdENs1Oy8kCAjbGo20
ejadr6F4KXulpQTgXSozjVbeUBuwWQhSnhTR7DdXZ+PSI/WDU8WyA8LLZzi+4JvK
hrabA24OPwZMN+uPgLrejlW/YBc59nff6Nppw5IbtFyDt4Z/rZdbQXQgO3fB3tc1
/P522f7sBd12b3Ga+E2AjztvKZu8iTOwX1k4VTJLqYQdTKQJlE4H3y0kOiMgkm3S
/GMpUzUsA4Tcn+ZjLDERqM2/OlPUIjiIYWzX27orAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPkh9Xjz0Ezs9Swtn8CpAygXNMLswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQ1MzdhYzZmLWI3YTctNDcwOC04YWZjLTQ3NmM1ZjYxNDRhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHXVjEdZ8gklXrbyBOnkPsmZthn8
u5kE2yxO3j13qexreiuQxhrA5/Fs5CNG/O4mGiECruWRfoWiQz6HrAi+WvUssZEU
P/ycO+DyLezW3K/DkbqcqAj4U0KQ27NLW3QaAESHjGjL1DkyquIpmxzAtfwqI7G3
8IiqCmfTYtDAkaKoUKsDHSo+vrsmhpbCWkyJMr183U/PWtWG2GQ8NaNeBqVe4lFo
izHlIU45Hbw6ZDFwyQ5/aMcR0HaYA1Yx7xJe1hznAlnPeWyVp3KKKsm63GVltG4h
3zfUjAfMJlywEaxgiDgSh9VYPeU552JNd9XPn31VUXBW56bm3N2nzCtGrIQ=
-----END CERTIFICATE-----