Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/513cb54f-91ad-40d8-8224-96ddea46d33f.roa
File:                     513cb54f-91ad-40d8-8224-96ddea46d33f.roa (raw, json)
Hash identifier:          WgumqGJg8tjncVTCU+ghCO0iO+u6edOUA8UncKGAmn0=
Subject key identifier:   3C:1C:98:38:07:83:8C:39:6C:67:5A:B5:7A:CC:E7:F0:42:32:E9:9E
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       0907304880855751DC3133CF04C1626EBCC197C2
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/513cb54f-91ad-40d8-8224-96ddea46d33f.roa
Signing time:             Wed 23 Oct 2024 00:00:00 +0000
ROA not before:           Wed 23 Oct 2024 00:00:00 +0000
ROA not after:            Wed 27 Nov 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 23 Oct 2024 14:09:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:07:30:48:80:85:57:51:dc:31:33:cf:04:c1:62:6e:bc:c1:97:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct 23 00:00:00 2024 GMT
            Not After : Nov 27 23:59:59 2024 GMT
        Subject: serialNumber=466751c1540cc0539a7f9c956a1ca58251639e608d0c6d87a77ae99816f6874c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:cb:75:3f:c5:b2:49:ba:8e:be:3c:8f:21:01:
                    e4:c0:7c:db:d5:04:54:43:84:68:2e:24:cb:fc:45:
                    43:22:e9:83:54:5f:ba:94:63:1c:5d:e1:3f:e3:12:
                    08:b2:ce:a7:e7:1e:1c:1f:bd:1f:c1:c5:72:75:be:
                    40:5a:37:fa:9c:88:b7:a0:35:45:d6:55:5c:89:6d:
                    26:f9:67:f3:64:18:5b:e3:d2:bc:d7:88:fb:40:4f:
                    1e:96:b8:1a:a1:64:7e:67:7f:e1:fd:d5:57:4b:6f:
                    52:d2:59:0c:03:ff:2d:03:63:c3:76:9b:21:8f:a4:
                    af:76:54:82:b6:dc:d7:a3:81:0e:26:7f:8d:22:49:
                    08:e0:68:61:a1:4c:ce:88:dd:09:c0:d7:3b:82:37:
                    e5:4e:d2:33:db:3a:f4:da:a7:2c:b8:8e:d5:b4:b2:
                    3b:72:96:f6:55:cf:17:b7:23:af:2b:6f:c7:e4:8c:
                    60:e7:8b:7c:24:e5:dc:52:84:ce:74:9a:b6:3b:e4:
                    04:dd:fc:31:51:0b:51:ee:75:b5:a1:a2:d0:60:3a:
                    5b:26:99:97:62:0c:aa:eb:77:62:54:36:0e:c8:88:
                    af:a5:f2:bb:fa:cf:6e:d7:d6:d1:4b:07:b0:ae:7a:
                    c8:d8:d8:7b:5f:f1:7b:7c:9a:e6:95:6b:14:b5:88:
                    92:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:1C:98:38:07:83:8C:39:6C:67:5A:B5:7A:CC:E7:F0:42:32:E9:9E
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/513cb54f-91ad-40d8-8224-96ddea46d33f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:cb:e7:07:76:71:b1:db:a7:78:49:c0:ac:7b:ca:57:18:67:
         da:ba:c8:98:3f:dc:8f:4c:0d:48:fd:00:cc:17:e9:f4:55:0b:
         6a:8a:3f:37:e5:d8:83:aa:7a:e1:e9:d5:e3:c3:14:50:82:04:
         2f:70:24:33:85:32:d3:77:a7:91:df:2c:ca:7d:9e:49:06:55:
         fe:da:4f:46:73:49:54:59:56:59:88:96:30:4f:b3:db:1b:a7:
         ea:c4:fa:0a:a1:28:72:d9:7d:bd:e7:86:82:29:27:fc:b2:5d:
         0a:83:e3:78:cf:32:8a:a9:7c:e5:4f:1b:00:4c:fd:96:9d:fc:
         e1:ae:fe:98:0f:76:19:8b:69:a7:f3:64:6c:6a:55:bd:e9:78:
         a0:23:19:ea:23:18:06:75:c2:9b:fb:b9:62:5d:32:c9:44:67:
         bb:9d:cb:3c:b7:d9:a6:6d:99:e0:54:85:9d:c5:8d:96:36:cb:
         3b:69:94:a5:76:1a:09:9b:3a:15:a2:36:a0:ce:4e:b9:0b:b8:
         a3:f3:ca:28:d4:af:3c:e9:0b:c1:d2:d9:2a:d7:d7:25:0e:60:
         df:f8:2a:90:f0:89:5d:da:0f:a5:e9:31:25:91:d9:fa:b7:64:
         f4:48:d6:00:df:5f:a0:32:49:c8:93:15:47:82:f1:45:34:c9:
         84:cf:e3:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCQcwSICFV1HcMTPPBMFibrzBl8IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDIzMDAwMDAwWhcNMjQxMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NjY3NTFjMTU0MGNjMDUzOWE3ZjljOTU2YTFjYTU4MjUx
NjM5ZTYwOGQwYzZkODdhNzdhZTk5ODE2ZjY4NzRjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyy3U/xbJJuo6+PI8hAeTAfNvVBFRDhGguJMv8RUMi6YNU
X7qUYxxd4T/jEgiyzqfnHhwfvR/BxXJ1vkBaN/qciLegNUXWVVyJbSb5Z/NkGFvj
0rzXiPtATx6WuBqhZH5nf+H91VdLb1LSWQwD/y0DY8N2myGPpK92VIK23NejgQ4m
f40iSQjgaGGhTM6I3QnA1zuCN+VO0jPbOvTapyy4jtW0sjtylvZVzxe3I68rb8fk
jGDni3wk5dxShM50mrY75ATd/DFRC1HudbWhotBgOlsmmZdiDKrrd2JUNg7IiK+l
8rv6z27X1tFLB7CuesjY2Htf8Xt8muaVaxS1iJJrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPByYOAeDjDlsZ1q1eszn8EIy6Z4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzUxM2NiNTRmLTkxYWQtNDBkOC04MjI0LTk2ZGRlYTQ2ZDMzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAK7L5wd2cbHbp3hJwKx7ylcYZ9q6
yJg/3I9MDUj9AMwX6fRVC2qKPzfl2IOqeuHp1ePDFFCCBC9wJDOFMtN3p5HfLMp9
nkkGVf7aT0ZzSVRZVlmIljBPs9sbp+rE+gqhKHLZfb3nhoIpJ/yyXQqD43jPMoqp
fOVPGwBM/Zad/OGu/pgPdhmLaafzZGxqVb3peKAjGeojGAZ1wpv7uWJdMslEZ7ud
yzy32aZtmeBUhZ3FjZY2yztplKV2GgmbOhWiNqDOTrkLuKPzyijUrzzpC8HS2SrX
1yUOYN/4KpDwiV3aD6XpMSWR2fq3ZPRI1gDfX6AySciTFUeC8UU0yYTP4xo=
-----END CERTIFICATE-----