Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/551f4f59-ee41-4eb5-8bd4-e6482427d37e.roa
File:                     551f4f59-ee41-4eb5-8bd4-e6482427d37e.roa (raw, json)
Hash identifier:          qk8VDOmzbhSBPnVUJTzrDld8hKUZ/vDU7UeEvjYfhB0=
Subject key identifier:   5C:83:A3:BC:91:90:8E:68:BD:BF:A9:77:13:93:94:76:03:DE:7D:4D
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       053D9E793E7F6610BD61780B83C918CB743A88C8
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/551f4f59-ee41-4eb5-8bd4-e6482427d37e.roa
Signing time:             Wed 23 Oct 2024 00:00:00 +0000
ROA not before:           Wed 23 Oct 2024 00:00:00 +0000
ROA not after:            Wed 27 Nov 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 23 Oct 2024 16:59:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:3d:9e:79:3e:7f:66:10:bd:61:78:0b:83:c9:18:cb:74:3a:88:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct 23 00:00:00 2024 GMT
            Not After : Nov 27 23:59:59 2024 GMT
        Subject: serialNumber=292e6b85966641e847ac79437481b5f92985ae7884b563688145b6888620868f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:eb:66:79:51:41:8b:7e:f8:c6:b8:61:22:6f:
                    de:3d:ec:94:38:a7:5f:22:f5:0c:18:6c:bf:a8:49:
                    db:03:cb:65:8d:74:0b:8f:25:53:eb:dc:6a:0c:04:
                    89:40:eb:e8:f3:bc:4b:44:49:13:3c:01:76:66:c4:
                    c8:e1:19:3a:04:78:25:e2:04:2a:35:ec:02:e7:6e:
                    b0:f5:00:1c:07:14:9d:36:89:5c:3a:35:47:2e:8c:
                    40:0a:f6:9d:c7:c8:d4:f4:96:fe:46:d1:f1:fa:bd:
                    c1:f1:31:db:eb:f3:e8:67:64:11:4e:e5:7d:30:76:
                    d6:a1:b6:e4:15:ec:5e:18:43:57:47:75:4f:5e:db:
                    76:ba:96:3f:04:46:3f:13:12:d6:18:ab:46:d2:d2:
                    a1:f3:60:af:96:59:96:55:eb:7d:e6:51:d9:95:12:
                    37:c4:1e:8c:02:01:61:92:3c:17:d2:7b:71:64:03:
                    c8:78:c4:80:b6:d0:6c:b9:18:88:9f:a8:64:e7:9f:
                    98:b7:cc:5c:32:00:a0:63:e9:5d:d5:1f:3d:f6:c0:
                    ac:cb:32:e0:37:97:3c:a3:52:e7:07:1f:45:9a:f1:
                    90:3f:75:c6:bf:95:cd:c4:fe:6f:b6:0e:a0:bf:fc:
                    3b:c1:fd:72:d6:98:95:74:89:42:28:a7:4d:cb:1d:
                    9f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:83:A3:BC:91:90:8E:68:BD:BF:A9:77:13:93:94:76:03:DE:7D:4D
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/551f4f59-ee41-4eb5-8bd4-e6482427d37e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:89:69:20:ba:ef:99:f5:f1:7d:90:ab:b9:b0:db:4a:f3:0b:
         60:16:d5:29:3a:6f:70:bb:3a:7f:59:01:8c:4a:3f:48:07:f1:
         4d:87:8c:9f:c5:b4:cf:55:79:3e:b2:b2:ea:1d:6c:23:c7:43:
         80:10:1a:6b:98:63:a0:a9:09:3a:80:73:c5:90:df:86:43:0c:
         8b:e7:35:15:ab:56:57:49:77:ae:32:da:35:38:a5:08:70:fb:
         b3:8b:e4:5f:af:9d:20:2c:f3:b6:12:fd:1c:cf:d4:42:96:fc:
         d7:67:6d:de:7f:1c:0e:ad:15:01:98:72:ee:fa:6c:fa:4d:dd:
         db:d8:f0:dd:26:ae:81:02:a0:41:98:ec:7d:25:4b:3f:d3:df:
         51:0d:a9:c7:fc:03:ca:b0:ac:9f:c5:80:c9:4c:d9:e7:46:96:
         b8:fc:b4:3e:53:99:7a:b3:91:9d:86:b7:d9:bc:b0:1d:93:79:
         fc:e3:b0:37:3a:03:45:30:85:5d:e0:0b:9f:88:9b:96:42:0b:
         4f:25:4b:7c:f1:4b:8c:88:68:0e:0c:5a:49:43:ff:3c:35:5b:
         78:05:af:ea:22:9f:55:6c:d2:78:5b:5d:02:3c:6f:2e:62:b8:
         eb:b0:9c:c0:6d:18:b5:c0:40:3f:73:bd:f6:89:c6:40:38:54:
         ca:27:39:e4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBT2eeT5/ZhC9YXgLg8kYy3Q6iMgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDIzMDAwMDAwWhcNMjQxMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyOTJlNmI4NTk2NjY0MWU4NDdhYzc5NDM3NDgxYjVmOTI5
ODVhZTc4ODRiNTYzNjg4MTQ1YjY4ODg2MjA4NjhmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL62Z5UUGLfvjGuGEib9497JQ4p18i9QwYbL+oSdsDy2WN
dAuPJVPr3GoMBIlA6+jzvEtESRM8AXZmxMjhGToEeCXiBCo17ALnbrD1ABwHFJ02
iVw6NUcujEAK9p3HyNT0lv5G0fH6vcHxMdvr8+hnZBFO5X0wdtahtuQV7F4YQ1dH
dU9e23a6lj8ERj8TEtYYq0bS0qHzYK+WWZZV633mUdmVEjfEHowCAWGSPBfSe3Fk
A8h4xIC20Gy5GIifqGTnn5i3zFwyAKBj6V3VHz32wKzLMuA3lzyjUucHH0Wa8ZA/
dca/lc3E/m+2DqC//DvB/XLWmJV0iUIop03LHZ/hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXIOjvJGQjmi9v6l3E5OUdgPefU0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzU1MWY0ZjU5LWVlNDEtNGViNS04YmQ0LWU2NDgyNDI3ZDM3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACOJaSC675n18X2Qq7mw20rzC2AW
1Sk6b3C7On9ZAYxKP0gH8U2HjJ/FtM9VeT6ysuodbCPHQ4AQGmuYY6CpCTqAc8WQ
34ZDDIvnNRWrVldJd64y2jU4pQhw+7OL5F+vnSAs87YS/RzP1EKW/Ndnbd5/HA6t
FQGYcu76bPpN3dvY8N0mroECoEGY7H0lSz/T31ENqcf8A8qwrJ/FgMlM2edGlrj8
tD5TmXqzkZ2Gt9m8sB2TefzjsDc6A0UwhV3gC5+Im5ZCC08lS3zxS4yIaA4MWklD
/zw1W3gFr+oin1Vs0nhbXQI8by5iuOuwnMBtGLXAQD9zvfaJxkA4VMonOeQ=
-----END CERTIFICATE-----