Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/598e652b-5792-4f12-863f-883b9ea28af7.roa
File:                     598e652b-5792-4f12-863f-883b9ea28af7.roa (raw, json)
Hash identifier:          oeyMvSdS0r37FwF9HCy367uFG0Fj4H9jLRbgXBxr6b8=
Subject key identifier:   5E:3B:DC:70:D8:65:6D:42:9D:F7:A7:3E:40:75:13:9E:86:B1:46:19
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6C2C88DA3BECA412ADD00ADE7964B4D74AE42912
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/598e652b-5792-4f12-863f-883b9ea28af7.roa
Signing time:             Sat 16 Nov 2024 00:00:00 +0000
ROA not before:           Sat 16 Nov 2024 00:00:00 +0000
ROA not after:            Sat 21 Dec 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 16 Nov 2024 22:58:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:2c:88:da:3b:ec:a4:12:ad:d0:0a:de:79:64:b4:d7:4a:e4:29:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 16 00:00:00 2024 GMT
            Not After : Dec 21 23:59:59 2024 GMT
        Subject: serialNumber=bab56942de0c96d8b820bee77b436edf3cf8ab91ebb07251016cce9ea9fcdf34, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:44:db:32:fb:83:82:c1:30:84:09:cd:d0:05:
                    16:9a:8d:17:bb:8c:30:be:cf:ed:f5:35:d4:62:ae:
                    b7:46:5a:f2:85:8a:b6:7e:be:2c:38:e3:80:a7:61:
                    e8:fd:db:3b:43:15:63:5e:f0:76:45:27:c0:9a:04:
                    e0:3b:1e:52:8d:b3:da:2b:22:0d:ef:ec:83:2b:ce:
                    90:84:aa:d5:97:8c:14:8e:2e:90:ec:e4:56:4d:68:
                    24:66:c3:30:2c:e4:6d:d2:ae:ee:47:27:a7:96:f5:
                    de:83:95:30:a0:5d:33:21:9e:2c:28:c3:a9:31:f5:
                    f8:b7:2c:7b:1d:73:30:82:e4:e3:eb:bc:fb:b8:83:
                    ff:39:07:3f:71:17:f0:65:8e:e5:f9:1e:a2:a0:a4:
                    24:d1:35:e7:88:6a:38:64:af:b7:91:3d:6a:59:38:
                    4c:f5:a7:88:2a:8a:f4:9b:ca:b6:ac:7c:48:58:47:
                    40:5d:be:89:2a:54:2f:d3:92:0c:21:31:d3:85:fb:
                    c9:2a:07:c6:b8:3f:d8:4d:e9:67:a3:02:f3:c2:92:
                    cc:d6:b1:3a:f5:51:3d:d1:a7:41:0a:09:c5:4b:97:
                    e8:94:75:c6:81:60:a4:50:13:a0:95:51:a7:2b:7e:
                    97:5f:ec:85:4c:81:c5:d2:38:38:99:6c:a9:50:5f:
                    29:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:3B:DC:70:D8:65:6D:42:9D:F7:A7:3E:40:75:13:9E:86:B1:46:19
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/598e652b-5792-4f12-863f-883b9ea28af7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:74:9b:e0:79:73:ad:f5:8e:5c:5d:c3:67:12:34:10:8f:24:
         0f:58:1f:41:61:23:4c:c0:8c:a1:89:9f:eb:68:98:0e:9c:51:
         5a:80:7a:32:66:d8:bc:36:f9:e0:08:a8:a5:1b:f6:8f:b4:57:
         6d:f0:5f:e6:ce:7c:59:72:98:9b:22:ec:d7:fb:be:46:5b:69:
         a7:f6:17:1e:d1:fc:cf:4f:1f:ed:a3:16:37:57:16:2c:6a:05:
         0c:86:54:42:1e:a8:38:1d:78:22:2c:22:26:2c:a6:54:08:d0:
         30:b6:a8:c2:85:4e:76:37:41:1e:a7:b7:07:10:00:29:f5:e5:
         f8:80:0e:43:89:55:e0:7a:cf:d4:6b:99:11:60:b5:1e:24:fa:
         16:a9:59:c7:42:72:b3:bd:60:de:8a:7d:72:05:d5:d8:90:fb:
         96:de:88:d5:16:6d:65:05:c4:2b:a3:11:d3:96:e5:74:c3:53:
         1c:9a:09:14:22:82:2a:8f:bc:01:08:dd:15:e9:03:21:d1:e4:
         25:32:60:14:30:75:57:80:6f:0a:dc:96:8d:ee:90:5d:37:6e:
         d6:c6:84:77:46:3c:8a:93:c0:33:33:03:a9:c0:57:7b:35:da:
         f1:91:f9:fe:be:ef:d6:39:44:26:cf:36:32:a4:48:e7:82:bc:
         a0:e1:14:2b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbCyI2jvspBKt0AreeWS010rkKRIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTE2MDAwMDAwWhcNMjQxMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYWI1Njk0MmRlMGM5NmQ4YjgyMGJlZTc3YjQzNmVkZjNj
ZjhhYjkxZWJiMDcyNTEwMTZjY2U5ZWE5ZmNkZjM0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhRNsy+4OCwTCECc3QBRaajRe7jDC+z+31NdRirrdGWvKF
irZ+viw444CnYej92ztDFWNe8HZFJ8CaBOA7HlKNs9orIg3v7IMrzpCEqtWXjBSO
LpDs5FZNaCRmwzAs5G3Sru5HJ6eW9d6DlTCgXTMhniwow6kx9fi3LHsdczCC5OPr
vPu4g/85Bz9xF/BljuX5HqKgpCTRNeeIajhkr7eRPWpZOEz1p4gqivSbyrasfEhY
R0BdvokqVC/TkgwhMdOF+8kqB8a4P9hN6WejAvPCkszWsTr1UT3Rp0EKCcVLl+iU
dcaBYKRQE6CVUacrfpdf7IVMgcXSODiZbKlQXylJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXjvccNhlbUKd96c+QHUTnoaxRhkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzU5OGU2NTJiLTU3OTItNGYxMi04NjNmLTg4M2I5ZWEyOGFmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFR0m+B5c631jlxdw2cSNBCPJA9Y
H0FhI0zAjKGJn+tomA6cUVqAejJm2Lw2+eAIqKUb9o+0V23wX+bOfFlymJsi7Nf7
vkZbaaf2Fx7R/M9PH+2jFjdXFixqBQyGVEIeqDgdeCIsIiYsplQI0DC2qMKFTnY3
QR6ntwcQACn15fiADkOJVeB6z9RrmRFgtR4k+hapWcdCcrO9YN6KfXIF1diQ+5be
iNUWbWUFxCujEdOW5XTDUxyaCRQigiqPvAEI3RXpAyHR5CUyYBQwdVeAbwrclo3u
kF03btbGhHdGPIqTwDMzA6nAV3s12vGR+f6+79Y5RCbPNjKkSOeCvKDhFCs=
-----END CERTIFICATE-----