Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/686b3ce7-e2e7-46c2-80a9-6a7226392932.roa
File:                     686b3ce7-e2e7-46c2-80a9-6a7226392932.roa (raw, json)
Hash identifier:          Vgkc4zXsIVdtG86nEvk4UpSCidaOiMAaxmGuXABIHM8=
Subject key identifier:   C0:4A:BE:A3:51:2B:36:08:27:36:54:11:16:04:8F:15:BA:23:DE:83
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       37EC04B6750639CB64486BEB08D0134688899988
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/686b3ce7-e2e7-46c2-80a9-6a7226392932.roa
Signing time:             Thu 18 Jul 2024 00:00:00 +0000
ROA not before:           Thu 18 Jul 2024 00:00:00 +0000
ROA not after:            Thu 22 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 Jul 2024 22:18:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:ec:04:b6:75:06:39:cb:64:48:6b:eb:08:d0:13:46:88:89:99:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 18 00:00:00 2024 GMT
            Not After : Aug 22 23:59:59 2024 GMT
        Subject: serialNumber=2bc84a41f4573460316bb8bbc1abf81c60b4eccbe13ccdb841e2767b8c5c06f3, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:6e:69:64:b1:7b:f8:80:33:0d:80:56:0c:8e:
                    4d:22:87:b7:96:51:5a:28:9b:d9:41:64:17:6b:02:
                    a1:08:a9:00:b1:5b:0e:22:a8:41:5f:59:8a:35:af:
                    b7:a0:88:17:f5:12:91:c3:05:fb:b8:ae:32:a8:73:
                    39:ab:51:e3:45:68:4f:b3:dc:9a:c5:e1:8d:76:72:
                    b1:d5:d9:3a:df:42:0b:25:9f:ce:c3:ab:83:00:db:
                    1b:51:e3:e1:6e:7d:e8:73:5b:71:85:93:8b:48:f4:
                    fb:63:06:52:9e:a8:dc:76:83:37:19:fb:d0:13:c7:
                    d6:5d:d0:39:21:03:d4:c3:d1:c9:88:7f:fb:ce:20:
                    11:a3:26:cc:4b:9c:50:60:34:01:1a:f0:63:cb:6e:
                    09:a8:2e:3e:bf:e5:40:50:7e:4f:5f:85:c0:42:fd:
                    93:0f:a9:53:93:49:bb:22:77:d5:ab:f7:62:44:6a:
                    9b:90:9b:d9:78:c8:fa:1d:84:b6:ff:73:7e:de:7f:
                    68:93:72:05:92:dc:55:d5:bc:54:f0:9d:98:e5:8f:
                    c7:af:16:4d:70:9a:a5:db:e6:f2:63:cb:f2:11:b5:
                    19:99:0d:94:95:9c:2e:97:6d:35:3b:21:4e:b6:8a:
                    28:a4:02:0c:df:f4:e5:5a:56:db:6f:5a:36:7b:d4:
                    56:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:4A:BE:A3:51:2B:36:08:27:36:54:11:16:04:8F:15:BA:23:DE:83
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/686b3ce7-e2e7-46c2-80a9-6a7226392932.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:b4:d8:9b:6f:bc:f8:72:68:e9:72:41:09:1f:49:66:10:6f:
         3c:a2:ab:70:ab:2a:6e:06:b2:66:41:51:43:39:f6:41:71:df:
         ff:1b:39:89:01:93:97:cb:42:ab:e6:3c:6a:bd:0a:21:07:cb:
         aa:68:a6:f0:75:5f:34:3d:1b:49:09:6b:f0:f4:e0:a5:22:22:
         1c:cd:8b:51:8b:ed:56:de:33:b8:44:d3:23:12:95:a0:ab:46:
         68:32:2e:d3:61:25:f9:58:3d:95:4e:cb:19:d1:f1:f0:50:c8:
         45:d4:91:23:6c:27:2a:31:73:11:9d:8d:e9:c2:93:38:40:ff:
         66:55:2a:2b:46:90:7f:a0:c5:75:a9:2c:2a:2a:23:02:e2:4a:
         68:18:60:06:c8:dd:bc:32:15:1b:83:66:f8:88:c0:4b:f6:cc:
         57:f7:d9:44:b4:ac:2b:16:fd:43:90:5f:d7:2b:df:ad:d9:1b:
         15:c3:b1:a0:8f:7a:a4:53:08:4e:8f:95:e6:9d:c6:01:4a:2d:
         31:c9:30:93:b3:e4:fa:b2:7b:02:57:86:39:53:f1:fb:7a:fd:
         3b:0f:29:f0:0b:7a:3c:82:40:16:42:2c:f5:25:f5:ef:ed:a9:
         4f:da:93:cc:b7:5a:8f:41:e5:b3:de:f9:d8:5c:84:dc:ac:de:
         f6:3e:9f:f7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUN+wEtnUGOctkSGvrCNATRoiJmYgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzE4MDAwMDAwWhcNMjQwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyYmM4NGE0MWY0NTczNDYwMzE2YmI4YmJjMWFiZjgxYzYw
YjRlY2NiZTEzY2NkYjg0MWUyNzY3YjhjNWMwNmYzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvbmlksXv4gDMNgFYMjk0ih7eWUVoom9lBZBdrAqEIqQCx
Ww4iqEFfWYo1r7egiBf1EpHDBfu4rjKoczmrUeNFaE+z3JrF4Y12crHV2TrfQgsl
n87Dq4MA2xtR4+FufehzW3GFk4tI9PtjBlKeqNx2gzcZ+9ATx9Zd0DkhA9TD0cmI
f/vOIBGjJsxLnFBgNAEa8GPLbgmoLj6/5UBQfk9fhcBC/ZMPqVOTSbsid9Wr92JE
apuQm9l4yPodhLb/c37ef2iTcgWS3FXVvFTwnZjlj8evFk1wmqXb5vJjy/IRtRmZ
DZSVnC6XbTU7IU62iiikAgzf9OVaVttvWjZ71FafAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwEq+o1ErNggnNlQRFgSPFboj3oMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzY4NmIzY2U3LWUyZTctNDZjMi04MGE5LTZhNzIyNjM5MjkzMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGW02JtvvPhyaOlyQQkfSWYQbzyi
q3CrKm4GsmZBUUM59kFx3/8bOYkBk5fLQqvmPGq9CiEHy6popvB1XzQ9G0kJa/D0
4KUiIhzNi1GL7VbeM7hE0yMSlaCrRmgyLtNhJflYPZVOyxnR8fBQyEXUkSNsJyox
cxGdjenCkzhA/2ZVKitGkH+gxXWpLCoqIwLiSmgYYAbI3bwyFRuDZviIwEv2zFf3
2US0rCsW/UOQX9cr363ZGxXDsaCPeqRTCE6PleadxgFKLTHJMJOz5PqyewJXhjlT
8ft6/TsPKfALejyCQBZCLPUl9e/tqU/ak8y3Wo9B5bPe+dhchNys3vY+n/c=
-----END CERTIFICATE-----