Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7225bb10-1abe-4f43-8f6d-f9f102a43d3b.roa
File:                     7225bb10-1abe-4f43-8f6d-f9f102a43d3b.roa (raw, json)
Hash identifier:          PSW3s6dOW5owOdx/enI67wR8WeFZiJXuAhvnGUISs+A=
Subject key identifier:   60:CC:B4:91:41:84:78:DE:23:83:CA:BF:F3:E5:62:6B:C2:11:3D:A1
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       46EC80A3095C70AEA966296FD066ADDE1ADFD3A7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7225bb10-1abe-4f43-8f6d-f9f102a43d3b.roa
Signing time:             Wed 14 Aug 2024 00:00:00 +0000
ROA not before:           Wed 14 Aug 2024 00:00:00 +0000
ROA not after:            Wed 18 Sep 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 14 Aug 2024 13:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:ec:80:a3:09:5c:70:ae:a9:66:29:6f:d0:66:ad:de:1a:df:d3:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug 14 00:00:00 2024 GMT
            Not After : Sep 18 23:59:59 2024 GMT
        Subject: serialNumber=fcca83bd8b1f1bc46a9d83d02b7966a7934d021b40b5b688c68ec4a7d1e23b80, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:07:ec:f1:97:99:6e:90:9b:2a:58:5e:af:28:
                    05:a9:ff:ce:b3:29:40:5a:b8:b2:c3:f9:42:13:2d:
                    0f:c4:19:a4:b9:7c:6b:5d:db:59:df:03:2b:9e:52:
                    43:c0:08:8f:4a:de:ad:21:95:2a:a7:a1:96:46:4e:
                    c5:88:1e:a0:4c:0d:a7:f8:c1:1e:cc:c6:00:93:4b:
                    09:4f:d6:93:63:5b:d4:aa:12:7d:02:d3:94:6b:72:
                    2f:51:cd:fb:32:fb:0b:c1:c6:a8:c1:f4:b4:73:50:
                    a6:30:2d:35:5a:f1:ec:07:43:43:92:03:6a:51:c4:
                    24:70:af:62:ee:22:0f:52:d7:10:cf:02:54:d6:e8:
                    de:54:42:a1:52:4a:47:84:b6:da:0a:f7:af:cf:49:
                    94:96:51:14:00:ce:d0:3d:e5:26:df:28:19:63:62:
                    9b:3c:00:3b:07:96:61:7e:1c:45:5d:cb:99:58:14:
                    ac:d9:be:c9:0b:28:c0:43:5c:35:54:8f:94:52:2f:
                    bc:5e:44:ad:65:7d:19:57:f2:5e:53:72:3e:42:f0:
                    4a:ed:37:22:9d:f0:de:f4:b0:cb:2c:86:d0:11:0b:
                    54:b8:03:25:6c:3e:ed:db:22:40:5e:b9:b6:8c:bd:
                    79:a5:24:e3:c0:37:4b:02:37:58:44:41:6a:fe:db:
                    fb:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:CC:B4:91:41:84:78:DE:23:83:CA:BF:F3:E5:62:6B:C2:11:3D:A1
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7225bb10-1abe-4f43-8f6d-f9f102a43d3b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:a3:d1:61:90:91:22:b8:16:24:9b:97:e8:5f:40:5f:ff:a5:
         0a:38:eb:f3:be:80:93:96:e8:f7:4f:b7:6f:56:08:96:10:15:
         57:b6:21:f1:7f:64:ca:64:0f:10:9c:a0:43:bd:be:81:4f:40:
         17:c3:d6:cc:1c:96:f7:31:6e:a6:34:64:21:86:58:07:2c:53:
         ef:6d:20:ea:cd:c5:f4:e5:90:0d:49:45:b4:8a:6b:d0:5b:08:
         78:6b:22:fb:7b:d8:b9:32:df:d5:2f:70:c0:77:6c:65:69:f2:
         3d:e0:c2:8f:90:88:f9:d3:a6:37:3c:64:72:a4:f8:87:61:88:
         51:14:84:56:88:a9:e5:c8:24:2b:01:63:2b:b5:4c:ab:31:7c:
         a4:8c:c1:e3:1e:e1:6b:08:d4:90:d2:59:f4:d6:9e:16:47:fa:
         de:c5:4c:b2:b7:1e:07:7e:d9:9a:16:14:76:ae:b0:d8:23:91:
         b5:36:c1:a1:ae:7f:b4:ba:90:17:89:9e:cf:8e:ce:1e:7b:f1:
         69:3c:53:1c:41:06:e5:2c:44:4b:1f:69:05:9a:26:12:78:16:
         52:d2:1d:2e:42:84:1f:20:f4:0d:71:12:46:56:62:72:6f:25:
         ea:9c:86:f6:76:61:f8:b6:88:8f:c4:e9:19:43:59:f9:1c:e9:
         a9:15:0a:d7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURuyAowlccK6pZilv0Gat3hrf06cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwODE0MDAwMDAwWhcNMjQwOTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmY2NhODNiZDhiMWYxYmM0NmE5ZDgzZDAyYjc5NjZhNzkz
NGQwMjFiNDBiNWI2ODhjNjhlYzRhN2QxZTIzYjgwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2B+zxl5lukJsqWF6vKAWp/86zKUBauLLD+UITLQ/EGaS5
fGtd21nfAyueUkPACI9K3q0hlSqnoZZGTsWIHqBMDaf4wR7MxgCTSwlP1pNjW9Sq
En0C05Rrci9Rzfsy+wvBxqjB9LRzUKYwLTVa8ewHQ0OSA2pRxCRwr2LuIg9S1xDP
AlTW6N5UQqFSSkeEttoK96/PSZSWURQAztA95SbfKBljYps8ADsHlmF+HEVdy5lY
FKzZvskLKMBDXDVUj5RSL7xeRK1lfRlX8l5Tcj5C8ErtNyKd8N70sMsshtARC1S4
AyVsPu3bIkBeubaMvXmlJOPAN0sCN1hEQWr+2/tdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYMy0kUGEeN4jg8q/8+Via8IRPaEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzcyMjViYjEwLTFhYmUtNGY0My04ZjZkLWY5ZjEwMmE0M2QzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABqj0WGQkSK4FiSbl+hfQF//pQo4
6/O+gJOW6PdPt29WCJYQFVe2IfF/ZMpkDxCcoEO9voFPQBfD1swclvcxbqY0ZCGG
WAcsU+9tIOrNxfTlkA1JRbSKa9BbCHhrIvt72Lky39UvcMB3bGVp8j3gwo+QiPnT
pjc8ZHKk+IdhiFEUhFaIqeXIJCsBYyu1TKsxfKSMweMe4WsI1JDSWfTWnhZH+t7F
TLK3Hgd+2ZoWFHausNgjkbU2waGuf7S6kBeJns+Ozh578Wk8UxxBBuUsREsfaQWa
JhJ4FlLSHS5ChB8g9A1xEkZWYnJvJeqchvZ2Yfi2iI/E6RlDWfkc6akVCtc=
-----END CERTIFICATE-----