Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/76a32451-3184-41ee-b7ce-d7b04e62c822.roa
File:                     76a32451-3184-41ee-b7ce-d7b04e62c822.roa (raw, json)
Hash identifier:          GL0qX7IHhqm5iwmlA7tmCt+8ly2x5w/9FLMOmtauWK8=
Subject key identifier:   B7:34:8A:F9:03:E8:F8:93:02:B0:0A:9B:B4:65:10:70:E8:96:E3:1F
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       7D6DB599746D70F58FCE76F35918AD3A15BA5334
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/76a32451-3184-41ee-b7ce-d7b04e62c822.roa
Signing time:             Sat 02 Nov 2024 00:00:00 +0000
ROA not before:           Sat 02 Nov 2024 00:00:00 +0000
ROA not after:            Sat 07 Dec 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 02 Nov 2024 10:03:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:6d:b5:99:74:6d:70:f5:8f:ce:76:f3:59:18:ad:3a:15:ba:53:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov  2 00:00:00 2024 GMT
            Not After : Dec  7 23:59:59 2024 GMT
        Subject: serialNumber=da5e3948bc90ce7e649a0a17612aeefbc34ba6f27b622b4f3ed18ebfe894b6eb, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:29:bc:9e:da:8e:83:81:83:64:ba:3f:ba:75:
                    49:93:05:42:52:3a:be:17:21:ba:fc:d1:5d:4d:ea:
                    56:c4:8f:ea:71:34:2e:e7:9e:52:53:82:a3:a2:f1:
                    ed:68:62:5e:18:17:38:98:b3:7a:13:04:8d:1e:ad:
                    31:b1:27:41:53:2a:ae:cc:71:ec:0c:df:73:99:0d:
                    49:25:3a:6d:69:9b:e5:ab:bd:9c:8c:47:d5:03:1d:
                    29:f2:6b:50:70:03:c9:ce:cf:08:a1:e0:94:31:d4:
                    7e:66:14:e7:fc:8a:80:52:42:1a:86:4c:69:0b:a1:
                    aa:be:1b:20:ec:d9:8e:f0:20:92:28:55:18:c3:29:
                    f7:84:bf:25:3f:7b:a2:27:8e:e5:ce:31:3d:04:ea:
                    1d:a9:b2:b0:e7:63:06:52:36:c3:2d:d8:ea:72:d3:
                    90:69:db:43:00:53:94:8b:3f:4f:55:b2:d2:90:63:
                    01:51:8e:f7:f1:a6:75:47:45:6c:b3:4e:d5:ed:89:
                    66:6e:03:82:99:91:6a:ba:0e:c3:61:24:e3:89:6f:
                    31:fe:0f:2f:a1:6c:03:5a:67:cd:0f:e9:c5:48:e3:
                    62:6c:4d:14:51:5e:98:9b:b2:91:bc:83:ea:ec:d8:
                    d1:61:d6:4d:18:71:b9:0a:00:bd:75:31:b2:97:59:
                    24:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:34:8A:F9:03:E8:F8:93:02:B0:0A:9B:B4:65:10:70:E8:96:E3:1F
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/76a32451-3184-41ee-b7ce-d7b04e62c822.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:31:16:6b:73:2d:ef:d1:fa:4d:68:e5:84:86:3f:5a:26:b3:
         be:da:16:93:06:7d:49:59:d2:85:de:60:20:74:0e:a8:e7:c6:
         51:e6:02:93:27:21:67:08:ed:73:e3:90:37:84:74:41:49:f2:
         29:19:81:41:01:31:ec:f4:04:21:4e:8c:22:40:cf:bd:35:7e:
         32:23:6a:f6:e9:cd:46:cc:2b:11:20:ef:8c:17:13:7b:ad:45:
         a5:4e:90:5c:7b:52:55:07:1e:db:da:0f:fc:2b:ea:a1:75:30:
         c7:ba:18:12:7c:e6:e3:6c:2d:6e:86:ac:20:ca:d5:2c:71:4c:
         a3:28:cd:b0:a5:d7:49:28:d6:7e:40:cc:42:2a:5e:2e:3b:8f:
         50:2f:3b:c0:0c:6a:e1:04:30:13:fd:bd:23:6e:5e:8a:3e:2e:
         8e:4d:67:de:cf:4c:08:24:2c:a1:40:31:e9:58:50:15:91:46:
         92:03:3f:89:14:3f:da:d5:cb:e3:df:c4:58:3a:c8:e8:4a:9d:
         1b:39:0e:c1:f4:a6:ab:22:c9:0e:e1:90:c9:12:30:d5:19:4d:
         0a:34:31:dd:34:3f:09:2f:72:0b:a9:c0:ea:59:8c:71:13:fd:
         30:d4:af:a9:52:44:5a:e6:51:9a:c4:3b:d5:37:c8:14:47:67:
         93:4b:22:ae
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfW21mXRtcPWPznbzWRitOhW6UzQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMTAyMDAwMDAwWhcNMjQxMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTVlMzk0OGJjOTBjZTdlNjQ5YTBhMTc2MTJhZWVmYmMz
NGJhNmYyN2I2MjJiNGYzZWQxOGViZmU4OTRiNmViMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdKbye2o6DgYNkuj+6dUmTBUJSOr4XIbr80V1N6lbEj+px
NC7nnlJTgqOi8e1oYl4YFziYs3oTBI0erTGxJ0FTKq7McewM33OZDUklOm1pm+Wr
vZyMR9UDHSnya1BwA8nOzwih4JQx1H5mFOf8ioBSQhqGTGkLoaq+GyDs2Y7wIJIo
VRjDKfeEvyU/e6InjuXOMT0E6h2psrDnYwZSNsMt2Opy05Bp20MAU5SLP09VstKQ
YwFRjvfxpnVHRWyzTtXtiWZuA4KZkWq6DsNhJOOJbzH+Dy+hbANaZ80P6cVI42Js
TRRRXpibspG8g+rs2NFh1k0YcbkKAL11MbKXWSRLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtzSK+QPo+JMCsAqbtGUQcOiW4x8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzc2YTMyNDUxLTMxODQtNDFlZS1iN2NlLWQ3YjA0ZTYyYzgyMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKcxFmtzLe/R+k1o5YSGP1oms77a
FpMGfUlZ0oXeYCB0DqjnxlHmApMnIWcI7XPjkDeEdEFJ8ikZgUEBMez0BCFOjCJA
z701fjIjavbpzUbMKxEg74wXE3utRaVOkFx7UlUHHtvaD/wr6qF1MMe6GBJ85uNs
LW6GrCDK1SxxTKMozbCl10ko1n5AzEIqXi47j1AvO8AMauEEMBP9vSNuXoo+Lo5N
Z97PTAgkLKFAMelYUBWRRpIDP4kUP9rVy+PfxFg6yOhKnRs5DsH0pqsiyQ7hkMkS
MNUZTQo0Md00PwkvcgupwOpZjHET/TDUr6lSRFrmUZrEO9U3yBRHZ5NLIq4=
-----END CERTIFICATE-----