Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/83406ba8-1cfd-463d-bfec-d74f759c049a.roa
File:                     83406ba8-1cfd-463d-bfec-d74f759c049a.roa (raw, json)
Hash identifier:          PPh5ke/R8sFtH4F/UykYaaRiVWFEnLMyseaUZl9f1oc=
Subject key identifier:   DC:BB:41:CD:5F:98:AC:E4:63:98:D9:76:74:90:26:D8:BD:67:B7:46
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       155EA5174F52E58E6B1EA9F87585E4F23FC682B2
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/83406ba8-1cfd-463d-bfec-d74f759c049a.roa
Signing time:             Wed 25 Sep 2024 00:00:00 +0000
ROA not before:           Wed 25 Sep 2024 00:00:00 +0000
ROA not after:            Wed 30 Oct 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Sep 2024 06:04:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:5e:a5:17:4f:52:e5:8e:6b:1e:a9:f8:75:85:e4:f2:3f:c6:82:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 25 00:00:00 2024 GMT
            Not After : Oct 30 23:59:59 2024 GMT
        Subject: serialNumber=a921d3a8ee3b1e94ab1b9de309e9840beece9e0d5cb7e93c0203172c02f7ffd3, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:71:91:9c:2a:3f:d5:d4:f2:bd:1a:13:95:24:
                    fa:e0:68:88:42:b6:43:10:66:27:02:be:72:b6:70:
                    f9:48:5c:50:b1:34:34:45:1e:ad:2b:e0:55:16:2a:
                    ce:52:4a:ff:42:19:e1:9a:e8:d0:60:13:70:d1:a2:
                    b8:0c:73:37:e0:85:96:5f:9c:03:d9:6b:71:22:e1:
                    d2:34:88:43:06:66:99:9c:a3:9c:a6:c1:4c:c0:c2:
                    34:12:11:7e:94:e3:03:1c:38:cf:71:cf:e8:5d:f4:
                    c7:1d:a5:c8:93:0f:96:6b:f1:a7:03:d0:5c:72:cb:
                    e1:45:f2:22:07:1f:29:38:93:25:b2:6f:e0:74:25:
                    ac:c0:dc:45:7d:de:a8:5b:e1:eb:4b:91:3e:f4:b4:
                    c2:69:8c:90:6e:54:a3:44:29:95:ab:eb:bd:e5:f3:
                    96:f9:7f:b5:e4:d0:cb:66:34:48:ea:b3:35:cb:4d:
                    08:6e:36:51:f2:d2:06:1a:b7:0a:bc:20:7f:8d:73:
                    4d:05:89:cd:8b:4e:4b:75:a9:72:b8:36:a9:0f:28:
                    6d:7a:e8:fe:76:21:22:9e:d0:d4:9c:86:bd:97:5c:
                    33:71:26:80:ac:26:11:5d:41:bc:61:ad:46:a3:c7:
                    0c:4e:33:fb:82:40:39:12:ef:25:82:70:ef:b3:d0:
                    d7:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:BB:41:CD:5F:98:AC:E4:63:98:D9:76:74:90:26:D8:BD:67:B7:46
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/83406ba8-1cfd-463d-bfec-d74f759c049a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:53:7b:bb:66:1f:e8:5e:73:94:3c:9c:d2:a7:cd:e5:f8:83:
         3e:72:35:a9:3c:20:28:68:e7:7c:8b:a0:1e:a2:95:ca:aa:33:
         ef:4b:b4:22:91:cb:5d:8e:13:a6:bc:b0:ba:d1:91:80:4f:b0:
         38:d7:a3:39:4d:ff:b9:77:46:d6:71:2e:b4:74:6d:e8:ef:37:
         d7:4d:f3:a1:51:74:b9:d5:70:35:48:e5:09:24:8a:e7:2c:9d:
         63:8a:a0:b0:77:c1:88:fa:a1:23:e4:e6:bc:00:76:49:1d:21:
         58:f2:9c:91:ba:3e:0d:df:11:01:f8:be:76:50:b8:ec:2c:4e:
         07:50:54:43:e8:dc:ad:d3:04:b4:aa:89:13:d4:34:cc:f8:69:
         7a:99:ed:66:61:ab:75:cc:c5:06:5c:af:a4:d5:53:93:c2:4b:
         5c:0f:0b:40:8a:3f:44:ea:6f:28:0e:81:ff:0a:7e:be:cb:45:
         0c:92:ee:fa:ab:b4:48:6b:e4:b0:70:23:88:c2:fb:b1:bc:c4:
         af:1d:2f:74:b4:fe:bc:15:44:a2:f2:16:89:32:ca:5a:69:da:
         1a:4b:ac:2e:f1:e9:ce:11:e5:97:b6:c2:3f:2d:22:49:10:7e:
         a9:93:a3:41:41:2a:b2:97:00:40:1b:1d:ad:20:a4:50:45:b5:
         4a:ec:72:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFV6lF09S5Y5rHqn4dYXk8j/GgrIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTI1MDAwMDAwWhcNMjQxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTIxZDNhOGVlM2IxZTk0YWIxYjlkZTMwOWU5ODQwYmVl
Y2U5ZTBkNWNiN2U5M2MwMjAzMTcyYzAyZjdmZmQzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDecZGcKj/V1PK9GhOVJPrgaIhCtkMQZicCvnK2cPlIXFCx
NDRFHq0r4FUWKs5SSv9CGeGa6NBgE3DRorgMczfghZZfnAPZa3Ei4dI0iEMGZpmc
o5ymwUzAwjQSEX6U4wMcOM9xz+hd9McdpciTD5Zr8acD0Fxyy+FF8iIHHyk4kyWy
b+B0JazA3EV93qhb4etLkT70tMJpjJBuVKNEKZWr673l85b5f7Xk0MtmNEjqszXL
TQhuNlHy0gYatwq8IH+Nc00Fic2LTkt1qXK4NqkPKG166P52ISKe0NSchr2XXDNx
JoCsJhFdQbxhrUajxwxOM/uCQDkS7yWCcO+z0Ne/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3LtBzV+YrORjmNl2dJAm2L1nt0YwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzgzNDA2YmE4LTFjZmQtNDYzZC1iZmVjLWQ3NGY3NTljMDQ5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAFTe7tmH+hec5Q8nNKnzeX4gz5y
Nak8ICho53yLoB6ilcqqM+9LtCKRy12OE6a8sLrRkYBPsDjXozlN/7l3RtZxLrR0
bejvN9dN86FRdLnVcDVI5QkkiucsnWOKoLB3wYj6oSPk5rwAdkkdIVjynJG6Pg3f
EQH4vnZQuOwsTgdQVEPo3K3TBLSqiRPUNMz4aXqZ7WZhq3XMxQZcr6TVU5PCS1wP
C0CKP0TqbygOgf8Kfr7LRQyS7vqrtEhr5LBwI4jC+7G8xK8dL3S0/rwVRKLyFoky
ylpp2hpLrC7x6c4R5Ze2wj8tIkkQfqmTo0FBKrKXAEAbHa0gpFBFtUrscgQ=
-----END CERTIFICATE-----