Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/86580525-4d3b-4a1f-beb3-d25b34a95f22.roa
File:                     86580525-4d3b-4a1f-beb3-d25b34a95f22.roa (raw, json)
Hash identifier:          mNAZWcGXI5gO0n8RbTqQ+peq/Gj5UYx4K0AXJZLNoy4=
Subject key identifier:   85:2A:22:5C:95:A2:5C:AB:3B:35:F4:48:97:47:E8:AD:54:18:50:8A
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       077080E64BC29FC58C9ED35C34F9FF90AA9904ED
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/86580525-4d3b-4a1f-beb3-d25b34a95f22.roa
Signing time:             Wed 03 Jul 2024 00:00:00 +0000
ROA not before:           Wed 03 Jul 2024 00:00:00 +0000
ROA not after:            Wed 07 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jul 2024 17:28:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:70:80:e6:4b:c2:9f:c5:8c:9e:d3:5c:34:f9:ff:90:aa:99:04:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  3 00:00:00 2024 GMT
            Not After : Aug  7 23:59:59 2024 GMT
        Subject: serialNumber=5ac44e2f507453f8a6d8148f75489aadd2cf02b1b7dcb758b5068a5a9b5e4296, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d9:ee:05:51:55:7e:32:61:51:44:a2:58:73:
                    7f:96:a2:7d:c8:0b:80:06:6b:ec:6f:12:05:a6:f6:
                    5a:46:ba:88:5d:2e:36:5b:b1:41:f2:cf:f3:c9:63:
                    0a:a7:a9:34:b4:ad:a7:c6:4e:c7:9b:df:32:78:64:
                    5b:05:2b:c4:a8:90:5c:64:90:fa:2a:29:fd:1d:7e:
                    48:ca:9c:84:e8:a3:36:f4:c0:42:9f:7f:16:1f:00:
                    3b:d1:84:f2:9f:82:ab:18:a3:d5:f1:4f:b4:17:6b:
                    81:e5:30:db:79:34:6d:6f:d2:d2:55:ea:95:c6:e0:
                    35:b8:fc:7d:e2:87:af:77:87:b1:b9:78:53:34:4d:
                    e5:63:d9:d0:e1:21:2c:9f:6d:15:ab:d4:92:e1:dc:
                    6f:db:b5:6a:f2:d8:29:07:a0:e7:17:e2:fa:88:cb:
                    7e:f3:d0:3d:b7:f3:02:40:c7:fe:d3:ea:5f:5d:6d:
                    b5:a6:6f:8a:bd:66:f5:3f:35:c7:4f:53:2d:54:ff:
                    cf:1d:c6:60:ee:c9:1a:4c:33:ec:cd:6b:c8:09:e8:
                    99:36:77:2e:4f:64:d0:c3:a6:1a:8f:d7:18:52:84:
                    fd:85:a7:a8:04:0d:ed:a4:05:b2:56:b0:a8:fa:24:
                    96:5a:8c:e6:83:1f:d0:3a:1e:64:fa:ca:58:41:9a:
                    03:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:2A:22:5C:95:A2:5C:AB:3B:35:F4:48:97:47:E8:AD:54:18:50:8A
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/86580525-4d3b-4a1f-beb3-d25b34a95f22.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:b5:cf:28:5e:61:9b:ec:14:6c:38:5c:af:da:a6:92:40:2c:
         b1:42:df:73:bf:3a:2a:72:87:16:84:a5:17:7a:1b:e1:12:f6:
         6d:6b:5f:dc:c8:93:50:b1:db:61:c9:3b:2a:48:cd:00:77:7b:
         e4:e6:9c:cf:75:ad:7f:c9:8d:d1:2a:b9:e2:df:50:4e:ba:b3:
         ed:11:86:42:11:62:f7:86:3b:a5:cf:3f:cd:8c:ca:e1:7f:08:
         74:24:d4:38:94:b8:7b:f1:70:d7:2c:ec:91:fe:3e:6a:55:bd:
         fa:fe:fb:f6:38:38:43:a7:3d:df:88:9a:4f:5b:47:b8:27:d7:
         52:30:d6:b1:4f:bd:db:a0:6d:3d:7a:48:b7:d5:70:cf:5a:ee:
         9f:6e:ed:9c:26:ea:27:d3:7d:37:25:8f:45:90:d8:ae:78:0a:
         30:5f:8d:67:04:53:d4:81:32:75:90:9c:f3:78:cf:9e:dc:1a:
         a7:38:90:d7:00:4c:34:c7:bd:ae:5e:f8:75:83:8d:ed:8b:24:
         b6:bf:80:8e:f1:f2:04:5e:c9:fe:f1:0f:00:e5:9c:56:97:9c:
         4f:6e:03:9d:fd:e6:1e:9b:d4:94:b8:cf:50:c3:48:57:41:ac:
         66:58:81:af:4b:e6:7f:4c:f2:0d:e4:05:65:d9:8b:21:0f:04:
         a8:0e:0e:db
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUB3CA5kvCn8WMntNcNPn/kKqZBO0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzAzMDAwMDAwWhcNMjQwODA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YWM0NGUyZjUwNzQ1M2Y4YTZkODE0OGY3NTQ4OWFhZGQy
Y2YwMmIxYjdkY2I3NThiNTA2OGE1YTliNWU0Mjk2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA2e4FUVV+MmFRRKJYc3+Won3IC4AGa+xvEgWm9lpGuohd
LjZbsUHyz/PJYwqnqTS0rafGTseb3zJ4ZFsFK8SokFxkkPoqKf0dfkjKnIToozb0
wEKffxYfADvRhPKfgqsYo9XxT7QXa4HlMNt5NG1v0tJV6pXG4DW4/H3ih693h7G5
eFM0TeVj2dDhISyfbRWr1JLh3G/btWry2CkHoOcX4vqIy37z0D238wJAx/7T6l9d
bbWmb4q9ZvU/NcdPUy1U/88dxmDuyRpMM+zNa8gJ6Jk2dy5PZNDDphqP1xhShP2F
p6gEDe2kBbJWsKj6JJZajOaDH9A6HmT6ylhBmgOvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhSoiXJWiXKs7NfRIl0forVQYUIowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzg2NTgwNTI1LTRkM2ItNGExZi1iZWIzLWQyNWIzNGE5NWYyMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACq1zyheYZvsFGw4XK/appJALLFC
33O/OipyhxaEpRd6G+ES9m1rX9zIk1Cx22HJOypIzQB3e+TmnM91rX/JjdEqueLf
UE66s+0RhkIRYveGO6XPP82MyuF/CHQk1DiUuHvxcNcs7JH+PmpVvfr++/Y4OEOn
Pd+Imk9bR7gn11Iw1rFPvdugbT16SLfVcM9a7p9u7Zwm6ifTfTclj0WQ2K54CjBf
jWcEU9SBMnWQnPN4z57cGqc4kNcATDTHva5e+HWDje2LJLa/gI7x8gReyf7xDwDl
nFaXnE9uA5395h6b1JS4z1DDSFdBrGZYga9L5n9M8g3kBWXZiyEPBKgODts=
-----END CERTIFICATE-----