Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/86aa0ccb-07d3-4c84-bc02-030b126ad4db.roa
File:                     86aa0ccb-07d3-4c84-bc02-030b126ad4db.roa (raw, json)
Hash identifier:          7ZfuFZk/cVSrNY1JsQs0gIwYESudCOooNC8tXPykMeE=
Subject key identifier:   97:8C:37:2C:0A:EB:A0:88:74:C2:F6:61:31:ED:CC:E8:D9:2B:52:56
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5EFEB8AB8EDF2BEEDF491B45983FFD4A1B193927
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/86aa0ccb-07d3-4c84-bc02-030b126ad4db.roa
Signing time:             Fri 13 Sep 2024 00:00:00 +0000
ROA not before:           Fri 13 Sep 2024 00:00:00 +0000
ROA not after:            Fri 18 Oct 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Sep 2024 07:09:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:fe:b8:ab:8e:df:2b:ee:df:49:1b:45:98:3f:fd:4a:1b:19:39:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 13 00:00:00 2024 GMT
            Not After : Oct 18 23:59:59 2024 GMT
        Subject: serialNumber=b2f4f52f54f7eb093505fb4a0a02d4cb9d853e6e56a70c6f3174460ea943f9d0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a7:e8:62:fc:6d:6c:46:24:d2:a7:28:3b:f8:
                    08:14:e1:a6:17:7f:33:5d:8c:fc:2a:3b:fc:b5:d6:
                    71:aa:f5:55:f1:30:e3:c6:e6:02:34:1d:fd:7a:fd:
                    a4:df:93:6d:97:5d:53:8d:b9:b2:94:7b:68:5b:d7:
                    8c:88:e2:94:9a:00:26:0c:5c:d7:da:61:91:44:a1:
                    80:24:08:ae:ae:78:30:45:a7:c5:04:9f:ba:48:b8:
                    c7:06:96:73:53:bd:46:14:0a:aa:22:3c:a5:3a:4b:
                    ea:1c:0e:34:c8:23:bf:7a:e9:aa:cd:ea:5c:f6:84:
                    1f:6c:88:fb:f3:ce:93:6f:28:c0:d0:69:b8:46:3b:
                    3e:ab:b2:7b:cc:95:1e:29:ad:f1:6c:ad:d0:c1:c7:
                    bd:e8:ad:31:f8:e6:e0:14:a9:52:27:13:d4:24:ad:
                    fc:8f:d5:df:a6:96:b9:23:a7:40:51:7f:ca:c3:ac:
                    85:0e:a8:cb:e1:e4:9a:11:1f:8e:12:7a:4b:f0:01:
                    cf:9d:09:b1:f4:57:ed:ed:d9:2b:5f:24:22:3e:4b:
                    48:a5:37:15:14:26:fe:c4:5f:99:41:2a:15:ed:91:
                    28:f6:fb:a7:53:8a:89:d7:d7:7a:33:f6:dd:e5:88:
                    30:7b:70:bf:23:70:90:b2:54:4d:dd:cf:46:e4:38:
                    7a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:8C:37:2C:0A:EB:A0:88:74:C2:F6:61:31:ED:CC:E8:D9:2B:52:56
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/86aa0ccb-07d3-4c84-bc02-030b126ad4db.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:4c:20:01:5c:91:3b:80:95:4a:bd:7d:26:92:92:aa:39:ee:
         36:b8:dc:5b:6d:ec:41:df:b6:57:aa:69:60:e9:41:48:d2:e5:
         a6:10:89:b9:b5:41:1c:5b:14:47:d4:e4:37:4e:a6:60:5f:70:
         f2:69:59:68:a7:17:d9:40:ac:6b:4c:a4:6f:31:58:62:f0:f9:
         bf:ed:0a:d0:2e:72:02:f5:22:70:d5:60:80:78:06:63:c0:57:
         24:29:e7:75:c1:8b:2e:c9:df:d0:fa:53:33:ab:6b:69:d1:54:
         fb:53:1e:05:95:ca:8e:d6:7a:f2:0c:2d:41:32:c8:16:c0:3b:
         61:f4:01:51:1b:7e:08:7c:28:1b:2c:96:52:02:c3:ee:b1:95:
         cb:f1:76:99:58:6f:27:5e:ea:b8:e5:35:59:82:2f:fd:9b:fe:
         8e:54:a1:9a:d0:10:f4:fa:90:54:0e:2b:1d:50:3c:d1:31:22:
         d0:ea:64:af:3e:f7:a2:c5:29:2f:dd:c7:b9:d2:df:16:2e:66:
         83:07:07:83:50:08:ce:ff:45:88:7c:66:ae:ae:01:5c:e6:6c:
         cb:d3:c9:24:1d:8d:0c:f5:c5:bc:57:34:14:cc:b9:cb:8f:30:
         8d:1a:c4:49:7d:fd:02:76:d8:e6:f3:c7:0a:08:15:86:a0:d7:
         94:81:6c:65
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXv64q47fK+7fSRtFmD/9ShsZOScwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTEzMDAwMDAwWhcNMjQxMDE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMmY0ZjUyZjU0ZjdlYjA5MzUwNWZiNGEwYTAyZDRjYjlk
ODUzZTZlNTZhNzBjNmYzMTc0NDYwZWE5NDNmOWQwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjp+hi/G1sRiTSpyg7+AgU4aYXfzNdjPwqO/y11nGq9VXx
MOPG5gI0Hf16/aTfk22XXVONubKUe2hb14yI4pSaACYMXNfaYZFEoYAkCK6ueDBF
p8UEn7pIuMcGlnNTvUYUCqoiPKU6S+ocDjTII7966arN6lz2hB9siPvzzpNvKMDQ
abhGOz6rsnvMlR4prfFsrdDBx73orTH45uAUqVInE9QkrfyP1d+mlrkjp0BRf8rD
rIUOqMvh5JoRH44SekvwAc+dCbH0V+3t2StfJCI+S0ilNxUUJv7EX5lBKhXtkSj2
+6dTionX13oz9t3liDB7cL8jcJCyVE3dz0bkOHqlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUl4w3LArroIh0wvZhMe3M6NkrUlYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzg2YWEwY2NiLTA3ZDMtNGM4NC1iYzAyLTAzMGIxMjZhZDRkYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFNMIAFckTuAlUq9fSaSkqo57ja4
3Ftt7EHftleqaWDpQUjS5aYQibm1QRxbFEfU5DdOpmBfcPJpWWinF9lArGtMpG8x
WGLw+b/tCtAucgL1InDVYIB4BmPAVyQp53XBiy7J39D6UzOra2nRVPtTHgWVyo7W
evIMLUEyyBbAO2H0AVEbfgh8KBssllICw+6xlcvxdplYbyde6rjlNVmCL/2b/o5U
oZrQEPT6kFQOKx1QPNExItDqZK8+96LFKS/dx7nS3xYuZoMHB4NQCM7/RYh8Zq6u
AVzmbMvTySQdjQz1xbxXNBTMucuPMI0axEl9/QJ22ObzxwoIFYag15SBbGU=
-----END CERTIFICATE-----