Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8b797f62-0aea-4659-b7a6-1f98fad0474c.roa
File:                     8b797f62-0aea-4659-b7a6-1f98fad0474c.roa (raw, json)
Hash identifier:          vV/5dt1nOx2bDm1f7mKbyDxBKKfAhQB4QYF0n31iMHM=
Subject key identifier:   60:7E:E6:7D:72:92:54:BF:31:6A:1E:FA:3B:59:1F:D1:1D:9A:71:35
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       25A42A9B4D759769865743A0BE737C28345D3214
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8b797f62-0aea-4659-b7a6-1f98fad0474c.roa
Signing time:             Tue 02 Jul 2024 00:00:00 +0000
ROA not before:           Tue 02 Jul 2024 00:00:00 +0000
ROA not after:            Tue 06 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jul 2024 13:43:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:a4:2a:9b:4d:75:97:69:86:57:43:a0:be:73:7c:28:34:5d:32:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  2 00:00:00 2024 GMT
            Not After : Aug  6 23:59:59 2024 GMT
        Subject: serialNumber=be94391cce73889e4b29555a9c633ae7b2576e6c6fa6c491d7ff75bc86214f33, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d5:ba:39:59:55:47:95:12:0b:e1:3a:69:37:
                    ad:6c:3d:eb:72:e1:a3:73:5d:e7:86:12:e5:86:dd:
                    be:b6:c0:79:51:68:58:92:22:17:22:50:10:1e:56:
                    86:33:6e:df:52:43:e8:9d:b8:5c:cb:cf:ce:39:a0:
                    88:b9:39:6b:f2:a4:66:36:05:00:96:bc:d7:0b:33:
                    42:0b:e3:e1:fc:1a:99:7a:93:42:5d:7b:8b:90:05:
                    40:c5:81:83:49:ec:3f:5a:6a:08:29:d6:04:0c:29:
                    ee:6a:75:25:23:57:44:69:1e:66:84:84:68:a5:50:
                    6a:87:9a:9c:48:1f:e0:75:20:d3:5c:4d:b8:08:6d:
                    3e:43:1d:82:64:b9:f4:9b:b1:cc:0d:d7:25:c5:46:
                    07:56:c3:7d:cf:d8:5c:04:f5:f9:08:0f:40:36:ff:
                    c1:ac:f2:38:25:ec:04:f6:99:8d:44:81:eb:b6:74:
                    25:89:53:cc:61:53:d2:88:fe:3c:e5:3a:2f:a7:3f:
                    ed:3f:86:18:cc:eb:41:12:97:2d:09:b5:bd:04:3f:
                    6e:f3:f1:fe:4d:4f:62:a9:5f:b7:3e:d5:91:eb:80:
                    25:dc:eb:d7:52:1a:21:e0:35:6e:f2:8e:19:54:70:
                    c6:99:32:eb:d9:52:3d:4f:c6:e9:37:2a:f8:42:e6:
                    22:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:7E:E6:7D:72:92:54:BF:31:6A:1E:FA:3B:59:1F:D1:1D:9A:71:35
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8b797f62-0aea-4659-b7a6-1f98fad0474c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:f1:69:04:8b:a4:cd:25:d9:08:93:d4:52:07:01:17:f1:52:
         a5:d4:6b:b2:85:90:2d:07:5c:0a:a5:4e:1c:a3:ff:73:c6:76:
         a8:ed:4e:99:e8:18:7d:f6:65:bf:9d:d5:6b:3f:a7:c5:e0:9e:
         30:4f:64:6a:69:1d:7b:cf:be:30:ad:ba:03:f6:74:9a:5e:b5:
         e1:fc:21:bd:3c:80:a3:3f:01:24:56:e5:db:dd:58:7b:89:fd:
         2f:52:59:92:47:5f:3c:4e:7b:f8:ea:89:9f:bd:19:c6:57:dc:
         4f:15:42:21:73:cc:00:fc:5d:dd:e0:e3:d1:3a:f5:4c:44:d5:
         84:6a:b5:c0:38:d7:ed:55:55:00:60:2c:f1:b1:7f:fd:f7:d7:
         9b:a7:1f:84:02:30:7e:39:a8:6a:cd:eb:38:72:60:9b:08:2a:
         97:10:50:5f:79:6c:68:93:7b:fa:45:89:ba:62:9c:90:c7:c0:
         a3:dd:52:97:5d:10:84:35:d4:3b:1d:fd:67:7e:76:d3:cb:45:
         98:76:24:34:80:e4:d9:d3:1b:3a:c1:a7:2d:c0:b7:2f:5c:b2:
         85:4b:8c:7e:8d:74:07:bf:b8:5b:3d:95:4e:5a:47:d9:72:94:
         8d:ec:de:bc:3a:5b:66:27:29:25:34:a2:d9:b1:f8:d7:bd:72:
         44:ff:6c:ea
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJaQqm011l2mGV0OgvnN8KDRdMhQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzAyMDAwMDAwWhcNMjQwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTk0MzkxY2NlNzM4ODllNGIyOTU1NWE5YzYzM2FlN2Iy
NTc2ZTZjNmZhNmM0OTFkN2ZmNzViYzg2MjE0ZjMzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC81bo5WVVHlRIL4TppN61sPety4aNzXeeGEuWG3b62wHlR
aFiSIhciUBAeVoYzbt9SQ+iduFzLz845oIi5OWvypGY2BQCWvNcLM0IL4+H8Gpl6
k0Jde4uQBUDFgYNJ7D9aaggp1gQMKe5qdSUjV0RpHmaEhGilUGqHmpxIH+B1INNc
TbgIbT5DHYJkufSbscwN1yXFRgdWw33P2FwE9fkID0A2/8Gs8jgl7AT2mY1Egeu2
dCWJU8xhU9KI/jzlOi+nP+0/hhjM60ESly0Jtb0EP27z8f5NT2KpX7c+1ZHrgCXc
69dSGiHgNW7yjhlUcMaZMuvZUj1Pxuk3KvhC5iKJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYH7mfXKSVL8xah76O1kf0R2acTUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhiNzk3ZjYyLTBhZWEtNDY1OS1iN2E2LTFmOThmYWQwNDc0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACrxaQSLpM0l2QiT1FIHARfxUqXU
a7KFkC0HXAqlThyj/3PGdqjtTpnoGH32Zb+d1Ws/p8XgnjBPZGppHXvPvjCtugP2
dJpeteH8Ib08gKM/ASRW5dvdWHuJ/S9SWZJHXzxOe/jqiZ+9GcZX3E8VQiFzzAD8
Xd3g49E69UxE1YRqtcA41+1VVQBgLPGxf/3315unH4QCMH45qGrN6zhyYJsIKpcQ
UF95bGiTe/pFibpinJDHwKPdUpddEIQ11Dsd/Wd+dtPLRZh2JDSA5NnTGzrBpy3A
ty9csoVLjH6NdAe/uFs9lU5aR9lylI3s3rw6W2YnKSU0otmx+Ne9ckT/bOo=
-----END CERTIFICATE-----