Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d4e3abf-dba6-4540-b5a7-7103db524c4e.roa
File:                     8d4e3abf-dba6-4540-b5a7-7103db524c4e.roa (raw, json)
Hash identifier:          v0YdZXp9xYHLzWw+2nCwfmiEod4jhf9FuC40KCLb9NA=
Subject key identifier:   A1:20:57:D5:9D:4C:42:0D:D8:FF:10:97:DA:F3:F9:95:9F:A2:18:13
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       523B8799A441CACA8490C993C3D4079BFF8E69E1
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d4e3abf-dba6-4540-b5a7-7103db524c4e.roa
Signing time:             Sun 27 Oct 2024 00:00:00 +0000
ROA not before:           Sun 27 Oct 2024 00:00:00 +0000
ROA not after:            Sun 01 Dec 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 27 Oct 2024 13:44:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:3b:87:99:a4:41:ca:ca:84:90:c9:93:c3:d4:07:9b:ff:8e:69:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct 27 00:00:00 2024 GMT
            Not After : Dec  1 23:59:59 2024 GMT
        Subject: serialNumber=77a8f5506aa6e2f4f74d7c24e0fe4aea6f3a353ce79405a33f1f36721a4c3de4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:08:47:a7:ce:5e:6f:2d:60:15:38:de:c6:36:
                    44:8a:35:8a:3f:e7:93:fc:af:0a:04:bb:e9:01:a0:
                    9c:9a:ec:95:ac:b5:61:04:10:ea:d3:3d:da:ce:31:
                    08:a9:fc:05:be:54:79:90:91:9b:b8:30:23:8b:eb:
                    fb:78:62:c7:97:12:72:7f:4b:86:04:4f:2a:bf:c3:
                    6a:aa:e7:88:d1:94:98:dc:dc:d4:99:ef:79:37:ea:
                    70:0d:fa:7f:e0:d0:7c:43:76:ee:68:dc:21:c8:ba:
                    cd:12:17:4c:dc:2b:f0:f6:65:54:77:cd:07:12:e2:
                    b1:eb:e6:fa:b1:de:ce:3b:24:00:30:f6:99:77:17:
                    df:30:51:0e:51:8f:99:0e:eb:5e:6d:d5:e0:e5:7c:
                    16:02:77:af:cb:c1:c1:79:4a:bd:7a:af:a0:5b:b2:
                    9d:17:ae:bd:00:6e:b8:28:b7:f6:6e:33:fe:94:32:
                    cc:24:cd:b2:58:7a:0f:ce:8b:12:1a:41:81:47:7d:
                    26:bc:ce:ba:6d:77:eb:b1:9b:18:ca:e5:53:7c:c3:
                    de:05:f9:cb:fe:84:22:9c:06:44:90:38:88:82:52:
                    1e:a8:0a:14:d2:2f:30:da:9a:3a:9e:93:f7:da:f6:
                    f7:dd:e0:40:33:84:c8:26:30:c2:d0:57:fa:2a:4e:
                    fa:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:20:57:D5:9D:4C:42:0D:D8:FF:10:97:DA:F3:F9:95:9F:A2:18:13
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8d4e3abf-dba6-4540-b5a7-7103db524c4e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:4d:40:62:0c:11:1b:db:32:26:1f:f9:92:ca:fd:ca:55:4c:
         08:f2:d8:5c:4f:1d:d1:a7:24:bd:92:4f:85:5c:93:90:d6:22:
         98:56:67:e1:37:4b:12:4c:18:7a:47:0b:ff:26:d4:a1:3c:6e:
         74:6b:fc:57:dd:d2:4a:07:16:c8:d5:d0:02:c6:14:21:01:dd:
         ed:05:bd:1a:91:df:f8:3c:28:ff:f4:00:22:43:fc:ce:7a:05:
         87:1b:34:e1:fe:c7:92:34:82:ff:42:cd:1d:de:14:70:97:c1:
         f7:81:da:1e:6b:9d:80:97:6c:e2:cb:6b:62:28:b3:ea:a4:ef:
         7e:83:17:24:ee:ee:bb:94:5a:ce:4a:be:c3:7b:dd:d8:ce:79:
         61:50:d6:df:ce:85:f5:a1:2b:60:2a:80:b7:c7:11:65:ed:e1:
         ab:d8:82:92:2d:81:0d:ca:db:2d:24:ac:82:1e:c6:de:65:ab:
         5b:95:7b:15:60:1d:a9:f6:6e:92:14:97:72:8f:b3:4a:80:23:
         fe:32:7e:4b:4e:03:f2:84:1b:f8:12:e9:95:e3:3d:4a:85:ae:
         39:77:65:27:4c:2e:56:8d:06:87:d6:6d:31:14:07:c3:1c:f5:
         95:63:f0:79:35:f6:d0:a5:cc:26:4b:9c:07:5a:cd:85:18:e5:
         9c:93:22:16
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUjuHmaRBysqEkMmTw9QHm/+OaeEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDI3MDAwMDAwWhcNMjQxMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3N2E4ZjU1MDZhYTZlMmY0Zjc0ZDdjMjRlMGZlNGFlYTZm
M2EzNTNjZTc5NDA1YTMzZjFmMzY3MjFhNGMzZGU0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFCEenzl5vLWAVON7GNkSKNYo/55P8rwoEu+kBoJya7JWs
tWEEEOrTPdrOMQip/AW+VHmQkZu4MCOL6/t4YseXEnJ/S4YETyq/w2qq54jRlJjc
3NSZ73k36nAN+n/g0HxDdu5o3CHIus0SF0zcK/D2ZVR3zQcS4rHr5vqx3s47JAAw
9pl3F98wUQ5Rj5kO615t1eDlfBYCd6/LwcF5Sr16r6Bbsp0Xrr0Abrgot/ZuM/6U
MswkzbJYeg/OixIaQYFHfSa8zrptd+uxmxjK5VN8w94F+cv+hCKcBkSQOIiCUh6o
ChTSLzDamjqek/fa9vfd4EAzhMgmMMLQV/oqTvrJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoSBX1Z1MQg3Y/xCX2vP5lZ+iGBMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhkNGUzYWJmLWRiYTYtNDU0MC1iNWE3LTcxMDNkYjUyNGM0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEBNQGIMERvbMiYf+ZLK/cpVTAjy
2FxPHdGnJL2ST4Vck5DWIphWZ+E3SxJMGHpHC/8m1KE8bnRr/Ffd0koHFsjV0ALG
FCEB3e0FvRqR3/g8KP/0ACJD/M56BYcbNOH+x5I0gv9CzR3eFHCXwfeB2h5rnYCX
bOLLa2Ios+qk736DFyTu7ruUWs5KvsN73djOeWFQ1t/OhfWhK2AqgLfHEWXt4avY
gpItgQ3K2y0krIIext5lq1uVexVgHan2bpIUl3KPs0qAI/4yfktOA/KEG/gS6ZXj
PUqFrjl3ZSdMLlaNBofWbTEUB8Mc9ZVj8Hk19tClzCZLnAdazYUY5ZyTIhY=
-----END CERTIFICATE-----