Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f74ec1d-598b-4c59-ab60-bd6a25bc0e18.roa
File:                     8f74ec1d-598b-4c59-ab60-bd6a25bc0e18.roa (raw, json)
Hash identifier:          DznHnpf8Urke8rVczE61p3Dqd5T8QU6fb9jW2iqQMHU=
Subject key identifier:   69:DB:CA:C4:A1:AF:B7:4D:09:26:6A:3A:B3:F2:5E:A7:6C:46:8B:FC
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       73661CF6B5EA1A3D462754D200E3A7FEF40C12A4
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f74ec1d-598b-4c59-ab60-bd6a25bc0e18.roa
Signing time:             Thu 18 Jul 2024 00:00:00 +0000
ROA not before:           Thu 18 Jul 2024 00:00:00 +0000
ROA not after:            Thu 22 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 Jul 2024 01:38:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:66:1c:f6:b5:ea:1a:3d:46:27:54:d2:00:e3:a7:fe:f4:0c:12:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 18 00:00:00 2024 GMT
            Not After : Aug 22 23:59:59 2024 GMT
        Subject: serialNumber=56b471fa7a73b2d6d39e402e20bbb2c74f2dbf15c3f42b43fc64582322089290, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:24:f2:1e:ea:11:ae:60:bc:9b:db:bb:77:f4:
                    bb:b9:db:2c:45:28:5e:99:12:7f:6a:f0:6a:64:49:
                    34:68:c4:c9:ab:40:2b:6c:6c:32:dd:96:1c:6a:ed:
                    9f:06:2f:e2:17:ee:dd:04:04:94:ae:96:be:38:09:
                    ea:0e:97:f3:4e:35:b5:9b:12:32:28:8e:4b:9e:90:
                    fb:8b:da:bf:0a:02:fc:68:cd:a6:2f:96:88:89:21:
                    61:d3:13:d7:af:ce:59:ec:18:6f:db:7a:8d:95:7c:
                    e5:95:a1:86:8c:49:45:ae:6b:f3:9a:81:65:c7:11:
                    bf:6a:28:42:d9:cd:f8:3c:cd:78:79:40:3d:c1:6b:
                    da:fa:22:a5:ae:2d:f3:97:a8:b3:d9:20:0c:97:fb:
                    fd:59:31:91:66:f7:a5:a5:86:02:1d:e8:a7:4b:df:
                    d5:58:f0:87:7d:4e:af:6c:c0:5b:09:aa:72:4b:e0:
                    24:47:f3:78:9b:7b:de:cd:53:d0:12:ba:b1:f5:18:
                    b5:89:d5:de:08:a6:77:f5:db:57:d4:62:11:86:bc:
                    58:46:99:64:4f:77:2d:92:6e:42:76:2e:97:ce:51:
                    c8:97:a2:80:c3:f0:82:0d:62:65:64:f7:be:57:5f:
                    ee:d4:80:cb:eb:49:ea:76:0b:18:a7:6b:4e:3b:bd:
                    5f:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:DB:CA:C4:A1:AF:B7:4D:09:26:6A:3A:B3:F2:5E:A7:6C:46:8B:FC
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f74ec1d-598b-4c59-ab60-bd6a25bc0e18.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:e7:ab:de:b3:98:6f:bd:12:5e:2b:40:85:27:52:6f:5e:dd:
         c9:41:de:5e:ba:ca:b8:32:ce:0e:03:6a:2b:e4:57:34:f1:62:
         f8:97:cf:e9:be:14:14:ac:55:ef:60:9a:64:08:11:2d:cb:c1:
         82:40:5a:32:43:d1:4e:96:c7:7d:ee:48:e1:fa:fc:96:c6:63:
         c8:e5:21:0e:16:bf:71:bb:16:bb:f4:01:32:34:34:82:82:40:
         f1:b9:01:3b:45:60:58:b1:a0:4f:a4:31:5f:45:16:d1:5b:8a:
         84:7f:f3:f3:e3:72:e2:64:53:40:72:2b:82:a1:c5:b1:e0:b1:
         87:16:29:7a:84:5e:3e:bb:b1:08:04:10:95:c6:76:3b:a3:b6:
         bc:bb:46:4c:df:2f:56:49:b1:73:42:09:45:d7:c2:62:70:d3:
         12:55:1f:d0:73:16:ab:e2:ba:af:f9:7e:3a:37:2a:99:98:ed:
         38:15:0b:fa:d5:50:7d:cc:ff:cc:ac:12:4e:f1:90:2e:fb:0c:
         f3:e6:f6:9d:ab:b4:71:72:e3:fd:58:ae:88:48:e1:59:3d:93:
         a6:7a:e3:65:ba:cf:98:61:b8:cf:cc:2e:e1:21:73:a9:a1:71:
         d5:01:6f:7e:42:a6:9b:85:30:ce:02:91:8b:24:4f:70:79:37:
         cf:46:f2:51
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUc2Yc9rXqGj1GJ1TSAOOn/vQMEqQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzE4MDAwMDAwWhcNMjQwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NmI0NzFmYTdhNzNiMmQ2ZDM5ZTQwMmUyMGJiYjJjNzRm
MmRiZjE1YzNmNDJiNDNmYzY0NTgyMzIyMDg5MjkwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsJPIe6hGuYLyb27t39Lu52yxFKF6ZEn9q8GpkSTRoxMmr
QCtsbDLdlhxq7Z8GL+IX7t0EBJSulr44CeoOl/NONbWbEjIojkuekPuL2r8KAvxo
zaYvloiJIWHTE9evzlnsGG/beo2VfOWVoYaMSUWua/OagWXHEb9qKELZzfg8zXh5
QD3Ba9r6IqWuLfOXqLPZIAyX+/1ZMZFm96WlhgId6KdL39VY8Id9Tq9swFsJqnJL
4CRH83ibe97NU9ASurH1GLWJ1d4Ipnf121fUYhGGvFhGmWRPdy2SbkJ2LpfOUciX
ooDD8IINYmVk975XX+7UgMvrSep2Cxina047vV8fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUadvKxKGvt00JJmo6s/Jep2xGi/wwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhmNzRlYzFkLTU5OGItNGM1OS1hYjYwLWJkNmEyNWJjMGUxOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFDnq96zmG+9El4rQIUnUm9e3clB
3l66yrgyzg4DaivkVzTxYviXz+m+FBSsVe9gmmQIES3LwYJAWjJD0U6Wx33uSOH6
/JbGY8jlIQ4Wv3G7Frv0ATI0NIKCQPG5ATtFYFixoE+kMV9FFtFbioR/8/PjcuJk
U0ByK4KhxbHgsYcWKXqEXj67sQgEEJXGdjujtry7RkzfL1ZJsXNCCUXXwmJw0xJV
H9BzFqviuq/5fjo3KpmY7TgVC/rVUH3M/8ysEk7xkC77DPPm9p2rtHFy4/1YrohI
4Vk9k6Z642W6z5hhuM/MLuEhc6mhcdUBb35CppuFMM4CkYskT3B5N89G8lE=
-----END CERTIFICATE-----