Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/96415eef-acea-4b13-9572-a52a4a6f1abb.roa
File:                     96415eef-acea-4b13-9572-a52a4a6f1abb.roa (raw, json)
Hash identifier:          8i008EJQbjSP75uHJ+Nfschv+OUKcnO/KrlCzzT6WPg=
Subject key identifier:   DE:7A:AC:14:0C:9A:F4:78:6F:A4:50:8C:95:EF:F6:97:E2:DF:6F:27
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       1BB6E8A72DB5ABE8F6A4437490EA18A0E7E49E5B
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/96415eef-acea-4b13-9572-a52a4a6f1abb.roa
Signing time:             Thu 03 Oct 2024 00:00:00 +0000
ROA not before:           Thu 03 Oct 2024 00:00:00 +0000
ROA not after:            Thu 07 Nov 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Oct 2024 16:38:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:b6:e8:a7:2d:b5:ab:e8:f6:a4:43:74:90:ea:18:a0:e7:e4:9e:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct  3 00:00:00 2024 GMT
            Not After : Nov  7 23:59:59 2024 GMT
        Subject: serialNumber=4dde069dcf0afff6c24067f2337f11d0c57273dd192d7f81f9b4ddea901d7eb9, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:36:be:56:15:ae:63:f6:24:f6:ae:0b:a5:37:
                    17:15:ae:69:68:ad:f1:9f:76:a8:7a:cb:21:1f:fb:
                    95:9c:64:ea:ea:8a:10:36:60:e7:4a:45:6b:ee:76:
                    86:04:8c:49:2a:d5:f9:9a:86:1d:bf:90:79:61:4f:
                    bd:6a:88:1a:22:16:60:c4:8a:c5:72:a1:29:96:d6:
                    86:74:ac:51:be:51:d5:a1:fa:2e:f6:d3:17:9a:8f:
                    be:c4:62:57:4d:02:b9:a6:0e:d3:51:36:f6:f7:c6:
                    3b:1b:26:49:d2:ab:69:1d:40:45:44:73:6f:d7:32:
                    e3:cc:48:97:a2:42:a0:a3:45:b7:20:48:2c:95:bd:
                    19:0a:46:ba:81:0e:83:1e:45:71:9c:36:d1:83:fa:
                    58:95:99:6b:1a:ff:a3:c9:7c:81:38:7f:7f:f6:fb:
                    c6:40:93:79:37:37:a0:6a:29:31:df:fc:51:c5:d7:
                    26:27:67:cf:8b:8d:75:49:8a:44:9c:9c:8f:0e:e1:
                    ec:94:ee:7a:25:52:2f:71:c7:ae:bb:cd:7d:95:3a:
                    a1:8e:49:32:e6:40:98:64:47:41:1d:5c:8a:9a:b3:
                    9e:90:7e:23:13:11:93:3e:da:b0:d1:0c:43:3a:5d:
                    94:43:1a:e8:13:9c:63:32:3d:e5:30:e7:bc:d2:da:
                    e4:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:7A:AC:14:0C:9A:F4:78:6F:A4:50:8C:95:EF:F6:97:E2:DF:6F:27
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/96415eef-acea-4b13-9572-a52a4a6f1abb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:24:7f:b1:32:36:6c:3a:bb:be:95:80:a5:b9:e1:b2:33:a0:
         33:49:cd:86:66:e7:02:88:82:c7:48:97:2f:fe:0b:46:69:1e:
         26:07:ca:94:6d:57:cb:d9:18:20:e4:18:0c:7c:42:5d:4a:0e:
         b0:e0:eb:b2:6d:05:d0:bd:f3:a0:56:bd:31:99:b5:86:ea:8b:
         69:73:c2:21:8d:fc:2c:8e:c6:f5:49:9a:9f:e2:7c:c4:8c:cc:
         63:be:8f:08:5c:05:23:c7:f6:87:9f:ed:46:92:aa:64:b3:e4:
         64:54:1a:e7:dd:a0:be:4d:6c:6e:1c:3c:3e:6d:fd:f9:b7:d5:
         dd:a1:a6:c3:57:ed:c3:70:f5:e2:c0:d5:58:44:2a:f7:0a:71:
         8e:cc:2e:d9:7c:37:88:21:9c:1f:92:09:cb:4b:59:b6:cc:76:
         ee:88:93:38:ac:29:fa:77:96:e9:05:48:55:cd:78:50:bd:a3:
         1d:ec:11:f4:98:0c:d7:0e:40:ba:31:d9:60:43:6e:7d:a6:10:
         23:ac:2c:1c:1e:13:4e:29:27:c2:ec:da:7e:06:82:9b:e3:3a:
         d0:20:8d:78:18:83:5d:d2:d3:07:ce:cf:5f:2c:ea:c3:9a:b3:
         8c:1a:89:dd:68:e7:44:9c:8f:07:40:40:ab:cd:ed:d3:4d:18:
         c3:ef:b7:38
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG7bopy21q+j2pEN0kOoYoOfknlswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDAzMDAwMDAwWhcNMjQxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZGRlMDY5ZGNmMGFmZmY2YzI0MDY3ZjIzMzdmMTFkMGM1
NzI3M2RkMTkyZDdmODFmOWI0ZGRlYTkwMWQ3ZWI5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqNr5WFa5j9iT2rgulNxcVrmlorfGfdqh6yyEf+5WcZOrq
ihA2YOdKRWvudoYEjEkq1fmahh2/kHlhT71qiBoiFmDEisVyoSmW1oZ0rFG+UdWh
+i720xeaj77EYldNArmmDtNRNvb3xjsbJknSq2kdQEVEc2/XMuPMSJeiQqCjRbcg
SCyVvRkKRrqBDoMeRXGcNtGD+liVmWsa/6PJfIE4f3/2+8ZAk3k3N6BqKTHf/FHF
1yYnZ8+LjXVJikScnI8O4eyU7nolUi9xx667zX2VOqGOSTLmQJhkR0EdXIqas56Q
fiMTEZM+2rDRDEM6XZRDGugTnGMyPeUw57zS2uT7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3nqsFAya9HhvpFCMle/2l+LfbycwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzk2NDE1ZWVmLWFjZWEtNGIxMy05NTcyLWE1MmE0YTZmMWFiYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJEkf7EyNmw6u76VgKW54bIzoDNJ
zYZm5wKIgsdIly/+C0ZpHiYHypRtV8vZGCDkGAx8Ql1KDrDg67JtBdC986BWvTGZ
tYbqi2lzwiGN/CyOxvVJmp/ifMSMzGO+jwhcBSPH9oef7UaSqmSz5GRUGufdoL5N
bG4cPD5t/fm31d2hpsNX7cNw9eLA1VhEKvcKcY7MLtl8N4ghnB+SCctLWbbMdu6I
kzisKfp3lukFSFXNeFC9ox3sEfSYDNcOQLox2WBDbn2mECOsLBweE04pJ8Ls2n4G
gpvjOtAgjXgYg13S0wfOz18s6sOas4waid1o50ScjwdAQKvN7dNNGMPvtzg=
-----END CERTIFICATE-----