Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/985ca8c0-1e4b-4e07-a538-1ecc6c37dd76.roa
File:                     985ca8c0-1e4b-4e07-a538-1ecc6c37dd76.roa (raw, json)
Hash identifier:          YL8afsHchji/iFYAseyN821ufvCVXfDmRAAbTPg07w0=
Subject key identifier:   3D:39:E9:F9:F4:41:51:31:52:DA:A7:F5:53:00:71:21:B3:C6:29:6B
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       7D2E9C1984F8C61F3783B603D7E080EB3AEF3B71
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/985ca8c0-1e4b-4e07-a538-1ecc6c37dd76.roa
Signing time:             Sun 05 May 2024 00:00:00 +0000
ROA not before:           Sun 05 May 2024 00:00:00 +0000
ROA not after:            Sun 09 Jun 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 May 2024 04:35:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:2e:9c:19:84:f8:c6:1f:37:83:b6:03:d7:e0:80:eb:3a:ef:3b:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May  5 00:00:00 2024 GMT
            Not After : Jun  9 23:59:59 2024 GMT
        Subject: serialNumber=35c778dd6988b0ada7f8787ed10a9d381339b2957a7a4500673645ac2bef12d3, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:0a:8e:56:54:91:d4:bb:86:6b:97:31:9b:24:
                    f1:f4:ed:98:c6:c8:64:d1:17:39:fe:43:5f:c4:e9:
                    52:a6:05:35:81:8a:c0:1a:1a:43:1d:77:a0:b1:d3:
                    b0:0c:a6:47:ed:1d:9c:57:d6:99:ac:6f:de:62:9a:
                    51:52:00:6d:46:c3:ae:94:b4:94:46:b0:f0:ae:7f:
                    c7:70:e4:4a:58:49:69:58:26:c1:3a:ee:d4:29:b1:
                    00:ba:16:aa:70:3d:5a:90:58:69:10:99:81:38:c2:
                    b2:6e:08:d1:88:e9:4b:2d:db:d9:ae:55:8b:82:ef:
                    16:fa:5c:a5:4f:7a:34:17:1b:5a:52:0d:72:d5:7c:
                    06:c1:d0:63:4e:21:8e:f8:92:c4:e6:ce:1a:f4:16:
                    1e:a5:6c:d6:1a:8d:96:b7:c3:40:23:88:45:bc:1e:
                    8b:df:4a:f8:38:af:b2:ca:f9:bf:e7:37:53:ac:5d:
                    68:ed:85:43:db:a1:1c:c8:89:ae:2b:bf:20:75:7c:
                    a1:de:be:f0:1c:a9:a4:39:d7:f5:26:df:ee:45:33:
                    52:d6:19:02:10:ee:45:2d:06:42:be:a1:21:96:3d:
                    4b:9e:0f:70:a6:20:4c:24:11:64:37:df:0e:fd:c4:
                    c6:bd:e8:6c:f4:8e:38:b4:1a:14:ef:4a:3c:f5:5d:
                    80:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:39:E9:F9:F4:41:51:31:52:DA:A7:F5:53:00:71:21:B3:C6:29:6B
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/985ca8c0-1e4b-4e07-a538-1ecc6c37dd76.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:67:2a:6c:9b:3a:c3:dd:9a:5b:fb:86:fa:d1:4b:02:f9:45:
         fc:99:d5:6a:8d:1f:80:99:44:fe:b3:40:33:c6:c2:5c:e2:8f:
         10:5b:b1:46:58:2e:76:a6:8c:12:59:77:ab:85:0d:1c:04:a2:
         c3:e5:43:d3:70:48:1d:25:f2:dd:75:96:91:f1:29:01:f2:20:
         c0:ba:44:1f:5a:0b:87:73:6b:b7:03:fb:3c:44:31:f9:54:0e:
         5d:41:f5:07:01:2b:18:a8:93:7c:02:a9:8c:7c:50:3e:87:d3:
         10:9c:0f:d6:80:f1:93:0a:2b:6d:5c:cc:fd:07:7a:d8:0a:19:
         fb:bd:7e:6b:e5:7e:2e:06:7f:f9:18:fb:88:3f:5d:95:8b:3e:
         ec:6b:ef:30:87:09:da:93:08:95:f5:e6:9a:72:1e:54:cf:31:
         b1:44:bc:d5:99:06:2f:2e:8e:d1:fe:92:4b:4d:f8:53:7e:30:
         ec:06:94:f2:9f:b3:31:c7:ed:7e:20:54:5c:ef:cd:b8:6e:da:
         23:b2:7a:12:77:b8:80:5a:26:75:51:71:9f:28:cd:d6:02:2a:
         c0:1a:ef:fc:36:cc:4f:44:0b:72:71:da:fa:0d:40:5a:e4:66:
         9f:72:9e:6a:87:75:d4:4c:2f:3d:06:98:38:34:bd:90:d1:95:
         c0:34:82:fd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfS6cGYT4xh83g7YD1+CA6zrvO3EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTA1MDAwMDAwWhcNMjQwNjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNWM3NzhkZDY5ODhiMGFkYTdmODc4N2VkMTBhOWQzODEz
MzliMjk1N2E3YTQ1MDA2NzM2NDVhYzJiZWYxMmQzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPCo5WVJHUu4ZrlzGbJPH07ZjGyGTRFzn+Q1/E6VKmBTWB
isAaGkMdd6Cx07AMpkftHZxX1pmsb95imlFSAG1Gw66UtJRGsPCuf8dw5EpYSWlY
JsE67tQpsQC6FqpwPVqQWGkQmYE4wrJuCNGI6Ust29muVYuC7xb6XKVPejQXG1pS
DXLVfAbB0GNOIY74ksTmzhr0Fh6lbNYajZa3w0AjiEW8HovfSvg4r7LK+b/nN1Os
XWjthUPboRzIia4rvyB1fKHevvAcqaQ51/Um3+5FM1LWGQIQ7kUtBkK+oSGWPUue
D3CmIEwkEWQ33w79xMa96Gz0jji0GhTvSjz1XYDHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPTnp+fRBUTFS2qf1UwBxIbPGKWswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzk4NWNhOGMwLTFlNGItNGUwNy1hNTM4LTFlY2M2YzM3ZGQ3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIhnKmybOsPdmlv7hvrRSwL5RfyZ
1WqNH4CZRP6zQDPGwlzijxBbsUZYLnamjBJZd6uFDRwEosPlQ9NwSB0l8t11lpHx
KQHyIMC6RB9aC4dza7cD+zxEMflUDl1B9QcBKxiok3wCqYx8UD6H0xCcD9aA8ZMK
K21czP0HetgKGfu9fmvlfi4Gf/kY+4g/XZWLPuxr7zCHCdqTCJX15ppyHlTPMbFE
vNWZBi8ujtH+kktN+FN+MOwGlPKfszHH7X4gVFzvzbhu2iOyehJ3uIBaJnVRcZ8o
zdYCKsAa7/w2zE9EC3Jx2voNQFrkZp9ynmqHddRMLz0GmDg0vZDRlcA0gv0=
-----END CERTIFICATE-----