Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a0905da2-1b97-4b65-b1f3-ce3a6f12ddd2.roa
File:                     a0905da2-1b97-4b65-b1f3-ce3a6f12ddd2.roa (raw, json)
Hash identifier:          9qN0ng0yQGSpryBHJENrR3M8UPwJQVxCsoui88duP+E=
Subject key identifier:   F5:FE:80:5E:C9:5C:96:10:C7:79:6C:C2:72:1B:32:9B:12:C1:EA:93
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       0157463C086C7AA199100441DFB8AFCC506DCCC3
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a0905da2-1b97-4b65-b1f3-ce3a6f12ddd2.roa
Signing time:             Sat 06 Jul 2024 00:00:00 +0000
ROA not before:           Sat 06 Jul 2024 00:00:00 +0000
ROA not after:            Sat 10 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Jul 2024 06:43:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:57:46:3c:08:6c:7a:a1:99:10:04:41:df:b8:af:cc:50:6d:cc:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  6 00:00:00 2024 GMT
            Not After : Aug 10 23:59:59 2024 GMT
        Subject: serialNumber=a43ec389977655d1fe128d3affe91abb073a1b17a313c2ba45b0f5f7ef8d0f97, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7f:35:78:46:c3:72:fe:13:31:40:6d:62:52:
                    79:57:c4:89:37:56:d8:ee:5b:e0:b2:7c:ba:63:ea:
                    54:42:eb:de:32:65:1a:b0:a6:74:60:13:cf:5d:3a:
                    65:ab:76:46:0c:40:b7:68:4e:ce:b6:9d:5d:08:3d:
                    f2:6b:68:3e:b2:97:b9:0c:ec:51:11:43:0f:fc:fd:
                    2f:c3:14:ba:07:46:62:3e:bc:98:3a:8e:62:ce:b0:
                    d3:32:4d:d2:f9:6b:ff:2c:9c:c7:98:a8:5e:a5:56:
                    cf:40:fe:6e:7c:f4:8c:5b:8c:a4:14:0a:f7:ff:56:
                    5c:69:80:8e:ea:36:ed:31:c4:e9:f1:61:30:7e:3b:
                    7e:13:2e:99:4c:2c:2e:e3:b6:4a:5f:7a:2b:ee:91:
                    20:2c:b1:cd:8c:97:db:93:0f:8b:cd:4e:82:bf:2b:
                    dd:31:bf:45:01:66:0d:14:3f:5c:f1:e4:23:cb:d5:
                    99:2f:3f:cc:05:35:17:b3:46:f7:ce:5d:4b:3a:85:
                    a0:a0:75:8e:77:83:80:c4:46:36:ab:b5:7b:0e:29:
                    86:32:69:b9:f8:dc:bb:2e:2f:0d:3f:fb:7b:2f:83:
                    12:b3:a7:9d:79:b9:82:00:48:ab:14:6d:e3:1f:48:
                    c6:6b:c0:49:41:26:03:65:99:1a:af:03:ea:a7:a8:
                    fa:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:FE:80:5E:C9:5C:96:10:C7:79:6C:C2:72:1B:32:9B:12:C1:EA:93
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a0905da2-1b97-4b65-b1f3-ce3a6f12ddd2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:7a:4b:e5:f5:05:1d:d0:4e:46:8b:5d:e5:bd:62:dc:7c:c7:
         25:72:81:4f:0d:b0:43:37:d6:c6:cd:1e:1f:48:56:fa:2e:d7:
         61:ed:d0:07:95:6a:88:2c:b2:a4:c4:aa:1d:9a:5e:a9:97:ce:
         83:c7:96:9b:79:8c:a8:e1:f2:52:b9:bc:3f:a2:3d:6d:97:a3:
         dd:2a:ef:57:0a:e5:71:b3:2f:09:d5:84:a7:fe:9a:16:4b:a2:
         00:7b:1e:5f:e3:87:69:57:b5:90:2f:0c:c2:1b:c0:3c:53:5b:
         bb:7a:9c:98:85:bc:51:55:44:b8:10:d4:db:a9:08:2a:23:64:
         6b:89:2c:1e:97:f6:9f:71:ce:81:11:e7:59:8c:47:c6:d5:94:
         21:a0:d2:41:93:d0:f9:84:dd:0d:45:22:c9:80:5e:b1:7b:6c:
         d9:b2:16:9e:93:d8:d0:dd:e0:6f:52:3c:44:95:f0:84:e6:83:
         53:9d:e7:d2:e2:b5:12:53:38:5f:eb:94:b5:ef:6b:9e:db:f4:
         41:54:47:f0:63:5a:b0:d5:45:04:9a:4a:0a:b9:94:2a:1b:9d:
         bf:05:ae:58:d6:c4:3a:54:46:fc:b1:96:71:0b:d4:61:11:8c:
         96:6e:12:32:53:cc:a7:c9:6d:fa:55:dc:86:1d:09:b8:b3:bd:
         76:8c:8e:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAVdGPAhseqGZEARB37ivzFBtzMMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzA2MDAwMDAwWhcNMjQwODEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDNlYzM4OTk3NzY1NWQxZmUxMjhkM2FmZmU5MWFiYjA3
M2ExYjE3YTMxM2MyYmE0NWIwZjVmN2VmOGQwZjk3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1fzV4RsNy/hMxQG1iUnlXxIk3VtjuW+CyfLpj6lRC694y
ZRqwpnRgE89dOmWrdkYMQLdoTs62nV0IPfJraD6yl7kM7FERQw/8/S/DFLoHRmI+
vJg6jmLOsNMyTdL5a/8snMeYqF6lVs9A/m589IxbjKQUCvf/VlxpgI7qNu0xxOnx
YTB+O34TLplMLC7jtkpfeivukSAssc2Ml9uTD4vNToK/K90xv0UBZg0UP1zx5CPL
1ZkvP8wFNRezRvfOXUs6haCgdY53g4DERjartXsOKYYyabn43LsuLw0/+3svgxKz
p515uYIASKsUbeMfSMZrwElBJgNlmRqvA+qnqPrVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9f6AXslclhDHeWzCchsymxLB6pMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2EwOTA1ZGEyLTFiOTctNGI2NS1iMWYzLWNlM2E2ZjEyZGRkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACF6S+X1BR3QTkaLXeW9Ytx8xyVy
gU8NsEM31sbNHh9IVvou12Ht0AeVaogssqTEqh2aXqmXzoPHlpt5jKjh8lK5vD+i
PW2Xo90q71cK5XGzLwnVhKf+mhZLogB7Hl/jh2lXtZAvDMIbwDxTW7t6nJiFvFFV
RLgQ1NupCCojZGuJLB6X9p9xzoER51mMR8bVlCGg0kGT0PmE3Q1FIsmAXrF7bNmy
Fp6T2NDd4G9SPESV8ITmg1Od59LitRJTOF/rlLXva57b9EFUR/BjWrDVRQSaSgq5
lCobnb8FrljWxDpURvyxlnEL1GERjJZuEjJTzKfJbfpV3IYdCbizvXaMjn4=
-----END CERTIFICATE-----