Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/adb4c8cd-4ede-470a-80f0-4f2a4a23aed4.roa
File:                     adb4c8cd-4ede-470a-80f0-4f2a4a23aed4.roa (raw, json)
Hash identifier:          JV2sT+5e1/CcORAGGe9R5tCQ0EgEWHh5zpZ8AzDKF8w=
Subject key identifier:   70:92:AB:79:ED:6E:4F:61:7B:68:A9:42:EE:2A:86:60:A6:A3:2F:D7
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5AB3FCD9D7C72ACC969959DF03D829C4D80074D3
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/adb4c8cd-4ede-470a-80f0-4f2a4a23aed4.roa
Signing time:             Sat 18 May 2024 00:00:00 +0000
ROA not before:           Sat 18 May 2024 00:00:00 +0000
ROA not after:            Sat 22 Jun 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 18 May 2024 19:43:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:b3:fc:d9:d7:c7:2a:cc:96:99:59:df:03:d8:29:c4:d8:00:74:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 18 00:00:00 2024 GMT
            Not After : Jun 22 23:59:59 2024 GMT
        Subject: serialNumber=5576a0c61c5dbdbab9c7d00d5a57a04fb926218ee49f15c249af9ba27cd10e3e, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:97:35:d7:99:4c:5e:f7:61:75:49:e1:8f:e3:
                    4c:df:07:bf:08:35:5d:3c:3b:cf:5a:ed:47:b1:37:
                    57:f0:5c:ab:b6:f6:ec:ed:a2:de:4f:df:bc:f0:70:
                    11:58:82:ad:94:11:89:a7:97:2a:08:d5:12:31:4c:
                    2f:69:fb:46:eb:38:fb:42:e2:47:a6:a2:08:1a:7d:
                    d6:b6:db:b5:19:85:09:4a:17:7b:cd:17:9f:cb:db:
                    84:d5:91:6d:39:13:5b:22:2f:6f:69:e4:6e:89:bd:
                    da:c4:76:ee:0f:b2:ae:97:43:52:dc:7f:c4:69:90:
                    78:75:1c:a5:e3:76:4c:a5:96:11:bd:c4:95:19:c2:
                    6e:63:d3:07:50:9e:a3:ae:e6:d1:10:79:bb:9f:fd:
                    1f:69:c3:60:76:0f:87:32:57:18:60:3c:a2:c6:32:
                    7d:72:3b:eb:30:2e:1a:80:f7:65:83:3f:fc:eb:c4:
                    8e:ea:14:ea:8e:0c:6d:af:cf:2c:05:9f:db:32:2b:
                    10:45:a0:99:1d:30:49:7d:4e:4a:e3:44:9f:e4:2a:
                    37:39:ee:8d:9a:45:da:c8:e6:32:a1:61:d9:5f:5c:
                    83:64:83:57:bb:95:ee:3f:76:42:9b:01:59:42:7f:
                    03:10:d7:d1:55:67:39:29:c9:e2:b3:b3:96:de:81:
                    af:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:92:AB:79:ED:6E:4F:61:7B:68:A9:42:EE:2A:86:60:A6:A3:2F:D7
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/adb4c8cd-4ede-470a-80f0-4f2a4a23aed4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:9e:b2:69:34:7a:ac:e1:d7:67:af:f7:f6:73:98:d1:1c:50:
         ad:6e:be:1f:df:5c:5c:51:30:27:95:f5:45:84:67:7f:f7:1a:
         cd:85:00:38:7b:68:9e:5f:62:07:c7:2f:4d:61:70:b3:3e:3b:
         26:64:4d:40:28:f5:01:74:4b:c3:ef:40:d9:69:94:67:b8:fa:
         c2:59:c2:71:84:0e:f3:99:53:76:5a:91:0f:77:d5:5c:18:fc:
         3e:73:79:58:e5:41:b8:09:62:0b:df:12:c5:3e:8c:88:c7:ce:
         60:aa:19:29:87:f0:d4:07:3e:0b:37:1d:8a:9c:fd:cf:1b:43:
         b2:74:22:93:d1:58:6e:61:aa:43:f1:5b:2e:d9:f0:ce:b3:af:
         38:06:49:e0:0f:51:4c:ae:bd:91:4a:62:ae:0b:23:04:7d:df:
         88:ee:f0:82:52:86:16:69:99:ee:31:1b:05:a8:0e:4f:41:31:
         dc:f9:02:06:42:0e:d7:ae:06:c3:b9:b8:61:e7:a7:8e:d7:87:
         6b:9d:5b:50:3b:a4:12:cf:93:32:25:ad:2e:55:af:90:58:6a:
         d7:7d:c5:00:20:69:10:6e:8f:60:1a:e9:28:2b:e3:15:21:66:
         ad:d0:c6:8b:5a:21:1b:c7:89:5d:a4:32:e0:69:db:0f:eb:36:
         62:d7:fe:26
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWrP82dfHKsyWmVnfA9gpxNgAdNMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNTE4MDAwMDAwWhcNMjQwNjIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NTc2YTBjNjFjNWRiZGJhYjljN2QwMGQ1YTU3YTA0ZmI5
MjYyMThlZTQ5ZjE1YzI0OWFmOWJhMjdjZDEwZTNlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+lzXXmUxe92F1SeGP40zfB78INV08O89a7UexN1fwXKu2
9uztot5P37zwcBFYgq2UEYmnlyoI1RIxTC9p+0brOPtC4kemoggafda227UZhQlK
F3vNF5/L24TVkW05E1siL29p5G6JvdrEdu4Psq6XQ1Lcf8RpkHh1HKXjdkyllhG9
xJUZwm5j0wdQnqOu5tEQebuf/R9pw2B2D4cyVxhgPKLGMn1yO+swLhqA92WDP/zr
xI7qFOqODG2vzywFn9syKxBFoJkdMEl9TkrjRJ/kKjc57o2aRdrI5jKhYdlfXINk
g1e7le4/dkKbAVlCfwMQ19FVZzkpyeKzs5bega9pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcJKree1uT2F7aKlC7iqGYKajL9cwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FkYjRjOGNkLTRlZGUtNDcwYS04MGYwLTRmMmE0YTIzYWVkNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFiesmk0eqzh12ev9/ZzmNEcUK1u
vh/fXFxRMCeV9UWEZ3/3Gs2FADh7aJ5fYgfHL01hcLM+OyZkTUAo9QF0S8PvQNlp
lGe4+sJZwnGEDvOZU3ZakQ931VwY/D5zeVjlQbgJYgvfEsU+jIjHzmCqGSmH8NQH
Pgs3HYqc/c8bQ7J0IpPRWG5hqkPxWy7Z8M6zrzgGSeAPUUyuvZFKYq4LIwR934ju
8IJShhZpme4xGwWoDk9BMdz5AgZCDteuBsO5uGHnp47Xh2udW1A7pBLPkzIlrS5V
r5BYatd9xQAgaRBuj2Aa6Sgr4xUhZq3QxotaIRvHiV2kMuBp2w/rNmLX/iY=
-----END CERTIFICATE-----