Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bd130ec6-afc8-4faf-86fe-67155353e3b7.roa
File:                     bd130ec6-afc8-4faf-86fe-67155353e3b7.roa (raw, json)
Hash identifier:          iUQluech241949OjpX5tkSx7Fic4fDXOuv5h+nQu2AE=
Subject key identifier:   35:36:36:6A:8E:88:D8:FA:49:3A:CD:5B:D5:93:2E:EB:7F:FA:4A:6E
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       04E2D7A0040FCB526A7D4C5EF7287BBC93A6F195
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bd130ec6-afc8-4faf-86fe-67155353e3b7.roa
Signing time:             Tue 01 Oct 2024 00:00:00 +0000
ROA not before:           Tue 01 Oct 2024 00:00:00 +0000
ROA not after:            Tue 05 Nov 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Oct 2024 22:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:e2:d7:a0:04:0f:cb:52:6a:7d:4c:5e:f7:28:7b:bc:93:a6:f1:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct  1 00:00:00 2024 GMT
            Not After : Nov  5 23:59:59 2024 GMT
        Subject: serialNumber=b94a2488224ef53b81e9ca6704f3cac1c05a1a1a1c17ac4e501f8a04630c5913, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d0:9b:da:43:06:03:fa:5b:80:c3:08:16:28:
                    2b:87:37:da:4f:63:2f:9b:bd:80:b8:cc:21:17:40:
                    14:46:2f:53:dd:1d:ce:9b:94:49:f7:03:e4:4e:46:
                    3b:5c:23:4e:23:02:ad:82:3d:59:a9:8e:76:c3:26:
                    41:c4:0f:bc:71:30:0a:f9:04:f7:af:27:8b:bc:4f:
                    7e:6d:fe:55:24:e4:88:ed:6b:8d:d4:70:ab:2e:25:
                    5a:28:03:21:54:1f:f2:0a:9d:19:27:72:d1:d1:8d:
                    45:50:bd:6d:c5:75:d1:3c:9f:b4:72:7b:49:6e:39:
                    d1:a3:0e:3e:c5:d5:bf:46:1d:ab:9e:3f:02:40:58:
                    6e:53:e6:47:fe:5f:2b:80:e1:a9:e8:d6:9c:eb:39:
                    ea:b1:b9:d8:f2:18:e6:74:39:7c:8d:b1:e8:61:93:
                    22:16:c2:b0:96:42:9d:25:6b:12:04:cc:98:48:6b:
                    49:12:1d:70:99:ec:fc:c8:42:ba:81:63:c3:88:c5:
                    10:ad:dc:ec:23:cb:b5:b2:09:96:93:e2:71:bb:7b:
                    eb:5a:73:74:b1:9d:4d:7d:b7:1a:dd:99:b5:e9:86:
                    75:92:f9:0e:0a:29:0f:93:a5:83:32:d8:dd:c6:d3:
                    06:08:82:71:43:98:69:0c:28:ae:d8:d7:6e:6f:5e:
                    37:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:36:36:6A:8E:88:D8:FA:49:3A:CD:5B:D5:93:2E:EB:7F:FA:4A:6E
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/bd130ec6-afc8-4faf-86fe-67155353e3b7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:af:da:f5:d9:39:ae:aa:3e:19:d8:06:83:5b:eb:f0:21:f7:
         18:98:17:78:86:f2:a4:68:a6:90:a5:72:e8:59:1d:f6:00:13:
         e4:6f:2a:21:b1:ee:13:a4:1b:ba:31:e0:3f:b1:ec:0b:cf:36:
         72:d9:1c:c9:2b:6a:2a:cf:34:e0:76:c3:ba:78:aa:2c:69:87:
         2d:9a:c5:5c:e4:b1:09:4a:e8:df:f1:fa:eb:8a:48:f9:6e:fa:
         08:28:16:a3:8c:5d:ec:bf:d1:b2:4d:23:54:ac:dd:9f:22:a3:
         fd:08:d8:56:a5:35:26:59:ff:be:fb:09:2a:48:d7:18:f0:24:
         57:0b:51:56:cf:82:72:b0:eb:08:d7:f9:cb:f8:42:a7:89:b7:
         5a:68:44:7f:2c:3c:b5:62:13:eb:fb:2f:c2:32:08:04:f6:8a:
         2d:ef:4a:94:d5:8f:4c:f6:ca:a2:72:fe:0f:fd:f4:29:61:98:
         1d:f3:72:88:e3:97:d1:c8:21:d6:4f:23:59:df:7e:b3:63:1c:
         a5:0f:d0:c3:79:09:c3:e4:0a:21:9b:e9:5b:d3:61:43:0c:5e:
         70:77:16:a7:f1:b2:fb:5d:b1:45:ee:18:07:97:5f:18:e5:f9:
         2d:c4:71:3d:73:13:3c:53:ab:f5:41:bb:6d:15:ee:6d:c6:a3:
         f1:61:0b:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBOLXoAQPy1JqfUxe9yh7vJOm8ZUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDAxMDAwMDAwWhcNMjQxMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOTRhMjQ4ODIyNGVmNTNiODFlOWNhNjcwNGYzY2FjMWMw
NWExYTFhMWMxN2FjNGU1MDFmOGEwNDYzMGM1OTEzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJ0JvaQwYD+luAwwgWKCuHN9pPYy+bvYC4zCEXQBRGL1Pd
Hc6blEn3A+RORjtcI04jAq2CPVmpjnbDJkHED7xxMAr5BPevJ4u8T35t/lUk5Ijt
a43UcKsuJVooAyFUH/IKnRknctHRjUVQvW3FddE8n7Rye0luOdGjDj7F1b9GHaue
PwJAWG5T5kf+XyuA4ano1pzrOeqxudjyGOZ0OXyNsehhkyIWwrCWQp0laxIEzJhI
a0kSHXCZ7PzIQrqBY8OIxRCt3Owjy7WyCZaT4nG7e+tac3SxnU19txrdmbXphnWS
+Q4KKQ+TpYMy2N3G0wYIgnFDmGkMKK7Y125vXjd5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNTY2ao6I2PpJOs1b1ZMu63/6Sm4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2JkMTMwZWM2LWFmYzgtNGZhZi04NmZlLTY3MTU1MzUzZTNiNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADev2vXZOa6qPhnYBoNb6/Ah9xiY
F3iG8qRoppClcuhZHfYAE+RvKiGx7hOkG7ox4D+x7AvPNnLZHMkrairPNOB2w7p4
qixphy2axVzksQlK6N/x+uuKSPlu+ggoFqOMXey/0bJNI1Ss3Z8io/0I2FalNSZZ
/777CSpI1xjwJFcLUVbPgnKw6wjX+cv4QqeJt1poRH8sPLViE+v7L8IyCAT2ii3v
SpTVj0z2yqJy/g/99ClhmB3zcojjl9HIIdZPI1nffrNjHKUP0MN5CcPkCiGb6VvT
YUMMXnB3FqfxsvtdsUXuGAeXXxjl+S3EcT1zEzxTq/VBu20V7m3Go/FhC6Y=
-----END CERTIFICATE-----