Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c31f3b7d-e1b6-4340-9748-51242aea7b0a.roa
File:                     c31f3b7d-e1b6-4340-9748-51242aea7b0a.roa (raw, json)
Hash identifier:          W9qdygayS1LTfd6lzGnVaYXoKJtBRxT2+Ro1XCPijfY=
Subject key identifier:   E6:05:B0:1B:3A:CB:9B:7B:36:38:AC:81:09:15:2B:F5:F6:B2:FD:54
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       0A6BA397EB7E666BF004D008D9937D0CDF54A3B4
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c31f3b7d-e1b6-4340-9748-51242aea7b0a.roa
Signing time:             Mon 01 Jul 2024 00:00:00 +0000
ROA not before:           Mon 01 Jul 2024 00:00:00 +0000
ROA not after:            Mon 05 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jul 2024 17:08:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:6b:a3:97:eb:7e:66:6b:f0:04:d0:08:d9:93:7d:0c:df:54:a3:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul  1 00:00:00 2024 GMT
            Not After : Aug  5 23:59:59 2024 GMT
        Subject: serialNumber=94e921fcbff5b76f89bb1738c1c1ab42380d0109635745552fd01d35a7a7f326, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:98:b5:d1:74:3d:46:2a:c1:4b:ca:55:fd:ee:
                    01:04:d8:51:40:8f:19:a9:4c:04:d0:8a:d0:dc:ab:
                    25:6a:21:79:95:7e:03:79:11:96:4e:0d:73:9d:8b:
                    6b:96:b7:29:df:ca:e9:d1:f1:b0:1f:61:2e:69:73:
                    15:5f:c6:31:b7:ab:0e:d7:2d:11:34:aa:bc:11:5c:
                    c2:46:79:b8:25:0a:29:4f:4f:1f:46:81:db:85:d8:
                    0f:b8:85:f5:20:57:9b:e1:af:af:34:f0:df:9a:de:
                    36:26:be:0a:d3:07:4e:a3:e0:9a:36:98:57:79:cf:
                    70:42:ac:4a:27:e2:9a:ec:3d:e7:e6:4c:9a:33:b8:
                    7b:66:fd:03:25:e7:3a:c7:6b:34:0a:55:d1:39:49:
                    19:d8:8e:20:c1:5c:39:f1:6d:29:9c:da:3e:e4:e6:
                    b5:8b:60:96:04:19:1d:cb:ce:2a:1e:d2:00:84:02:
                    bd:c7:22:b2:6c:1d:62:96:25:f8:99:bc:52:a0:8a:
                    ed:cd:80:73:17:3a:89:f3:be:21:84:88:3e:27:0b:
                    d8:23:ce:87:09:b9:52:5e:45:91:e1:19:c8:6f:96:
                    61:d3:68:fe:7e:45:bc:e8:83:bb:37:c0:b8:64:a4:
                    1c:66:94:8b:3f:88:ef:fa:1e:71:b6:00:18:75:fd:
                    19:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:05:B0:1B:3A:CB:9B:7B:36:38:AC:81:09:15:2B:F5:F6:B2:FD:54
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c31f3b7d-e1b6-4340-9748-51242aea7b0a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:10:85:b1:74:42:73:3e:88:64:d1:64:3f:d5:07:9b:b4:e4:
         1a:04:d2:69:b0:e2:20:1e:de:31:5c:a1:ec:dd:0a:e9:ae:68:
         21:22:5e:f4:99:ee:34:5c:df:13:40:48:ee:19:b4:42:52:0a:
         be:b3:a1:5d:0e:48:3c:02:1e:6e:2f:83:41:9b:2a:af:18:68:
         86:81:c7:f2:18:de:96:8c:5f:45:f7:d7:6d:60:a2:5d:eb:05:
         98:45:56:e5:86:04:54:3f:15:9c:40:ea:15:cb:a7:2d:ff:5d:
         35:48:f6:5d:f2:e0:60:28:d2:6f:6f:be:84:b7:a5:1f:d1:a2:
         e1:9d:09:64:5f:ae:a1:19:da:33:84:b0:d7:d5:0d:b3:32:76:
         d0:5c:46:74:98:82:e2:64:76:62:04:3f:a8:e5:6e:b6:d7:2e:
         4f:b6:7c:8c:d9:de:21:ed:cb:8c:af:9f:2a:f0:72:ef:b7:6c:
         7c:78:ad:10:0c:06:04:1a:00:38:a8:5a:74:a4:ed:4b:09:79:
         f5:eb:29:fb:94:07:d6:bd:92:85:0e:05:c4:bc:fa:7c:5a:fe:
         42:10:4b:d3:ea:c2:c6:6e:ab:f1:05:0a:03:12:8b:bf:1b:6b:
         88:d1:ae:b1:a8:32:8f:a2:3e:ed:f4:67:96:7d:f8:f6:b3:e0:
         fc:cc:8d:14
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCmujl+t+ZmvwBNAI2ZN9DN9Uo7QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzAxMDAwMDAwWhcNMjQwODA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NGU5MjFmY2JmZjViNzZmODliYjE3MzhjMWMxYWI0MjM4
MGQwMTA5NjM1NzQ1NTUyZmQwMWQzNWE3YTdmMzI2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD3mLXRdD1GKsFLylX97gEE2FFAjxmpTATQitDcqyVqIXmV
fgN5EZZODXOdi2uWtynfyunR8bAfYS5pcxVfxjG3qw7XLRE0qrwRXMJGebglCilP
Tx9GgduF2A+4hfUgV5vhr6808N+a3jYmvgrTB06j4Jo2mFd5z3BCrEon4prsPefm
TJozuHtm/QMl5zrHazQKVdE5SRnYjiDBXDnxbSmc2j7k5rWLYJYEGR3Lzioe0gCE
Ar3HIrJsHWKWJfiZvFKgiu3NgHMXOonzviGEiD4nC9gjzocJuVJeRZHhGchvlmHT
aP5+Rbzog7s3wLhkpBxmlIs/iO/6HnG2ABh1/RmpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5gWwGzrLm3s2OKyBCRUr9fay/VQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2MzMWYzYjdkLWUxYjYtNDM0MC05NzQ4LTUxMjQyYWVhN2IwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKMQhbF0QnM+iGTRZD/VB5u05BoE
0mmw4iAe3jFcoezdCumuaCEiXvSZ7jRc3xNASO4ZtEJSCr6zoV0OSDwCHm4vg0Gb
Kq8YaIaBx/IY3paMX0X3121gol3rBZhFVuWGBFQ/FZxA6hXLpy3/XTVI9l3y4GAo
0m9vvoS3pR/RouGdCWRfrqEZ2jOEsNfVDbMydtBcRnSYguJkdmIEP6jlbrbXLk+2
fIzZ3iHty4yvnyrwcu+3bHx4rRAMBgQaADioWnSk7UsJefXrKfuUB9a9koUOBcS8
+nxa/kIQS9PqwsZuq/EFCgMSi78ba4jRrrGoMo+iPu30Z5Z9+Paz4PzMjRQ=
-----END CERTIFICATE-----