Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ecedc765-294a-436b-b48b-72eb3dea3949.roa
File:                     ecedc765-294a-436b-b48b-72eb3dea3949.roa (raw, json)
Hash identifier:          vLPUKRjb4azaasvxRiWULvjxonrpLMr7kDG2ucw8hYM=
Subject key identifier:   51:1A:FA:D1:CF:DA:31:E8:30:F8:35:11:91:19:4C:43:1D:F8:F2:A9
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       74B7729BBEEFB998EB843B15E7C9A176B297AF2D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ecedc765-294a-436b-b48b-72eb3dea3949.roa
Signing time:             Thu 12 Sep 2024 00:00:00 +0000
ROA not before:           Thu 12 Sep 2024 00:00:00 +0000
ROA not after:            Thu 17 Oct 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Sep 2024 17:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:b7:72:9b:be:ef:b9:98:eb:84:3b:15:e7:c9:a1:76:b2:97:af:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 12 00:00:00 2024 GMT
            Not After : Oct 17 23:59:59 2024 GMT
        Subject: serialNumber=afa21f4e21611f35ccbfdfe74aacfda922121dee7e0877c7742d71cbed06a2ca, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:61:45:68:e8:a7:52:88:82:e8:00:5d:bd:5d:
                    c4:b8:f4:76:e7:43:73:ae:a6:ad:a0:1f:45:9f:61:
                    f7:61:6c:fe:15:bd:92:ef:ba:fd:07:7c:9a:31:d1:
                    8a:77:73:1c:a7:ee:1c:75:5d:62:37:3b:a9:de:7b:
                    bc:0f:79:8f:57:86:83:82:a7:45:a3:e9:5d:ad:49:
                    e3:09:df:6b:d0:be:9a:62:6c:b4:f8:d9:6d:77:73:
                    77:43:2d:52:8e:e5:c8:45:ae:c5:8e:3f:54:ad:7e:
                    49:16:40:04:a4:eb:03:8e:90:eb:29:62:6e:8d:17:
                    e4:4b:8b:d5:1f:31:42:ae:99:6b:1e:e7:86:89:86:
                    cc:e5:58:c5:03:62:1e:28:07:2c:1e:2f:69:f4:66:
                    4c:db:17:0e:6e:62:44:a0:db:23:d9:53:3d:24:c4:
                    ce:d3:4f:e4:31:fd:2e:36:25:9a:b6:e2:48:e6:db:
                    94:6b:5c:69:22:bb:e8:e6:dc:41:18:0e:68:d9:47:
                    fa:6d:7e:6a:bb:5c:38:37:a5:66:cb:fe:70:26:f0:
                    eb:d4:9f:7a:dd:28:a6:38:8c:e7:fc:b4:1a:c4:72:
                    c1:2d:f3:2a:f8:ce:43:d9:0a:be:a6:07:25:97:36:
                    62:f3:c6:c0:50:04:fa:62:bb:8f:23:da:44:e4:a3:
                    24:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:1A:FA:D1:CF:DA:31:E8:30:F8:35:11:91:19:4C:43:1D:F8:F2:A9
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ecedc765-294a-436b-b48b-72eb3dea3949.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:42:07:0e:31:24:e3:7e:dd:5d:2d:2d:1d:ae:37:3e:94:84:
         ad:55:87:a8:f9:a7:df:fb:bd:ea:9c:37:0e:10:1b:0a:ea:7c:
         84:46:3d:9a:de:2d:06:81:58:a2:b8:36:40:c2:3b:ab:7d:2b:
         e4:f7:69:9e:6c:1f:bf:8b:7c:d0:1d:d2:a6:02:d8:68:e3:54:
         53:7f:9b:f8:5f:43:cf:6b:ce:f8:f3:49:1b:76:cf:3f:2e:ab:
         c8:e0:a3:45:85:e4:59:d3:72:9e:87:19:8c:37:c1:c3:b4:0c:
         a6:c0:7c:a6:e9:44:d5:2a:31:cd:16:35:48:44:ef:9b:79:e7:
         71:05:10:4b:a3:79:6f:da:e4:87:4e:2f:00:dc:10:3a:38:66:
         d0:86:af:0c:0b:8a:79:2c:06:fd:fc:60:a7:18:af:b7:a6:70:
         4f:ae:1d:8c:5c:bd:8e:1c:2d:f9:f1:12:c1:b3:ff:98:02:99:
         51:d8:11:81:bc:08:7f:2b:57:b5:46:d9:7d:68:05:05:a0:f8:
         38:07:03:75:f2:62:24:ae:a3:72:c5:b7:03:3c:97:24:50:2c:
         71:59:67:70:fc:14:5a:d5:74:36:69:ea:63:b9:5f:b9:2d:05:
         35:ed:42:45:ab:be:b5:96:c7:96:7a:b3:e8:ad:fc:f0:dc:50:
         d4:c5:4c:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdLdym77vuZjrhDsV58mhdrKXry0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTEyMDAwMDAwWhcNMjQxMDE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZmEyMWY0ZTIxNjExZjM1Y2NiZmRmZTc0YWFjZmRhOTIy
MTIxZGVlN2UwODc3Yzc3NDJkNzFjYmVkMDZhMmNhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0YUVo6KdSiILoAF29XcS49HbnQ3Oupq2gH0WfYfdhbP4V
vZLvuv0HfJox0Yp3cxyn7hx1XWI3O6nee7wPeY9XhoOCp0Wj6V2tSeMJ32vQvppi
bLT42W13c3dDLVKO5chFrsWOP1StfkkWQASk6wOOkOspYm6NF+RLi9UfMUKumWse
54aJhszlWMUDYh4oByweL2n0ZkzbFw5uYkSg2yPZUz0kxM7TT+Qx/S42JZq24kjm
25RrXGkiu+jm3EEYDmjZR/ptfmq7XDg3pWbL/nAm8OvUn3rdKKY4jOf8tBrEcsEt
8yr4zkPZCr6mByWXNmLzxsBQBPpiu48j2kTkoyRDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUURr60c/aMegw+DURkRlMQx348qkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2VjZWRjNzY1LTI5NGEtNDM2Yi1iNDhiLTcyZWIzZGVhMzk0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAlCBw4xJON+3V0tLR2uNz6UhK1V
h6j5p9/7veqcNw4QGwrqfIRGPZreLQaBWKK4NkDCO6t9K+T3aZ5sH7+LfNAd0qYC
2GjjVFN/m/hfQ89rzvjzSRt2zz8uq8jgo0WF5FnTcp6HGYw3wcO0DKbAfKbpRNUq
Mc0WNUhE75t553EFEEujeW/a5IdOLwDcEDo4ZtCGrwwLinksBv38YKcYr7emcE+u
HYxcvY4cLfnxEsGz/5gCmVHYEYG8CH8rV7VG2X1oBQWg+DgHA3XyYiSuo3LFtwM8
lyRQLHFZZ3D8FFrVdDZp6mO5X7ktBTXtQkWrvrWWx5Z6s+it/PDcUNTFTEk=
-----END CERTIFICATE-----