Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f0fafe04-96d3-49c9-ae17-e8d3735822d0.roa
File:                     f0fafe04-96d3-49c9-ae17-e8d3735822d0.roa (raw, json)
Hash identifier:          Si+mI1xT64zDXNNmXhyvcHiIjYOjxcUeJVI2OphsdAQ=
Subject key identifier:   C5:2F:38:1A:BC:82:8B:66:DD:8C:64:6B:20:AC:51:C3:C0:9F:54:8E
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       647B954B2FFF15B8A594599B7C403A1A1AE9844F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f0fafe04-96d3-49c9-ae17-e8d3735822d0.roa
Signing time:             Fri 13 Sep 2024 00:00:00 +0000
ROA not before:           Fri 13 Sep 2024 00:00:00 +0000
ROA not after:            Fri 18 Oct 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Sep 2024 17:44:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:7b:95:4b:2f:ff:15:b8:a5:94:59:9b:7c:40:3a:1a:1a:e9:84:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Sep 13 00:00:00 2024 GMT
            Not After : Oct 18 23:59:59 2024 GMT
        Subject: serialNumber=1e16947e8d9e51af32fadddd847ac6af8696c9d5bc561cb589ec3788b5168eb8, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b2:1e:f5:c7:fa:1a:ac:c1:d8:81:ab:73:32:
                    dc:05:8c:15:d3:3f:0b:34:9d:0e:82:98:0e:61:c8:
                    b0:d3:e6:13:2c:2c:ea:c5:8a:ab:33:2e:59:de:a9:
                    e3:ca:de:91:ab:3d:16:5f:a7:d9:ea:d7:01:17:72:
                    90:c0:a9:0d:0b:38:b3:58:48:36:20:e9:0e:44:0a:
                    30:b5:90:9f:bd:8f:76:71:91:2a:42:2e:26:df:dc:
                    d5:fd:54:b8:ff:f9:a1:a0:9b:d3:01:76:f3:4a:2f:
                    a5:b1:02:11:5a:9c:76:43:ae:5b:fe:b9:ce:d2:36:
                    c8:8e:57:1f:98:6b:05:1d:98:35:d3:32:71:64:c5:
                    77:ba:b7:0f:6b:5c:7b:64:0c:2c:5b:11:9f:e0:22:
                    a1:88:04:91:f6:33:a0:97:66:52:80:52:e8:80:d3:
                    8a:f4:f6:63:9d:e6:5c:18:bc:87:98:38:04:12:4e:
                    48:f4:a9:35:66:04:2c:f4:5d:57:4d:8d:0d:7c:c4:
                    69:52:c9:58:8d:2c:8f:81:4a:1a:3f:af:0f:22:b7:
                    41:be:57:79:27:4b:fb:1e:96:17:ff:f1:cb:e5:64:
                    aa:fd:75:9c:42:eb:bd:eb:a2:86:98:e7:bd:28:1d:
                    44:7d:a9:e7:57:5f:27:f9:c6:78:bd:c4:df:09:6e:
                    36:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:2F:38:1A:BC:82:8B:66:DD:8C:64:6B:20:AC:51:C3:C0:9F:54:8E
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f0fafe04-96d3-49c9-ae17-e8d3735822d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:c1:b7:44:3f:89:36:6b:35:74:99:74:89:cc:c4:66:84:2a:
         1d:53:6e:cb:4a:2f:31:0d:b8:6d:bb:cd:76:f8:6f:93:b4:76:
         fe:88:23:3f:bf:6b:39:30:ad:f1:1b:08:62:49:24:ae:56:18:
         e7:a2:6d:75:f7:7b:fd:69:3c:76:56:62:4b:ee:55:5f:34:98:
         79:92:c8:2d:0b:d9:6a:e1:39:9f:e0:c7:18:ff:88:f8:26:fe:
         2c:89:99:5b:b8:07:5a:1d:99:c8:00:ba:7e:7a:3c:0c:47:5e:
         9d:b6:76:fd:a9:33:84:64:14:f4:d4:d6:ce:c0:19:04:5c:de:
         79:95:51:01:02:8b:18:e0:91:5f:a1:7b:43:54:c5:4c:d2:94:
         c5:69:3a:10:1b:0b:c0:13:3f:df:c6:61:68:59:bc:c1:bd:34:
         1f:50:7f:6b:84:c4:7f:18:c0:3c:99:1b:34:79:1a:43:7e:62:
         65:1e:ea:0b:7b:06:9d:0e:ef:ac:c0:23:fc:53:e0:fb:54:f5:
         09:18:9e:26:37:7d:87:87:fb:df:39:3c:a7:9c:68:a4:fd:62:
         bc:a0:79:c9:6c:c8:73:76:57:6f:c3:7b:30:bf:6a:05:ba:2b:
         b4:34:69:b1:87:2e:0d:69:a3:79:18:ef:98:43:48:f2:99:d2:
         58:9e:8e:93
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZHuVSy//FbillFmbfEA6GhrphE8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwOTEzMDAwMDAwWhcNMjQxMDE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZTE2OTQ3ZThkOWU1MWFmMzJmYWRkZGQ4NDdhYzZhZjg2
OTZjOWQ1YmM1NjFjYjU4OWVjMzc4OGI1MTY4ZWI4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYsh71x/oarMHYgatzMtwFjBXTPws0nQ6CmA5hyLDT5hMs
LOrFiqszLlneqePK3pGrPRZfp9nq1wEXcpDAqQ0LOLNYSDYg6Q5ECjC1kJ+9j3Zx
kSpCLibf3NX9VLj/+aGgm9MBdvNKL6WxAhFanHZDrlv+uc7SNsiOVx+YawUdmDXT
MnFkxXe6tw9rXHtkDCxbEZ/gIqGIBJH2M6CXZlKAUuiA04r09mOd5lwYvIeYOAQS
Tkj0qTVmBCz0XVdNjQ18xGlSyViNLI+BSho/rw8it0G+V3knS/selhf/8cvlZKr9
dZxC673rooaY570oHUR9qedXXyf5xni9xN8JbjYrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxS84GryCi2bdjGRrIKxRw8CfVI4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2YwZmFmZTA0LTk2ZDMtNDljOS1hZTE3LWU4ZDM3MzU4MjJkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABTBt0Q/iTZrNXSZdInMxGaEKh1T
bstKLzENuG27zXb4b5O0dv6IIz+/azkwrfEbCGJJJK5WGOeibXX3e/1pPHZWYkvu
VV80mHmSyC0L2WrhOZ/gxxj/iPgm/iyJmVu4B1odmcgAun56PAxHXp22dv2pM4Rk
FPTU1s7AGQRc3nmVUQECixjgkV+he0NUxUzSlMVpOhAbC8ATP9/GYWhZvMG9NB9Q
f2uExH8YwDyZGzR5GkN+YmUe6gt7Bp0O76zAI/xT4PtU9QkYniY3fYeH+985PKec
aKT9YrygeclsyHN2V2/DezC/agW6K7Q0abGHLg1po3kY75hDSPKZ0liejpM=
-----END CERTIFICATE-----