Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f6848fa7-9915-4fce-8f09-170abaadee8a.roa
File:                     f6848fa7-9915-4fce-8f09-170abaadee8a.roa (raw, json)
Hash identifier:          WOcr0oYbU1qaxxcIFE7KA0IfEuD8QeQH/EKMbrE3q3o=
Subject key identifier:   04:EA:B3:0F:1B:01:96:C9:88:6C:C8:B5:F6:D4:6E:EE:DC:92:08:5A
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       3719EA98BBAA6BDB4D1B164B2525C5F6A53F9296
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f6848fa7-9915-4fce-8f09-170abaadee8a.roa
Signing time:             Sun 21 Jul 2024 00:00:00 +0000
ROA not before:           Sun 21 Jul 2024 00:00:00 +0000
ROA not after:            Sun 25 Aug 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 21 Jul 2024 09:03:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:19:ea:98:bb:aa:6b:db:4d:1b:16:4b:25:25:c5:f6:a5:3f:92:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 21 00:00:00 2024 GMT
            Not After : Aug 25 23:59:59 2024 GMT
        Subject: serialNumber=202810110e9a964e74170c511f34f404e6dc2c95424a12d6923379723fe39cb7, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a8:7b:38:fb:2b:dd:2a:23:c0:ad:cf:8f:82:
                    de:4d:ae:8f:d8:43:a0:6f:43:d0:c0:c8:84:36:49:
                    42:ed:e0:2d:28:71:4f:9e:d2:bd:d9:8b:17:51:58:
                    3d:7c:61:6b:62:f0:96:b9:19:9c:db:aa:c2:79:b9:
                    ac:c2:56:4d:0c:d2:d0:bc:50:b4:89:b3:53:0c:78:
                    d4:44:d2:25:dd:b1:24:27:cf:e1:f4:6e:52:87:19:
                    9b:d1:d6:92:69:8f:54:a8:b5:84:1d:c3:61:22:b4:
                    a4:84:97:cb:bc:7c:c2:67:ba:37:ee:30:36:1d:92:
                    99:dc:4e:a3:65:8a:8c:6c:47:e9:44:8c:fc:bd:07:
                    f8:17:b4:cf:d5:a3:ef:41:5c:0d:26:48:42:5a:63:
                    1d:08:03:4f:59:51:b3:f4:4c:78:53:0b:44:7d:ab:
                    4e:11:f2:c7:68:de:01:cd:0a:10:94:e6:20:3c:e7:
                    b4:c0:f4:0e:13:af:9a:d5:77:36:10:ce:33:22:ec:
                    51:c0:02:4c:c0:a9:b4:5f:41:53:1e:cd:07:ff:df:
                    19:61:76:b5:f7:4c:56:f4:ff:ce:20:27:c1:14:e1:
                    f6:20:c7:f2:f1:a9:e1:00:ed:7a:3a:7f:f8:72:da:
                    10:61:3d:71:5e:1d:f8:e7:d1:f4:c2:b2:2d:07:bb:
                    3f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:EA:B3:0F:1B:01:96:C9:88:6C:C8:B5:F6:D4:6E:EE:DC:92:08:5A
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f6848fa7-9915-4fce-8f09-170abaadee8a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:21:c2:bd:e3:44:9e:fc:7f:a9:1b:92:8a:74:7f:5b:10:52:
         74:72:1f:de:93:85:2a:f3:44:10:6b:82:4b:5c:db:09:7e:58:
         81:f3:16:5d:0f:17:e3:ce:a9:ed:f9:71:72:a8:82:7f:4b:a7:
         42:4d:52:0c:74:84:76:89:7c:80:e3:2b:c0:e1:43:77:cf:dd:
         f0:2d:c0:3d:4f:46:d0:de:e7:e0:46:37:a6:e4:50:b1:48:95:
         af:23:a7:3c:07:8a:8c:a9:d7:02:7d:b1:cc:09:29:c5:48:9c:
         a1:44:b8:cd:1b:3d:bd:55:cf:4f:0b:12:9f:83:40:b4:8a:c1:
         01:91:c3:d9:d8:33:1f:fc:03:d5:48:7e:a2:1d:01:d0:54:f3:
         79:75:4c:60:9a:7d:65:a9:1b:ba:e9:9b:27:4e:b2:5d:92:d9:
         47:7a:fc:15:86:67:8c:43:76:1b:48:43:53:67:9f:b9:b0:9f:
         67:d0:ee:f3:49:63:fb:ac:c2:20:2d:47:65:2d:be:43:26:90:
         89:90:5f:71:52:6d:27:ac:c2:33:18:47:a9:b5:da:fe:cf:51:
         47:01:96:e8:be:f9:ad:8f:fa:c2:c6:b2:ce:84:c4:d3:ba:97:
         33:f0:b8:f1:77:36:bc:09:da:de:47:97:07:9c:f9:2d:a0:3b:
         64:c1:5b:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNxnqmLuqa9tNGxZLJSXF9qU/kpYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNzIxMDAwMDAwWhcNMjQwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDI4MTAxMTBlOWE5NjRlNzQxNzBjNTExZjM0ZjQwNGU2
ZGMyYzk1NDI0YTEyZDY5MjMzNzk3MjNmZTM5Y2I3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmqHs4+yvdKiPArc+Pgt5Nro/YQ6BvQ9DAyIQ2SULt4C0o
cU+e0r3ZixdRWD18YWti8Ja5GZzbqsJ5uazCVk0M0tC8ULSJs1MMeNRE0iXdsSQn
z+H0blKHGZvR1pJpj1SotYQdw2EitKSEl8u8fMJnujfuMDYdkpncTqNlioxsR+lE
jPy9B/gXtM/Vo+9BXA0mSEJaYx0IA09ZUbP0THhTC0R9q04R8sdo3gHNChCU5iA8
57TA9A4Tr5rVdzYQzjMi7FHAAkzAqbRfQVMezQf/3xlhdrX3TFb0/84gJ8EU4fYg
x/LxqeEA7Xo6f/hy2hBhPXFeHfjn0fTCsi0Huz8VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBOqzDxsBlsmIbMi19tRu7tySCFowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Y2ODQ4ZmE3LTk5MTUtNGZjZS04ZjA5LTE3MGFiYWFkZWU4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACIhwr3jRJ78f6kbkop0f1sQUnRy
H96ThSrzRBBrgktc2wl+WIHzFl0PF+POqe35cXKogn9Lp0JNUgx0hHaJfIDjK8Dh
Q3fP3fAtwD1PRtDe5+BGN6bkULFIla8jpzwHioyp1wJ9scwJKcVInKFEuM0bPb1V
z08LEp+DQLSKwQGRw9nYMx/8A9VIfqIdAdBU83l1TGCafWWpG7rpmydOsl2S2Ud6
/BWGZ4xDdhtIQ1Nnn7mwn2fQ7vNJY/uswiAtR2UtvkMmkImQX3FSbSeswjMYR6m1
2v7PUUcBlui++a2P+sLGss6ExNO6lzPwuPF3NrwJ2t5Hlwec+S2gO2TBWwI=
-----END CERTIFICATE-----