Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f8e5d79a-ef84-446a-993a-dab482b37b08.roa
File:                     f8e5d79a-ef84-446a-993a-dab482b37b08.roa (raw, json)
Hash identifier:          iBXQKAqoFFUGT41MomZbn0UMyaM5wbIVg41VfpngIKE=
Subject key identifier:   51:A0:6F:BC:AC:AE:FB:CB:44:FA:65:DD:7E:0D:AF:F1:03:96:A5:88
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6378AB83634C02BAC8E517077487A678F112F9F7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f8e5d79a-ef84-446a-993a-dab482b37b08.roa
Signing time:             Thu 24 Oct 2024 00:00:00 +0000
ROA not before:           Thu 24 Oct 2024 00:00:00 +0000
ROA not after:            Thu 28 Nov 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 24 Oct 2024 13:54:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:78:ab:83:63:4c:02:ba:c8:e5:17:07:74:87:a6:78:f1:12:f9:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Oct 24 00:00:00 2024 GMT
            Not After : Nov 28 23:59:59 2024 GMT
        Subject: serialNumber=7091490ef71fe070476402db7c6afa544eeddaabf6b41e1575c9f8f9676633fa, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:02:97:6b:0f:40:88:dd:8b:5c:dd:8f:1d:3c:
                    6a:24:3c:44:f3:13:f7:72:2c:fd:e7:8d:db:db:08:
                    a7:09:39:44:9c:e0:a1:5a:a0:b8:ce:cc:95:6f:3b:
                    38:e5:a5:e9:4f:50:20:e6:8c:42:8f:6c:51:5f:80:
                    1e:fd:35:c9:ba:64:1b:22:48:57:c0:8f:b6:26:57:
                    23:af:e9:12:2b:a9:e4:d9:b1:90:f5:0f:34:16:77:
                    c2:95:0e:a5:75:c6:ef:dd:86:5f:0f:21:5a:9f:d2:
                    1c:4a:3d:b1:a2:b0:56:ca:6a:7b:9f:33:62:ff:ef:
                    39:02:eb:0a:8d:d3:9d:03:61:e4:78:60:6a:a8:ce:
                    cf:a5:b9:39:77:d7:72:52:ae:f2:5d:f4:3b:81:e6:
                    60:b6:34:d5:5b:5b:3f:48:70:66:0a:25:84:b3:77:
                    df:f4:eb:8e:51:48:41:dc:d5:d4:72:2d:81:86:e7:
                    0e:83:15:82:fe:1c:2b:cb:16:ea:b3:1a:07:76:7f:
                    71:f4:20:7b:c7:7f:7b:e7:96:ea:7d:d8:04:10:ae:
                    42:01:14:2b:bd:62:be:65:40:c8:4e:b7:cc:ab:95:
                    57:3e:4f:2e:43:22:7f:b1:86:18:6e:a7:06:f1:84:
                    d8:93:7d:61:95:5e:e7:9b:59:05:5f:9a:98:c5:40:
                    80:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:A0:6F:BC:AC:AE:FB:CB:44:FA:65:DD:7E:0D:AF:F1:03:96:A5:88
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f8e5d79a-ef84-446a-993a-dab482b37b08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:22:bd:36:2f:79:58:b8:42:f3:f9:b6:d1:f6:7b:ff:61:b7:
         f7:5a:5b:16:1e:27:f0:cf:5f:2a:06:db:85:a4:57:f2:9b:70:
         15:1f:7a:59:98:db:dd:2d:da:39:3b:73:f9:96:6c:76:b9:f1:
         12:33:e0:35:e2:96:be:f5:08:ac:93:1b:f6:c2:e8:f1:91:28:
         25:de:ae:91:f8:2d:11:d4:1f:c5:44:5a:67:48:ee:33:e9:77:
         1b:9c:b0:0c:74:fb:5f:e5:cd:5a:01:9d:d0:14:23:05:07:1c:
         cd:88:da:3b:16:71:44:e4:96:b3:53:84:0c:8d:ad:6f:a0:b8:
         ea:8a:4a:4a:b6:81:e1:82:10:0b:b3:8b:72:ce:dd:ed:9c:33:
         5d:16:83:ad:d2:c7:77:bc:39:3f:1a:53:23:bb:5f:a6:85:b3:
         1d:e2:ec:3d:3c:ee:8d:aa:fb:b6:a3:3d:92:18:f9:80:80:d9:
         88:24:c6:35:3c:36:aa:8a:d8:43:72:6a:da:32:df:53:e1:b4:
         37:05:8a:d3:64:92:6c:66:20:70:64:db:b3:fa:54:f5:81:1f:
         ee:b7:23:52:d1:36:41:ab:bf:89:d4:d4:b1:0e:b3:90:94:d1:
         de:75:69:6c:86:79:b0:f7:59:c9:77:30:b2:10:d5:de:da:91:
         4a:ac:a8:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY3irg2NMArrI5RcHdIemePES+fcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQxMDI0MDAwMDAwWhcNMjQxMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDkxNDkwZWY3MWZlMDcwNDc2NDAyZGI3YzZhZmE1NDRl
ZWRkYWFiZjZiNDFlMTU3NWM5ZjhmOTY3NjYzM2ZhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaApdrD0CI3Ytc3Y8dPGokPETzE/dyLP3njdvbCKcJOUSc
4KFaoLjOzJVvOzjlpelPUCDmjEKPbFFfgB79Ncm6ZBsiSFfAj7YmVyOv6RIrqeTZ
sZD1DzQWd8KVDqV1xu/dhl8PIVqf0hxKPbGisFbKanufM2L/7zkC6wqN050DYeR4
YGqozs+luTl313JSrvJd9DuB5mC2NNVbWz9IcGYKJYSzd9/0645RSEHc1dRyLYGG
5w6DFYL+HCvLFuqzGgd2f3H0IHvHf3vnlup92AQQrkIBFCu9Yr5lQMhOt8yrlVc+
Ty5DIn+xhhhupwbxhNiTfWGVXuebWQVfmpjFQIDjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUaBvvKyu+8tE+mXdfg2v8QOWpYgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Y4ZTVkNzlhLWVmODQtNDQ2YS05OTNhLWRhYjQ4MmIzN2IwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJ0ivTYveVi4QvP5ttH2e/9ht/da
WxYeJ/DPXyoG24WkV/KbcBUfelmY290t2jk7c/mWbHa58RIz4DXilr71CKyTG/bC
6PGRKCXerpH4LRHUH8VEWmdI7jPpdxucsAx0+1/lzVoBndAUIwUHHM2I2jsWcUTk
lrNThAyNrW+guOqKSkq2geGCEAuzi3LO3e2cM10Wg63Sx3e8OT8aUyO7X6aFsx3i
7D087o2q+7ajPZIY+YCA2YgkxjU8NqqK2ENyatoy31PhtDcFitNkkmxmIHBk27P6
VPWBH+63I1LRNkGrv4nU1LEOs5CU0d51aWyGebD3Wcl3MLIQ1d7akUqsqH4=
-----END CERTIFICATE-----