Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fab9c384-e4cc-4e81-b361-f6aadcef651f.roa
File:                     fab9c384-e4cc-4e81-b361-f6aadcef651f.roa (raw, json)
Hash identifier:          H99OUzGIjlols9YQK/rbyU4t6Qwa7fMIPNyv6cv4HkE=
Subject key identifier:   CF:F8:3D:8D:30:B7:D0:B6:76:04:92:76:77:D5:83:3E:FD:51:33:31
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2FD1EEB744D00E4778710336FFF0B9E672D6B259
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fab9c384-e4cc-4e81-b361-f6aadcef651f.roa
Signing time:             Mon 12 Aug 2024 00:00:00 +0000
ROA not before:           Mon 12 Aug 2024 00:00:00 +0000
ROA not after:            Mon 16 Sep 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Aug 2024 00:33:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:d1:ee:b7:44:d0:0e:47:78:71:03:36:ff:f0:b9:e6:72:d6:b2:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug 12 00:00:00 2024 GMT
            Not After : Sep 16 23:59:59 2024 GMT
        Subject: serialNumber=06de8aa90413dbbbdf25a1574872daaf9b25c7fa17c39b386d7f5ed57b975480, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:60:7b:dd:ce:ed:81:58:2a:94:5a:53:95:46:
                    f5:51:8c:4d:3f:9d:d2:1d:29:00:f6:2d:4c:b7:4f:
                    6a:9b:76:f6:10:a0:ef:3b:1c:fe:34:aa:47:90:08:
                    ab:57:84:5f:3f:bf:8c:da:f0:03:db:19:5e:3c:0b:
                    a0:96:91:80:c5:5a:91:09:31:20:0b:59:dd:6f:17:
                    64:4d:33:97:7d:0f:04:e4:59:7d:47:1b:92:8c:35:
                    be:fc:37:8f:9d:10:5d:48:97:e5:90:c4:ae:13:a1:
                    82:85:79:27:fa:e6:36:68:b7:a3:af:65:3b:27:de:
                    6f:ad:39:25:de:0f:f0:ec:f9:bd:25:f7:1d:cd:62:
                    06:cd:cb:63:a9:7e:c7:eb:73:4c:fe:3d:99:c5:e5:
                    3a:6d:94:ff:b5:45:7e:64:ca:e6:27:1f:f2:7a:69:
                    ab:ab:17:52:d8:87:c4:74:f5:c6:84:aa:84:02:f7:
                    17:d5:60:4e:83:a6:ae:bc:ad:98:9f:58:6a:d2:83:
                    b3:04:25:6e:94:86:b4:72:c8:0e:04:4c:a6:d4:85:
                    75:76:9d:b8:5c:d7:37:a6:33:31:ee:92:76:b7:fb:
                    52:b3:0e:a9:69:c8:be:6a:3a:8a:ea:2d:d6:57:42:
                    7a:3a:73:40:fd:83:cc:e0:6a:6c:ea:af:0f:c7:21:
                    06:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:F8:3D:8D:30:B7:D0:B6:76:04:92:76:77:D5:83:3E:FD:51:33:31
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fab9c384-e4cc-4e81-b361-f6aadcef651f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:75:a5:fd:80:88:91:f3:6b:2b:30:d7:50:13:f9:e4:52:1e:
         d9:69:fa:e5:ab:48:93:5c:cb:99:06:b2:54:0d:e0:82:89:da:
         b0:ff:24:a5:9f:d7:c0:bb:8c:d6:a4:30:4d:81:58:46:be:67:
         f1:f9:a2:8b:55:10:0e:18:f2:05:3e:b2:d1:e1:04:0e:5f:c3:
         80:1b:bd:92:57:fe:f1:17:77:f5:60:67:c2:c2:28:25:44:07:
         e4:46:d3:16:a4:6b:f7:a7:e7:c5:32:a3:a4:f9:a5:98:2a:3a:
         55:3e:3f:be:1a:aa:07:34:ba:ba:6e:c2:32:9f:75:ed:b2:ff:
         e3:3d:cc:dd:ef:19:74:f2:20:94:9e:f3:0f:20:73:af:a4:a9:
         89:46:e1:ec:ab:3b:d7:fa:0c:87:22:f7:de:19:e7:86:cf:8b:
         ac:65:d8:e0:d7:17:f1:45:8a:e4:fa:8d:5a:02:de:77:ab:00:
         d0:0a:67:59:8e:de:01:7a:56:7b:c5:d1:c0:e2:bd:e1:56:e7:
         39:3e:5f:23:07:d9:d7:f1:00:1b:bc:54:51:c9:fb:67:f4:ed:
         20:55:ed:bf:8e:d8:1f:3c:ab:1a:ea:7a:4a:b9:30:6e:ac:a5:
         79:d7:2a:c2:d1:e5:aa:2f:af:6c:6c:03:ee:5e:e0:29:7d:c5:
         75:eb:55:d3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL9Hut0TQDkd4cQM2//C55nLWslkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwODEyMDAwMDAwWhcNMjQwOTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNmRlOGFhOTA0MTNkYmJiZGYyNWExNTc0ODcyZGFhZjli
MjVjN2ZhMTdjMzliMzg2ZDdmNWVkNTdiOTc1NDgwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgYHvdzu2BWCqUWlOVRvVRjE0/ndIdKQD2LUy3T2qbdvYQ
oO87HP40qkeQCKtXhF8/v4za8APbGV48C6CWkYDFWpEJMSALWd1vF2RNM5d9DwTk
WX1HG5KMNb78N4+dEF1Il+WQxK4ToYKFeSf65jZot6OvZTsn3m+tOSXeD/Ds+b0l
9x3NYgbNy2Opfsfrc0z+PZnF5TptlP+1RX5kyuYnH/J6aaurF1LYh8R09caEqoQC
9xfVYE6Dpq68rZifWGrSg7MEJW6UhrRyyA4ETKbUhXV2nbhc1zemMzHukna3+1Kz
DqlpyL5qOorqLdZXQno6c0D9g8zgamzqrw/HIQa7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUz/g9jTC30LZ2BJJ2d9WDPv1RMzEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZhYjljMzg0LWU0Y2MtNGU4MS1iMzYxLWY2YWFkY2VmNjUxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIt1pf2AiJHzaysw11AT+eRSHtlp
+uWrSJNcy5kGslQN4IKJ2rD/JKWf18C7jNakME2BWEa+Z/H5ootVEA4Y8gU+stHh
BA5fw4AbvZJX/vEXd/VgZ8LCKCVEB+RG0xaka/en58Uyo6T5pZgqOlU+P74aqgc0
urpuwjKfde2y/+M9zN3vGXTyIJSe8w8gc6+kqYlG4eyrO9f6DIci994Z54bPi6xl
2ODXF/FFiuT6jVoC3nerANAKZ1mO3gF6VnvF0cDiveFW5zk+XyMH2dfxABu8VFHJ
+2f07SBV7b+O2B88qxrqekq5MG6spXnXKsLR5aovr2xsA+5e4Cl9xXXrVdM=
-----END CERTIFICATE-----