Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bb31f22-737a-41b2-b6e7-10eae5506e35.roa
File:                     0bb31f22-737a-41b2-b6e7-10eae5506e35.roa (raw, json)
Hash identifier:          RpZd4veUQEYoqBbPuT1Gbw4AtgGF2blQugCmpGVa7K4=
Subject key identifier:   F0:DA:03:04:2D:AC:99:63:9E:7D:1A:A2:E2:37:A6:F1:B5:AF:EC:96
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       06F76EEAF5EF7132793A6986B54D006697D8926D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bb31f22-737a-41b2-b6e7-10eae5506e35.roa
Signing time:             Sat 15 Mar 2025 00:30:28 +0000
ROA not before:           Sat 15 Mar 2025 00:30:28 +0000
ROA not after:            Sat 19 Apr 2025 23:59:59 +0000
asID:                     19047
IP address blocks:        70.130.226.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 18 Mar 2025 17:23:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:f7:6e:ea:f5:ef:71:32:79:3a:69:86:b5:4d:00:66:97:d8:92:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 15 00:30:28 2025 GMT
            Not After : Apr 19 23:59:59 2025 GMT
        Subject: serialNumber=5f8ffa17a1fdbfd8e60b4c7138711a38256acff9b0624a5a1cc4b44d3e36cc36, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:8d:b1:3d:80:d9:93:0b:d5:71:37:85:42:10:
                    9b:91:bd:a6:31:9e:87:67:a2:ca:28:2b:b3:92:54:
                    c0:2d:d7:7c:3b:92:38:fd:0b:dd:d8:c3:35:e4:e2:
                    9f:6e:cd:ff:a0:a5:83:bc:64:f5:eb:d2:8e:b5:48:
                    e8:d2:00:48:eb:f9:9c:dc:54:b8:de:13:19:c2:11:
                    02:82:5c:48:5b:96:b5:b2:fe:cc:16:ad:e7:25:e3:
                    dd:2e:a4:e8:d6:75:ab:e1:df:53:af:4b:4a:bf:21:
                    37:4b:2d:73:7f:8b:65:fa:5c:b2:70:10:e0:89:25:
                    e5:60:16:32:fd:d6:17:d8:e8:a5:18:2c:77:e3:f4:
                    34:e4:4d:7d:c6:94:a4:75:f5:4d:4b:71:3c:44:73:
                    73:dd:49:27:16:56:7d:55:1e:c1:2b:42:b2:ac:9d:
                    a5:6f:86:2a:60:47:b8:8b:3b:b7:01:b2:80:b3:89:
                    2d:c8:20:2f:b7:50:bd:ac:e2:77:ef:c4:69:b5:49:
                    67:9e:d3:e0:e1:77:e6:e4:97:98:49:7f:d8:55:cb:
                    13:86:01:19:6f:80:a2:97:74:49:73:80:3a:8f:a1:
                    8e:59:2c:82:02:54:36:00:66:fb:45:6f:14:9f:82:
                    27:3c:36:86:f6:c7:fb:b9:b1:25:e5:88:29:9e:74:
                    c2:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:DA:03:04:2D:AC:99:63:9E:7D:1A:A2:E2:37:A6:F1:B5:AF:EC:96
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bb31f22-737a-41b2-b6e7-10eae5506e35.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.130.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:5f:bd:ed:d1:88:7f:07:38:3d:61:5f:a2:8c:fb:9a:cc:0c:
         ad:98:14:5d:06:aa:d2:99:66:d2:62:86:4b:71:71:6f:90:83:
         26:11:5b:6a:eb:14:92:cd:7a:a1:0f:9d:f2:c2:1d:1f:b2:f8:
         ce:52:d5:85:45:23:4c:33:6d:09:d0:d2:fb:f8:6a:81:3b:5c:
         8c:db:18:d7:dc:df:82:44:f8:5d:00:d2:5b:dd:d8:70:6b:28:
         b8:76:d3:57:99:bc:0f:48:7b:19:25:e3:1e:1c:3b:95:88:23:
         b0:66:e3:08:0f:ce:ba:85:ff:7b:72:0f:26:be:c5:57:4f:ae:
         5b:6e:e7:5c:11:d8:6b:4d:88:69:11:7b:fe:78:7d:31:d4:48:
         94:f6:c0:cb:28:e4:0a:68:2c:e7:2d:94:36:37:6a:36:bc:91:
         59:10:43:d8:e7:aa:e8:51:33:12:b1:cc:71:fb:d4:f1:c0:51:
         dc:d0:52:11:24:af:8a:86:77:69:24:20:e7:cd:47:89:b0:a9:
         1c:25:25:b1:b2:b8:cc:28:cc:77:a6:4c:e3:4f:08:3a:3a:c5:
         94:11:e3:50:17:89:99:0d:55:59:76:e7:10:53:a1:9a:f7:01:
         90:07:45:82:12:0b:46:f7:c9:91:2c:d5:58:2e:98:45:e2:96:
         c1:be:cb:27
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBvdu6vXvcTJ5OmmGtU0AZpfYkm0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDAzMDI4WhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZjhmZmExN2ExZmRiZmQ4ZTYwYjRjNzEzODcxMWEzODI1
NmFjZmY5YjA2MjRhNWExY2M0YjQ0ZDNlMzZjYzM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3jbE9gNmTC9VxN4VCEJuRvaYxnodnosooK7OSVMAt13w7
kjj9C93YwzXk4p9uzf+gpYO8ZPXr0o61SOjSAEjr+ZzcVLjeExnCEQKCXEhblrWy
/swWrecl490upOjWdavh31OvS0q/ITdLLXN/i2X6XLJwEOCJJeVgFjL91hfY6KUY
LHfj9DTkTX3GlKR19U1LcTxEc3PdSScWVn1VHsErQrKsnaVvhipgR7iLO7cBsoCz
iS3IIC+3UL2s4nfvxGm1SWee0+Dhd+bkl5hJf9hVyxOGARlvgKKXdElzgDqPoY5Z
LIICVDYAZvtFbxSfgic8Nob2x/u5sSXliCmedMK5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8NoDBC2smWOefRqi4jem8bWv7JYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBiYjMxZjIyLTczN2EtNDFiMi1iNmU3LTEwZWFlNTUwNmUzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABGguIwDQYJKoZIhvcNAQELBQADggEBAJBfve3RiH8HOD1hX6KM+5rMDK2Y
FF0GqtKZZtJihktxcW+QgyYRW2rrFJLNeqEPnfLCHR+y+M5S1YVFI0wzbQnQ0vv4
aoE7XIzbGNfc34JE+F0A0lvd2HBrKLh201eZvA9Iexkl4x4cO5WII7Bm4wgPzrqF
/3tyDya+xVdPrltu51wR2GtNiGkRe/54fTHUSJT2wMso5ApoLOctlDY3aja8kVkQ
Q9jnquhRMxKxzHH71PHAUdzQUhEkr4qGd2kkIOfNR4mwqRwlJbGyuMwozHemTONP
CDo6xZQR41AXiZkNVVl25xBToZr3AZAHRYISC0b3yZEs1VgumEXilsG+yyc=
-----END CERTIFICATE-----