Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11f7b2bd-b866-4941-8b5b-ff2f70861881.roa
File:                     11f7b2bd-b866-4941-8b5b-ff2f70861881.roa (raw, json)
Hash identifier:          I8gq2brRRDCTH+BHLmGooX66vxSJYLskYdJajcW5Tkw=
Subject key identifier:   73:7D:B4:0F:83:67:D5:B7:90:44:F4:BD:76:B3:F8:F9:8D:ED:BB:83
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5BB1090F181C0C9EBCBF8B82C703DF315BB5362B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11f7b2bd-b866-4941-8b5b-ff2f70861881.roa
Signing time:             Tue 04 Feb 2025 00:00:00 +0000
ROA not before:           Tue 04 Feb 2025 00:00:00 +0000
ROA not after:            Tue 11 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f00:8000::/39 maxlen: 39
Validation:               Failed, certificate revoked on Tue 04 Feb 2025 15:11:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:b1:09:0f:18:1c:0c:9e:bc:bf:8b:82:c7:03:df:31:5b:b5:36:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  4 00:00:00 2025 GMT
            Not After : Mar 11 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:93:f9:7d:6c:fa:14:85:7f:ab:a6:2a:61:61:
                    64:79:bc:dd:43:14:75:35:fc:34:44:ad:c3:40:07:
                    8e:81:2c:ce:65:17:f0:5d:92:ce:ca:78:58:fd:7b:
                    ca:db:41:bf:62:aa:0e:d8:20:be:0b:6b:59:78:60:
                    24:c7:ae:43:38:58:a4:b5:07:a3:1f:ae:ef:3b:2c:
                    bc:1d:8c:5c:66:8a:02:09:48:22:88:27:c9:3d:95:
                    9c:5f:65:35:2c:af:e8:11:5f:2a:b3:2b:b4:78:a5:
                    ee:dd:ac:f6:0b:a9:05:69:c1:61:8c:25:ed:e2:95:
                    d5:8f:a6:ed:e6:ba:6b:0d:56:96:68:1a:e9:20:92:
                    26:ca:d7:b5:d7:dc:58:46:7c:fa:f8:9e:6e:88:9c:
                    fa:97:89:1b:90:f9:3e:be:c2:2f:3c:84:17:09:73:
                    90:2f:52:e9:c0:10:08:76:75:44:4c:1e:23:05:ca:
                    c4:ee:e5:96:bd:e5:b6:c6:55:fe:68:ea:db:63:98:
                    fb:1d:65:a4:18:4a:c9:92:1a:ef:e3:d1:b9:71:f0:
                    c2:13:02:31:66:11:ad:cb:b0:f3:21:70:92:df:a0:
                    19:db:e1:2c:69:ae:73:04:ff:44:c1:69:19:e7:15:
                    55:96:75:a3:bc:11:e6:cd:74:0c:58:22:2c:0c:7a:
                    37:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:7D:B4:0F:83:67:D5:B7:90:44:F4:BD:76:B3:F8:F9:8D:ED:BB:83
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11f7b2bd-b866-4941-8b5b-ff2f70861881.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         86:0d:98:01:da:78:d8:0e:ce:64:26:43:1a:42:aa:19:f5:7c:
         6d:d1:46:63:85:ba:b1:8c:79:b1:be:f5:e2:0e:b5:d4:c0:1d:
         dd:fd:4a:0e:1a:50:82:48:af:25:cd:32:56:5e:1c:46:b4:23:
         5e:59:37:75:f5:3c:04:54:1c:45:34:f2:08:2f:2e:af:44:99:
         60:33:f5:2b:ae:df:88:26:80:82:a0:7c:c4:3c:09:0e:d3:df:
         ed:7e:d9:36:1d:2e:db:e6:09:cc:af:03:4c:26:92:a8:bb:24:
         d1:0c:38:cd:c8:fa:ce:c4:5b:48:6b:60:e2:6d:9e:38:6f:f0:
         03:ae:34:5c:37:bf:2d:0f:b0:6c:b4:d5:27:04:17:f2:31:56:
         b9:19:46:a8:ad:80:20:50:d5:36:7a:47:7f:63:e2:18:7c:d4:
         fe:ad:d2:66:7c:d6:c3:f5:03:1a:2f:80:48:b8:6f:a3:a4:da:
         b1:1e:e5:34:e6:21:d6:72:d7:ac:80:06:95:3c:cc:de:e0:74:
         59:cf:8a:2a:f4:96:bc:82:fb:83:49:52:da:2a:35:e3:89:69:
         e3:7c:64:36:b4:7c:f2:b1:dc:df:94:58:92:9b:b6:c9:2c:ed:
         d2:8b:bd:5f:9f:8c:d2:d5:67:ff:d6:dd:31:72:63:8d:12:a3:
         eb:f4:13:81
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUW7EJDxgcDJ68v4uCxwPfMVu1NiswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNDI4ZGRjNjc0NTcwYmVlYzk2NWRmMDhlMTgzOTM5NTA0
M2Q2NDVhMTg4MWZkMTU2MzBlOWIyZmIyNjJkNGE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqk/l9bPoUhX+rpiphYWR5vN1DFHU1/DRErcNAB46BLM5l
F/Bdks7KeFj9e8rbQb9iqg7YIL4La1l4YCTHrkM4WKS1B6Mfru87LLwdjFxmigIJ
SCKIJ8k9lZxfZTUsr+gRXyqzK7R4pe7drPYLqQVpwWGMJe3ildWPpu3mumsNVpZo
GukgkibK17XX3FhGfPr4nm6InPqXiRuQ+T6+wi88hBcJc5AvUunAEAh2dURMHiMF
ysTu5Za95bbGVf5o6ttjmPsdZaQYSsmSGu/j0blx8MITAjFmEa3LsPMhcJLfoBnb
4SxprnME/0TBaRnnFVWWdaO8EebNdAxYIiwMeje7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUc320D4Nn1beQRPS9drP4+Y3tu4MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExZjdiMmJkLWI4NjYtNDk0MS04YjViLWZmMmY3MDg2MTg4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB8AgDANBgkqhkiG9w0BAQsFAAOCAQEAhg2YAdp42A7OZCZDGkKqGfV8
bdFGY4W6sYx5sb714g611MAd3f1KDhpQgkivJc0yVl4cRrQjXlk3dfU8BFQcRTTy
CC8ur0SZYDP1K67fiCaAgqB8xDwJDtPf7X7ZNh0u2+YJzK8DTCaSqLsk0Qw4zcj6
zsRbSGtg4m2eOG/wA640XDe/LQ+wbLTVJwQX8jFWuRlGqK2AIFDVNnpHf2PiGHzU
/q3SZnzWw/UDGi+ASLhvo6TasR7lNOYh1nLXrIAGlTzM3uB0Wc+KKvSWvIL7g0lS
2io144lp43xkNrR88rHc35RYkpu2ySzt0ou9X5+M0tVn/9bdMXJjjRKj6/QTgQ==
-----END CERTIFICATE-----