Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17cc2cf3-468b-4973-b759-41b6215bc7ca.roa
File:                     17cc2cf3-468b-4973-b759-41b6215bc7ca.roa (raw, json)
Hash identifier:          Ln5WS7V/ByicozCBibBa/1nGkxgdTxH9Z0bmEN3HL/I=
Subject key identifier:   22:FD:9D:EB:38:10:DF:FC:E7:68:C9:22:9C:08:E4:21:38:60:98:83
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6A0190B63EBD67DBF915B2E5F3B0CB069F5F8E15
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17cc2cf3-468b-4973-b759-41b6215bc7ca.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        40.39.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Mon 13 Jan 2025 23:52:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:01:90:b6:3e:bd:67:db:f9:15:b2:e5:f3:b0:cb:06:9f:5f:8e:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:0d:6f:b5:0e:09:9d:52:90:21:54:65:c7:96:
                    92:0a:61:30:d6:56:16:0a:ea:4b:16:5f:64:bc:51:
                    cb:ec:fa:e2:70:27:be:2f:0d:96:68:4b:ca:96:6c:
                    59:da:81:ed:19:b0:6b:27:75:b5:01:7e:f2:aa:47:
                    09:01:5e:16:79:b8:ce:12:0b:e3:f7:a6:1f:95:63:
                    c2:02:e4:39:6d:56:37:7d:4b:c0:d2:4a:22:43:d5:
                    54:23:d1:b7:c1:65:06:e0:ce:f4:a5:98:8c:65:86:
                    53:a5:ec:a9:27:fd:1e:7e:ab:06:61:71:66:d3:c0:
                    7e:da:ea:86:4a:6b:08:b3:27:1b:dc:be:70:7d:e2:
                    10:f8:19:80:4a:e7:b5:6e:f6:54:4a:4b:46:e5:2a:
                    a4:04:28:f9:4e:7e:77:c2:d5:87:ee:07:05:40:db:
                    e2:a6:82:54:97:dc:84:70:08:e5:7c:f6:6d:f6:90:
                    be:0d:03:ca:c5:0d:80:ee:0a:1a:dc:3e:96:f9:8a:
                    d4:ac:72:ab:28:b5:a2:4e:06:0c:0c:45:af:bf:09:
                    01:07:a3:d7:fb:49:bc:52:82:d8:ee:d0:51:67:9f:
                    31:a7:88:3e:82:16:9a:46:e2:9b:16:e6:f8:02:7c:
                    00:62:f9:f0:74:50:aa:fb:f4:24:bd:e1:b9:80:eb:
                    65:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:FD:9D:EB:38:10:DF:FC:E7:68:C9:22:9C:08:E4:21:38:60:98:83
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17cc2cf3-468b-4973-b759-41b6215bc7ca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.39.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c4:a8:b7:b8:72:e7:33:de:eb:88:19:7b:b7:40:a5:3c:55:9d:
         79:52:1b:b3:0c:20:98:e7:da:7c:47:4c:1a:7a:2f:44:b4:be:
         3c:7c:7f:2d:3a:85:9f:28:ab:f9:72:ae:4c:e9:5d:6e:87:67:
         df:1a:5b:08:9f:5b:c2:0f:8d:60:49:06:3e:d4:97:6e:c3:15:
         bd:8a:77:16:d4:d0:7b:03:a1:14:62:ff:bc:d1:3b:8a:d8:32:
         40:ef:95:65:7f:47:6e:1e:82:36:38:61:f9:a8:69:7d:37:db:
         fe:f9:b0:9e:d0:20:33:e9:a8:7e:2d:38:02:3a:77:c5:0d:e3:
         a1:8c:58:0e:c7:5d:ae:75:b4:40:70:ef:82:7e:2f:ef:03:75:
         ef:c3:63:31:81:4e:ea:0b:e0:e2:5b:62:fd:db:32:40:67:54:
         0f:86:bc:c5:31:1a:4c:b1:3e:57:40:e9:a1:37:ab:58:ea:ca:
         02:07:8c:f6:e0:6a:ce:3f:5e:ad:dd:c3:da:c4:af:bf:48:bc:
         e6:c1:f3:24:3e:82:6e:11:27:c7:9a:6f:0a:f5:a2:10:8e:39:
         2a:e4:4f:e0:36:75:5d:54:ac:76:05:c0:54:9f:31:b7:72:31:
         37:67:96:65:8b:76:92:09:8f:96:8b:44:b2:c7:a6:df:63:3e:
         06:97:8c:4a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUagGQtj69Z9v5FbLl87DLBp9fjhUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMjY3OGQwYmQxNGRkZjE4ZGRlOTMyYzZlMzMyN2U3YWRl
NmE1Yzg2YmViNDZiM2YzODNkNWRiNzM2MGYzYmRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoDW+1DgmdUpAhVGXHlpIKYTDWVhYK6ksWX2S8Ucvs+uJw
J74vDZZoS8qWbFnage0ZsGsndbUBfvKqRwkBXhZ5uM4SC+P3ph+VY8IC5DltVjd9
S8DSSiJD1VQj0bfBZQbgzvSlmIxlhlOl7Kkn/R5+qwZhcWbTwH7a6oZKawizJxvc
vnB94hD4GYBK57Vu9lRKS0blKqQEKPlOfnfC1YfuBwVA2+KmglSX3IRwCOV89m32
kL4NA8rFDYDuChrcPpb5itSscqsotaJOBgwMRa+/CQEHo9f7SbxSgtju0FFnnzGn
iD6CFppG4psW5vgCfABi+fB0UKr79CS94bmA62WvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUIv2d6zgQ3/znaMkinAjkIThgmIMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE3Y2MyY2YzLTQ2OGItNDk3My1iNzU5LTQxYjYyMTViYzdjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAoJzANBgkqhkiG9w0BAQsFAAOCAQEAxKi3uHLnM97riBl7t0ClPFWdeVIb
swwgmOfafEdMGnovRLS+PHx/LTqFnyir+XKuTOldbodn3xpbCJ9bwg+NYEkGPtSX
bsMVvYp3FtTQewOhFGL/vNE7itgyQO+VZX9Hbh6CNjhh+ahpfTfb/vmwntAgM+mo
fi04Ajp3xQ3joYxYDsddrnW0QHDvgn4v7wN178NjMYFO6gvg4lti/dsyQGdUD4a8
xTEaTLE+V0DpoTerWOrKAgeM9uBqzj9erd3D2sSvv0i85sHzJD6CbhEnx5pvCvWi
EI45KuRP4DZ1XVSsdgXAVJ8xt3IxN2eWZYt2kgmPlotEssem32M+BpeMSg==
-----END CERTIFICATE-----