Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18f28eed-d74e-4577-81bc-f124db71f12e.roa
File:                     18f28eed-d74e-4577-81bc-f124db71f12e.roa (raw, json)
Hash identifier:          ka1fhHllalxwC1btSueW4WyyAAhEOqEF/xDqF741Z5A=
Subject key identifier:   38:AE:5E:71:0B:E5:4C:B0:94:EE:6A:1A:79:F1:CB:5A:5F:4D:E0:C8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       05EFE9FEAADBECE46B6B7361CCF53C9187E73574
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18f28eed-d74e-4577-81bc-f124db71f12e.roa
Signing time:             Sat 12 Oct 2024 00:00:00 +0000
ROA not before:           Sat 12 Oct 2024 00:00:00 +0000
ROA not after:            Sat 16 Nov 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        207.220.0.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Thu 24 Oct 2024 15:11:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:ef:e9:fe:aa:db:ec:e4:6b:6b:73:61:cc:f5:3c:91:87:e7:35:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 12 00:00:00 2024 GMT
            Not After : Nov 16 23:59:59 2024 GMT
        Subject: serialNumber=6690f9a67bdee605db644335e3ba8a7adf962afeb79e15e600c607abb4bc1d49, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d3:d0:a5:3f:b8:20:71:f0:37:b8:3c:39:ab:
                    a9:23:c4:a9:f1:3a:63:de:25:49:8a:85:61:f1:01:
                    e4:cf:7f:e6:67:33:0b:7b:11:32:6c:b8:c9:14:c5:
                    7a:d7:89:79:5a:17:b4:83:7a:a8:55:b8:10:4b:ad:
                    c0:52:53:b3:ab:08:6d:d9:e3:7e:b4:c2:e6:b2:8f:
                    bd:9d:a4:43:3f:d3:6d:06:49:11:a1:f3:38:25:a6:
                    bf:44:cb:82:c8:7a:6a:2a:a8:48:5d:6d:cc:c0:80:
                    ec:c1:74:61:b3:78:7f:60:fd:ba:e2:40:f5:e1:ef:
                    30:03:00:63:60:64:d2:3d:a0:f2:e9:5c:3c:ad:5d:
                    72:95:dc:ae:b6:36:d5:89:dd:4d:27:2b:53:cf:98:
                    2e:a5:e9:0b:e7:50:42:22:75:89:16:32:40:ea:21:
                    6f:3c:91:9b:78:57:9e:64:1a:a4:a1:11:37:e8:3b:
                    90:e6:8a:c1:e5:f5:fe:60:a9:f5:1d:e5:9f:f7:c1:
                    39:b8:b9:a2:33:a9:37:07:81:7c:a4:18:77:49:e6:
                    c0:77:e2:35:18:a5:11:b9:cc:f7:a3:f2:0f:72:a6:
                    17:21:69:f7:21:57:b0:e8:e7:c7:08:51:b9:ba:e5:
                    b6:be:ac:1e:c2:9d:cc:a8:ae:a2:d5:ee:ea:09:71:
                    f7:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:AE:5E:71:0B:E5:4C:B0:94:EE:6A:1A:79:F1:CB:5A:5F:4D:E0:C8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18f28eed-d74e-4577-81bc-f124db71f12e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.220.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5e:f1:55:8f:0b:aa:4f:23:ec:2c:ce:ac:4e:2a:7b:b5:75:90:
         c4:9b:03:8b:08:e0:da:06:48:fb:0e:34:78:e8:4c:bc:86:b9:
         24:1c:7f:73:d9:be:73:5f:41:11:6b:61:66:04:98:21:21:78:
         a3:a0:67:b8:1d:1f:d3:f5:60:0b:27:41:88:13:fc:10:f5:f2:
         45:e7:b4:68:17:f1:28:42:bf:40:a0:94:ee:93:2f:f5:91:92:
         8a:b9:4d:c9:7f:e3:d9:be:25:9f:d5:81:2b:69:82:5a:a8:04:
         ae:33:bf:16:5e:73:3d:a7:27:fd:7c:13:92:ab:31:6a:04:92:
         0f:59:71:a5:e6:a8:b6:b8:76:a6:cb:e0:cd:69:4d:2c:6f:b4:
         a7:04:bb:10:b9:f4:05:82:34:69:8f:ee:e2:1a:93:ba:d5:99:
         65:e2:df:85:07:a0:1f:5a:e8:d2:ed:24:16:0c:29:e5:c4:f3:
         b0:29:7e:b9:f3:10:a4:82:25:2b:51:2a:f4:ad:49:40:79:7f:
         c8:d8:0a:60:7a:26:21:5c:05:b0:b0:77:83:0d:65:31:60:d2:
         e4:5e:c5:a4:46:e6:25:49:93:a5:2c:77:85:e3:d9:b2:c2:df:
         90:23:f3:cc:4e:5b:c7:ea:bf:8b:8c:65:b5:50:b2:84:1c:18:
         f3:19:33:63
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBe/p/qrb7ORra3NhzPU8kYfnNXQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDEyMDAwMDAwWhcNMjQxMTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjkwZjlhNjdiZGVlNjA1ZGI2NDQzMzVlM2JhOGE3YWRm
OTYyYWZlYjc5ZTE1ZTYwMGM2MDdhYmI0YmMxZDQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt09ClP7ggcfA3uDw5q6kjxKnxOmPeJUmKhWHxAeTPf+Zn
Mwt7ETJsuMkUxXrXiXlaF7SDeqhVuBBLrcBSU7OrCG3Z4360wuayj72dpEM/020G
SRGh8zglpr9Ey4LIemoqqEhdbczAgOzBdGGzeH9g/briQPXh7zADAGNgZNI9oPLp
XDytXXKV3K62NtWJ3U0nK1PPmC6l6QvnUEIidYkWMkDqIW88kZt4V55kGqShETfo
O5DmisHl9f5gqfUd5Z/3wTm4uaIzqTcHgXykGHdJ5sB34jUYpRG5zPej8g9yphch
afchV7Do58cIUbm65ba+rB7CncyorqLV7uoJcffZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOK5ecQvlTLCU7moaefHLWl9N4MgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4ZjI4ZWVkLWQ3NGUtNDU3Ny04MWJjLWYxMjRkYjcxZjEyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXP3AAwDQYJKoZIhvcNAQELBQADggEBAF7xVY8Lqk8j7CzOrE4qe7V1kMSb
A4sI4NoGSPsONHjoTLyGuSQcf3PZvnNfQRFrYWYEmCEheKOgZ7gdH9P1YAsnQYgT
/BD18kXntGgX8ShCv0CglO6TL/WRkoq5Tcl/49m+JZ/VgStpglqoBK4zvxZecz2n
J/18E5KrMWoEkg9ZcaXmqLa4dqbL4M1pTSxvtKcEuxC59AWCNGmP7uIak7rVmWXi
34UHoB9a6NLtJBYMKeXE87ApfrnzEKSCJStRKvStSUB5f8jYCmB6JiFcBbCwd4MN
ZTFg0uRexaRG5iVJk6Usd4Xj2bLC35Aj88xOW8fqv4uMZbVQsoQcGPMZM2M=
-----END CERTIFICATE-----