Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4401cca8-5964-48b1-b1b5-2ab2021ddf02.roa
File:                     4401cca8-5964-48b1-b1b5-2ab2021ddf02.roa (raw, json)
Hash identifier:          1m8uuJo5V5rPP4kV0fJoYChr2QsrnRd9SXghx5QJj7A=
Subject key identifier:   FD:6B:46:14:94:EF:E2:3A:A6:10:2C:15:0E:8A:65:BD:ED:0E:EB:36
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1649D21F84B2F9AEFBC64144A029FF9BA0E088DE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4401cca8-5964-48b1-b1b5-2ab2021ddf02.roa
Signing time:             Sat 12 Jul 2025 00:10:28 +0000
ROA not before:           Sat 12 Jul 2025 00:10:28 +0000
ROA not after:            Sat 16 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.240.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Mon 14 Jul 2025 14:07:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:49:d2:1f:84:b2:f9:ae:fb:c6:41:44:a0:29:ff:9b:a0:e0:88:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 12 00:10:28 2025 GMT
            Not After : Aug 16 23:59:59 2025 GMT
        Subject: serialNumber=efc4998a62cb15a6c1ba5f4b6efe8c9dd0a37fa34fffbf59671775942ec543c4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3f:2c:00:be:43:fe:23:2f:5c:a7:90:21:45:
                    fd:d4:f0:8e:22:83:a3:e1:a9:fb:c4:22:38:9a:ab:
                    72:0b:f1:03:9b:b8:a3:eb:a4:cf:7e:63:31:1b:b0:
                    0e:68:24:b4:93:fa:f4:58:3f:26:1c:ba:c3:45:ae:
                    6b:43:8a:34:aa:8c:e2:bd:33:1b:13:8f:e0:8b:1a:
                    59:95:d0:74:9d:d0:1b:45:35:98:8d:c2:4c:0d:5d:
                    b5:65:30:a9:e1:f2:13:a8:dd:be:59:94:16:00:2c:
                    a6:f7:3a:82:0a:04:0e:0f:a3:40:b3:a6:e9:c3:e4:
                    90:25:72:90:63:eb:2b:dc:c6:33:86:b5:f2:f0:4f:
                    b0:de:e8:a7:fa:bf:20:29:e6:1d:8c:d4:80:b4:38:
                    64:a1:bf:2a:79:f7:ed:e7:3b:9a:c9:aa:e3:11:5c:
                    e1:35:08:e6:f9:90:30:af:e7:89:bf:7d:ef:e0:e0:
                    5c:1c:e8:a6:01:f2:3f:88:b0:fe:2a:0f:56:5c:53:
                    4d:19:0a:4b:1a:a8:28:a8:11:17:ff:0f:20:70:93:
                    7c:18:88:8d:21:fe:02:48:77:b2:23:18:86:21:02:
                    78:a3:b6:0a:8a:29:6b:50:3b:70:76:cb:e5:5d:08:
                    07:f6:71:6c:b5:6a:f9:f8:c5:17:3e:81:6c:1b:ca:
                    09:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:6B:46:14:94:EF:E2:3A:A6:10:2C:15:0E:8A:65:BD:ED:0E:EB:36
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4401cca8-5964-48b1-b1b5-2ab2021ddf02.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.240.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         78:47:46:c4:53:72:63:c6:9a:73:b6:cc:1b:58:bb:5a:1f:e4:
         b4:32:17:59:3e:f6:9c:6f:a1:e9:76:3d:d9:e6:6b:5b:4d:d3:
         d7:8d:3a:96:4d:6c:47:dc:36:41:42:a8:92:17:cc:de:43:89:
         8f:67:52:19:04:b2:83:db:d6:97:8e:92:f8:d5:55:53:4a:e6:
         ba:13:1f:11:89:56:84:2d:45:3b:39:f6:b6:f0:e4:f2:a3:f2:
         9e:bc:f6:f1:f1:3e:59:c3:0d:4a:2e:ae:d1:b7:0c:ee:e1:e3:
         ed:8c:a8:56:92:03:67:72:4a:2a:70:af:c3:84:fe:cb:be:c6:
         78:56:e8:9e:ba:fa:2c:fd:3c:ec:3b:1f:45:61:8b:13:35:86:
         f4:ff:80:65:89:59:e8:62:2c:87:8e:b8:a5:78:23:a3:0f:fa:
         74:a3:d9:4a:eb:33:a7:83:23:bb:f9:b7:20:e3:e1:0d:af:f2:
         7d:c0:3a:04:bf:18:26:e1:08:fe:91:e4:79:ec:4e:c8:1d:95:
         22:84:d2:30:83:05:3e:82:e9:2e:e7:14:0b:18:8a:e1:bc:90:
         56:ae:79:7a:ba:99:9e:9d:2d:47:19:b9:aa:31:6c:9d:04:54:
         42:15:97:db:bf:b0:ba:74:41:b2:08:7f:2d:88:42:72:d3:77:
         dc:e9:73:8e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFknSH4Sy+a77xkFEoCn/m6DgiN4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzEyMDAxMDI4WhcNMjUwODE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZmM0OTk4YTYyY2IxNWE2YzFiYTVmNGI2ZWZlOGM5ZGQw
YTM3ZmEzNGZmZmJmNTk2NzE3NzU5NDJlYzU0M2M0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjPywAvkP+Iy9cp5AhRf3U8I4ig6PhqfvEIjiaq3IL8QOb
uKPrpM9+YzEbsA5oJLST+vRYPyYcusNFrmtDijSqjOK9MxsTj+CLGlmV0HSd0BtF
NZiNwkwNXbVlMKnh8hOo3b5ZlBYALKb3OoIKBA4Po0CzpunD5JAlcpBj6yvcxjOG
tfLwT7De6Kf6vyAp5h2M1IC0OGShvyp59+3nO5rJquMRXOE1COb5kDCv54m/fe/g
4Fwc6KYB8j+IsP4qD1ZcU00ZCksaqCioERf/DyBwk3wYiI0h/gJId7IjGIYhAnij
tgqKKWtQO3B2y+VdCAf2cWy1avn4xRc+gWwbygkhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU/WtGFJTv4jqmECwVDoplve0O6zYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ0MDFjY2E4LTU5NjQtNDhiMS1iMWI1LTJhYjIwMjFkZGYwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAP8DANBgkqhkiG9w0BAQsFAAOCAQEAeEdGxFNyY8aac7bMG1i7Wh/ktDIX
WT72nG+h6XY92eZrW03T1406lk1sR9w2QUKokhfM3kOJj2dSGQSyg9vWl46S+NVV
U0rmuhMfEYlWhC1FOzn2tvDk8qPynrz28fE+WcMNSi6u0bcM7uHj7YyoVpIDZ3JK
KnCvw4T+y77GeFbonrr6LP087DsfRWGLEzWG9P+AZYlZ6GIsh464pXgjow/6dKPZ
Suszp4Mju/m3IOPhDa/yfcA6BL8YJuEI/pHkeexOyB2VIoTSMIMFPoLpLucUCxiK
4byQVq55erqZnp0tRxm5qjFsnQRUQhWX27+wunRBsgh/LYhCctN33Olzjg==
-----END CERTIFICATE-----