Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b81ab28-6990-4dd4-aa24-282d25b24854.roa
File:                     4b81ab28-6990-4dd4-aa24-282d25b24854.roa (raw, json)
Hash identifier:          X5So6+rXD4oyv8xzftUQGa3LzHqDzli2WEpKLtA7mvo=
Subject key identifier:   29:77:A6:7E:BE:A2:75:A5:CF:37:C9:81:9D:D7:F3:57:EE:34:51:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       77B09B40A04868F2AECABC8B64294F67D8BEFF4B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b81ab28-6990-4dd4-aa24-282d25b24854.roa
Signing time:             Fri 11 Oct 2024 00:00:00 +0000
ROA not before:           Fri 11 Oct 2024 00:00:00 +0000
ROA not after:            Fri 15 Nov 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        209.110.0.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Thu 24 Oct 2024 15:11:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:b0:9b:40:a0:48:68:f2:ae:ca:bc:8b:64:29:4f:67:d8:be:ff:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 11 00:00:00 2024 GMT
            Not After : Nov 15 23:59:59 2024 GMT
        Subject: serialNumber=4df1fea0a9b1a0ad76226250841a0a5c9c7b6fcb19910c56ade73b765c7eab6d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:a3:55:95:60:2d:6b:c1:6a:54:1c:8a:d7:f5:
                    38:4a:24:b3:8a:69:c4:50:a8:e1:52:94:0e:a4:b8:
                    90:7f:bd:49:43:3f:2d:b1:53:4c:b9:a9:59:ed:5a:
                    b7:13:ac:d3:c5:20:63:10:f2:cb:26:ff:9b:74:2f:
                    05:1d:f7:9a:da:db:7d:8a:9c:e4:0d:e0:95:88:b7:
                    7b:25:80:1f:a3:ba:3a:f4:ed:de:79:64:1d:89:e0:
                    ea:e4:83:37:1c:eb:f6:5a:62:ff:0e:a9:1a:2d:7b:
                    a7:1f:88:f6:61:34:5f:e1:89:cb:30:87:f8:44:5a:
                    68:67:ec:30:7e:eb:d5:15:94:33:3c:4f:5f:38:a8:
                    a3:c7:26:76:6a:f2:af:1a:fe:7e:43:a3:e8:ff:54:
                    dd:f2:b4:80:5b:60:5f:87:72:72:a5:01:9e:01:f8:
                    d5:fb:22:5b:e8:97:86:15:18:f5:c3:e3:99:0d:6b:
                    1b:cc:06:bf:00:78:f0:b8:e8:dd:8c:71:4f:0b:21:
                    e4:b3:f0:9e:fe:dc:b4:9d:0d:69:fb:5e:3e:24:9c:
                    cb:3a:73:95:84:0e:e8:70:ba:81:2d:a0:1b:be:36:
                    ee:76:6a:0f:cd:df:74:3c:3a:c6:83:37:5d:f0:9a:
                    a0:ad:59:b4:4b:94:1c:2c:de:21:85:9c:e4:5e:35:
                    30:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:77:A6:7E:BE:A2:75:A5:CF:37:C9:81:9D:D7:F3:57:EE:34:51:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b81ab28-6990-4dd4-aa24-282d25b24854.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.110.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         5b:49:72:39:ab:8a:11:5a:fe:fa:14:b9:d8:de:41:7a:7b:1c:
         a1:4f:1e:0a:9b:3c:75:8c:3d:6c:22:f0:09:30:cb:51:bc:ef:
         ea:ab:4a:fb:ca:12:b7:ce:9a:18:70:56:e2:c0:df:59:bd:86:
         fa:eb:60:23:58:8f:ae:5f:e9:b3:5e:ca:b7:b5:71:73:53:53:
         07:83:e0:a2:20:8d:02:40:ec:4c:ca:dd:18:32:28:34:bb:8b:
         8c:90:bb:b1:cc:2b:94:e4:f2:69:b9:4b:37:4d:09:51:b5:b5:
         ec:75:0a:6b:5c:98:54:cf:09:b5:e6:dc:26:25:b4:d9:ca:71:
         68:f3:7c:0b:e1:33:6e:43:9b:7e:14:8d:da:61:8b:c9:4f:d8:
         cc:d8:4f:4e:2c:c4:3b:1d:6d:0f:11:05:ec:5f:e0:ed:e5:03:
         5a:06:c6:b7:88:51:98:83:53:6f:f1:dc:46:52:ff:7a:4b:82:
         ce:fb:32:4e:5f:10:f5:d8:54:c0:42:dd:9d:19:6d:1a:6f:86:
         8b:f0:a9:a2:71:95:c2:37:68:2a:95:51:96:e5:37:bf:e6:a8:
         5c:be:33:a8:ff:b9:b1:5b:43:4d:fa:d0:65:46:19:c4:fd:37:
         a8:98:2a:a0:b3:e3:ea:c8:15:28:92:09:f2:99:5c:14:f3:2d:
         d2:6e:b0:cd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd7CbQKBIaPKuyryLZClPZ9i+/0swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDExMDAwMDAwWhcNMjQxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZGYxZmVhMGE5YjFhMGFkNzYyMjYyNTA4NDFhMGE1Yzlj
N2I2ZmNiMTk5MTBjNTZhZGU3M2I3NjVjN2VhYjZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNo1WVYC1rwWpUHIrX9ThKJLOKacRQqOFSlA6kuJB/vUlD
Py2xU0y5qVntWrcTrNPFIGMQ8ssm/5t0LwUd95ra232KnOQN4JWIt3slgB+jujr0
7d55ZB2J4Orkgzcc6/ZaYv8OqRote6cfiPZhNF/hicswh/hEWmhn7DB+69UVlDM8
T184qKPHJnZq8q8a/n5Do+j/VN3ytIBbYF+HcnKlAZ4B+NX7Ilvol4YVGPXD45kN
axvMBr8AePC46N2McU8LIeSz8J7+3LSdDWn7Xj4knMs6c5WEDuhwuoEtoBu+Nu52
ag/N33Q8OsaDN13wmqCtWbRLlBws3iGFnOReNTBjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKXemfr6idaXPN8mBndfzV+40UcYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRiODFhYjI4LTY5OTAtNGRkNC1hYTI0LTI4MmQyNWIyNDg1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATRbgAwDQYJKoZIhvcNAQELBQADggEBAFtJcjmrihFa/voUudjeQXp7HKFP
HgqbPHWMPWwi8Akwy1G87+qrSvvKErfOmhhwVuLA31m9hvrrYCNYj65f6bNeyre1
cXNTUweD4KIgjQJA7EzK3RgyKDS7i4yQu7HMK5Tk8mm5SzdNCVG1tex1CmtcmFTP
CbXm3CYltNnKcWjzfAvhM25Dm34Ujdphi8lP2MzYT04sxDsdbQ8RBexf4O3lA1oG
xreIUZiDU2/x3EZS/3pLgs77Mk5fEPXYVMBC3Z0ZbRpvhovwqaJxlcI3aCqVUZbl
N7/mqFy+M6j/ubFbQ0360GVGGcT9N6iYKqCz4+rIFSiSCfKZXBTzLdJusM0=
-----END CERTIFICATE-----