Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/537b8dc8-3815-4714-a1ce-1684ba2d6f3e.roa
File:                     537b8dc8-3815-4714-a1ce-1684ba2d6f3e.roa (raw, json)
Hash identifier:          5/LUtdOs4jo5d0xml8YzFC7GZM+2bXR5yGyprg6OEU0=
Subject key identifier:   6F:2C:E0:90:9D:A3:31:83:8E:45:4D:D1:74:53:11:19:14:D9:52:3A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       33321B8AECBC8F7483E849EC57801B8D1662633A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/537b8dc8-3815-4714-a1ce-1684ba2d6f3e.roa
Signing time:             Mon 17 Jun 2024 00:00:00 +0000
ROA not before:           Mon 17 Jun 2024 00:00:00 +0000
ROA not after:            Mon 22 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        35.33.136.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jun 2024 15:13:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:32:1b:8a:ec:bc:8f:74:83:e8:49:ec:57:80:1b:8d:16:62:63:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 17 00:00:00 2024 GMT
            Not After : Jul 22 23:59:59 2024 GMT
        Subject: serialNumber=7b0ef937263ef8482bd6b2a7b330984665e95f05b085a1e44eaaadb818a44d77, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:41:85:62:82:ac:9c:2b:d0:b5:e6:f2:3e:82:
                    6b:20:fd:bd:59:a4:23:41:58:e0:7e:29:d1:c9:38:
                    b9:76:8b:99:95:9b:23:06:3a:6a:f2:32:aa:67:ce:
                    16:09:b2:a2:e0:18:73:e2:34:86:75:bf:2e:14:5f:
                    00:0e:61:d3:9b:ae:73:42:c9:45:54:a8:1c:ff:d6:
                    b2:a7:fe:fd:fa:8f:83:c4:10:e9:2a:a4:28:f4:49:
                    0e:2b:fd:66:b5:a8:ed:9b:98:61:b3:c8:4c:86:1d:
                    82:ee:e4:f6:53:69:fe:0d:a9:69:a3:99:5d:5b:00:
                    6e:99:85:af:54:12:9e:b5:3b:ac:19:b2:da:bf:46:
                    a5:28:64:3d:0c:25:6c:14:3d:9c:05:fd:42:d1:c2:
                    ce:a4:ea:6c:c9:c0:cc:0d:02:03:ef:15:18:80:03:
                    ea:4b:b3:96:2c:8c:1c:5c:22:4f:21:e4:19:68:fe:
                    4b:b3:85:55:e1:ce:2a:85:10:43:60:e3:1f:25:df:
                    9e:90:1b:b4:8b:20:e6:2c:41:cd:9e:7e:c6:42:6d:
                    c2:8d:15:02:08:d3:ab:25:bd:e9:cd:a8:79:de:ff:
                    cf:0e:72:ca:20:0f:f0:2d:dd:e5:80:55:a2:25:ee:
                    09:80:92:cd:f1:4a:22:2f:35:82:92:24:17:61:2d:
                    f4:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:2C:E0:90:9D:A3:31:83:8E:45:4D:D1:74:53:11:19:14:D9:52:3A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/537b8dc8-3815-4714-a1ce-1684ba2d6f3e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.33.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2f:0c:f7:03:09:2e:8c:71:1d:59:1e:38:e5:3f:fd:6f:cd:09:
         e8:4e:8f:53:3a:d2:94:f9:31:f4:9c:b8:49:a4:6f:08:fe:8c:
         b5:8f:88:c3:5c:be:23:3d:41:32:23:50:bb:65:13:27:62:90:
         f2:a5:d7:ec:56:c0:30:de:bb:86:bd:b4:5b:f8:7c:1c:e3:61:
         0f:b1:a8:0b:43:95:f6:7c:07:c4:27:a8:dd:14:7e:9f:5e:09:
         c1:9d:05:39:78:1d:31:58:4b:e0:28:a6:d3:fa:23:ad:dc:f7:
         36:69:86:10:29:c3:3c:b3:38:fe:3b:8f:47:80:12:76:48:83:
         ef:d1:28:80:61:7b:68:87:8d:39:8e:23:cf:88:49:ed:72:2d:
         44:ea:77:8a:7c:85:a9:9e:e7:88:d1:7b:16:2c:c2:d2:d9:63:
         b8:1d:fa:3b:1e:9e:70:52:55:38:41:14:57:f1:53:f3:e1:8a:
         81:53:85:6f:8c:ba:ab:d9:d8:69:b5:c6:98:6d:e4:ef:b5:99:
         5c:6c:4b:f6:77:48:28:2e:5a:b8:cc:26:9d:3d:40:3c:1e:6d:
         b5:c1:3c:de:8b:03:35:e8:e8:1d:35:c3:cb:ab:53:f7:cf:1c:
         81:54:80:2e:52:33:c3:a9:a4:84:12:a9:ca:be:68:73:44:de:
         c2:c0:a3:c3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMzIbiuy8j3SD6EnsV4AbjRZiYzowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwNjE3MDAwMDAwWhcNMjQwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YjBlZjkzNzI2M2VmODQ4MmJkNmIyYTdiMzMwOTg0NjY1
ZTk1ZjA1YjA4NWExZTQ0ZWFhYWRiODE4YTQ0ZDc3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYQYVigqycK9C15vI+gmsg/b1ZpCNBWOB+KdHJOLl2i5mV
myMGOmryMqpnzhYJsqLgGHPiNIZ1vy4UXwAOYdObrnNCyUVUqBz/1rKn/v36j4PE
EOkqpCj0SQ4r/Wa1qO2bmGGzyEyGHYLu5PZTaf4NqWmjmV1bAG6Zha9UEp61O6wZ
stq/RqUoZD0MJWwUPZwF/ULRws6k6mzJwMwNAgPvFRiAA+pLs5YsjBxcIk8h5Blo
/kuzhVXhziqFEENg4x8l356QG7SLIOYsQc2efsZCbcKNFQII06slvenNqHne/88O
csogD/At3eWAVaIl7gmAks3xSiIvNYKSJBdhLfRRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbyzgkJ2jMYOORU3RdFMRGRTZUjowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUzN2I4ZGM4LTM4MTUtNDcxNC1hMWNlLTE2ODRiYTJkNmYzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMjIYgwDQYJKoZIhvcNAQELBQADggEBAC8M9wMJLoxxHVkeOOU//W/NCehO
j1M60pT5MfScuEmkbwj+jLWPiMNcviM9QTIjULtlEydikPKl1+xWwDDeu4a9tFv4
fBzjYQ+xqAtDlfZ8B8QnqN0Ufp9eCcGdBTl4HTFYS+AoptP6I63c9zZphhApwzyz
OP47j0eAEnZIg+/RKIBhe2iHjTmOI8+ISe1yLUTqd4p8hame54jRexYswtLZY7gd
+jsennBSVThBFFfxU/PhioFThW+MuqvZ2Gm1xpht5O+1mVxsS/Z3SCguWrjMJp09
QDwebbXBPN6LAzXo6B01w8urU/fPHIFUgC5SM8OppIQSqcq+aHNE3sLAo8M=
-----END CERTIFICATE-----