Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d77a508-9671-46e0-b20b-19feac6a3c69.roa
File:                     5d77a508-9671-46e0-b20b-19feac6a3c69.roa (raw, json)
Hash identifier:          v/qSOOHoqiWOEuQLAfmVS8He2ot+H0rx5RVih1DcEtY=
Subject key identifier:   C7:55:83:32:1D:C7:0C:81:F6:8D:DF:53:10:44:86:5C:0E:57:8D:9D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       02C4EA0944DDD3F4A1FDBAE922286B911BB67385
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d77a508-9671-46e0-b20b-19feac6a3c69.roa
Signing time:             Fri 11 Oct 2024 00:00:00 +0000
ROA not before:           Fri 11 Oct 2024 00:00:00 +0000
ROA not after:            Fri 15 Nov 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        206.215.16.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Thu 24 Oct 2024 15:11:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:c4:ea:09:44:dd:d3:f4:a1:fd:ba:e9:22:28:6b:91:1b:b6:73:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 11 00:00:00 2024 GMT
            Not After : Nov 15 23:59:59 2024 GMT
        Subject: serialNumber=8acccba7bf3169187a902eb05f80f48647386ca18b646afe37bac43ef3d62ad9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a4:16:e1:1c:9f:16:8e:99:94:04:55:c8:99:
                    14:c8:fe:40:ea:14:25:c1:c6:ec:b9:da:00:bf:f4:
                    af:c5:98:94:3a:e7:c7:91:b5:93:43:f9:bd:d0:09:
                    0e:30:89:8f:86:a3:cc:d0:49:18:8c:93:e8:a7:11:
                    b6:67:f1:28:2e:58:a2:b8:9b:2b:c9:e6:6b:83:e2:
                    c4:d3:56:6b:46:41:62:34:66:9e:6f:d1:9f:20:af:
                    07:a0:64:f1:81:cd:37:67:12:77:84:54:4b:82:42:
                    8b:92:41:cb:fe:b6:7f:b8:da:7f:19:ab:53:da:57:
                    74:81:90:02:5e:cd:e5:38:c0:fe:70:80:9e:24:28:
                    3c:95:c4:73:29:53:f2:d6:ba:61:43:c7:53:38:94:
                    d9:3f:6a:73:d7:42:ea:f5:7f:f0:10:5e:ba:0d:71:
                    36:94:0b:b0:a8:67:e2:8f:b5:c6:4f:8f:ca:de:01:
                    ac:85:b2:3e:c8:bd:bb:6b:55:21:a7:e0:3e:20:1c:
                    ff:1c:40:8a:28:ed:e3:5e:fd:bf:a4:12:ff:d3:e1:
                    22:2d:67:1d:be:59:a4:7d:85:9c:ef:0c:b2:da:3a:
                    47:eb:01:95:66:72:7e:74:84:72:04:4b:2a:91:a1:
                    62:88:81:fa:c6:ce:19:a6:05:f5:83:f9:cd:66:b3:
                    1b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:55:83:32:1D:C7:0C:81:F6:8D:DF:53:10:44:86:5C:0E:57:8D:9D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d77a508-9671-46e0-b20b-19feac6a3c69.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.215.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         25:7c:0e:c0:61:b8:27:eb:1d:16:e0:d4:5e:5b:33:7e:bd:c2:
         df:0e:43:2b:e6:f7:de:61:0b:59:3f:9e:16:67:51:a5:22:66:
         49:b3:32:de:42:ca:01:2d:b1:30:0a:92:95:0f:4b:08:72:86:
         46:70:51:3f:27:8d:fe:7c:df:6a:a4:4f:77:8f:17:e6:9b:a1:
         2b:4e:21:94:14:53:58:f8:b9:3f:a3:85:6e:c6:ff:aa:1a:ad:
         1c:48:e1:54:34:62:ba:9d:f2:6d:0b:10:07:94:9f:18:91:55:
         74:8b:86:f9:57:18:da:41:aa:d8:4d:1f:53:a1:da:6a:dd:bc:
         17:a4:b6:60:81:d5:90:60:a6:42:d9:6b:ea:e6:2e:15:1e:ab:
         f7:86:f9:3a:b4:34:5e:b6:5c:98:5c:f5:42:e4:fc:ee:b0:21:
         dd:9c:05:ab:e1:fb:21:73:13:7b:52:26:03:93:cd:ff:9a:13:
         d4:3b:dd:0f:e7:84:b0:bd:8b:97:50:01:b6:d8:89:19:24:db:
         22:62:c4:6e:af:a2:6b:d3:48:3d:28:73:89:c1:44:a7:2f:c6:
         86:17:30:75:f2:28:0a:8a:e8:4f:73:9b:42:18:3c:6f:65:33:
         3a:15:86:f1:18:6c:6b:40:6f:86:18:63:69:70:94:64:62:72:
         2c:1d:52:c7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAsTqCUTd0/Sh/brpIihrkRu2c4UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDExMDAwMDAwWhcNMjQxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YWNjY2JhN2JmMzE2OTE4N2E5MDJlYjA1ZjgwZjQ4NjQ3
Mzg2Y2ExOGI2NDZhZmUzN2JhYzQzZWYzZDYyYWQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPpBbhHJ8WjpmUBFXImRTI/kDqFCXBxuy52gC/9K/FmJQ6
58eRtZND+b3QCQ4wiY+Go8zQSRiMk+inEbZn8SguWKK4myvJ5muD4sTTVmtGQWI0
Zp5v0Z8grwegZPGBzTdnEneEVEuCQouSQcv+tn+42n8Zq1PaV3SBkAJezeU4wP5w
gJ4kKDyVxHMpU/LWumFDx1M4lNk/anPXQur1f/AQXroNcTaUC7CoZ+KPtcZPj8re
AayFsj7IvbtrVSGn4D4gHP8cQIoo7eNe/b+kEv/T4SItZx2+WaR9hZzvDLLaOkfr
AZVmcn50hHIESyqRoWKIgfrGzhmmBfWD+c1msxulAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUx1WDMh3HDIH2jd9TEESGXA5XjZ0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVkNzdhNTA4LTk2NzEtNDZlMC1iMjBiLTE5ZmVhYzZhM2M2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATO1xAwDQYJKoZIhvcNAQELBQADggEBACV8DsBhuCfrHRbg1F5bM369wt8O
Qyvm995hC1k/nhZnUaUiZkmzMt5CygEtsTAKkpUPSwhyhkZwUT8njf5832qkT3eP
F+aboStOIZQUU1j4uT+jhW7G/6oarRxI4VQ0Yrqd8m0LEAeUnxiRVXSLhvlXGNpB
qthNH1Oh2mrdvBektmCB1ZBgpkLZa+rmLhUeq/eG+Tq0NF62XJhc9ULk/O6wId2c
Bavh+yFzE3tSJgOTzf+aE9Q73Q/nhLC9i5dQAbbYiRkk2yJixG6vomvTSD0oc4nB
RKcvxoYXMHXyKAqK6E9zm0IYPG9lMzoVhvEYbGtAb4YYY2lwlGRiciwdUsc=
-----END CERTIFICATE-----