Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/677bd50d-35c1-4e1c-b9f6-79d6f5120607.roa
File:                     677bd50d-35c1-4e1c-b9f6-79d6f5120607.roa (raw, json)
Hash identifier:          joaKiwoEUjmjsH9PXripNbjHwtwDfFeVs3nosbGz7ik=
Subject key identifier:   5A:D1:AC:7B:81:F8:50:67:CB:4F:B7:54:3C:97:1D:1B:39:F5:EC:00
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       391C74F1B7EF76BE115A6D25563E823A23DEF0F5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/677bd50d-35c1-4e1c-b9f6-79d6f5120607.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.200.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Thu 16 Jan 2025 09:07:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:1c:74:f1:b7:ef:76:be:11:5a:6d:25:56:3e:82:3a:23:de:f0:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:50:5e:d0:4e:7c:34:6a:8b:87:95:6e:ea:10:
                    27:b5:97:0c:7b:c7:8c:2a:8f:c5:25:38:91:f6:b0:
                    43:25:e7:d7:5f:d8:39:b1:5e:45:a4:55:f1:61:ce:
                    66:e7:56:4d:e9:2e:d3:97:fc:50:77:b7:63:d6:0b:
                    27:79:e2:4c:b5:62:b0:80:fb:81:b2:66:6f:ae:01:
                    44:03:16:25:80:d0:20:76:d6:34:c1:85:71:22:9e:
                    93:27:71:49:b9:cf:c9:bf:15:10:ef:f4:f4:78:51:
                    87:36:31:61:90:5e:9f:f8:68:29:61:ee:f9:51:ad:
                    3e:2e:ef:51:2c:ef:5a:b4:2b:f6:50:cd:79:8c:81:
                    a6:8c:1e:f7:90:b7:be:ed:ad:63:e4:8a:74:3b:e3:
                    3a:a0:93:39:9a:63:c9:7f:93:a1:cf:ae:87:dc:72:
                    88:c8:99:01:1e:2a:22:9a:54:7c:bd:bb:8c:6d:2a:
                    48:f5:97:b0:f1:6c:ce:ca:26:8d:0c:7e:f8:b9:b0:
                    f0:c9:fb:a8:42:f9:70:9e:4b:66:a8:bc:89:bb:2a:
                    7e:83:c4:b2:38:52:5a:d4:f5:e5:48:e5:2a:39:3e:
                    c5:83:a5:70:a3:4c:47:21:72:8c:c9:c7:b6:b9:99:
                    0b:2d:99:4c:72:b3:4c:56:ed:d7:9d:8b:39:dc:f9:
                    c6:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:D1:AC:7B:81:F8:50:67:CB:4F:B7:54:3C:97:1D:1B:39:F5:EC:00
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/677bd50d-35c1-4e1c-b9f6-79d6f5120607.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.200.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2c:60:90:7f:e1:2b:b3:ac:65:cf:7b:56:17:34:6e:13:05:b3:
         01:b0:a7:8c:f4:3f:a0:3b:43:df:cb:81:e8:dd:eb:c1:c4:e5:
         68:2a:ad:db:54:41:dd:0a:98:94:23:1b:b5:d7:18:74:d1:1d:
         10:a4:e0:2c:45:14:cf:9b:bd:bc:17:e4:61:b9:fa:58:e4:a4:
         61:18:58:ea:76:e2:0e:57:d4:3a:05:ed:2f:ed:56:32:fe:8c:
         b3:d3:c3:f5:c5:7b:9c:82:13:f6:e8:a4:de:b2:da:a1:03:07:
         de:33:99:c9:75:93:8c:96:8f:c9:f4:18:9f:5a:47:25:4a:98:
         a7:bf:64:06:27:cf:98:fa:36:34:6a:e4:23:bc:30:c9:e5:c8:
         ec:51:8a:bb:38:84:17:53:56:db:7e:5a:13:23:0d:8c:3f:e6:
         e8:30:32:36:38:38:f2:0a:cb:8a:c4:de:51:c4:90:32:0e:8e:
         87:b8:35:b0:c2:d6:a5:1c:92:7a:fb:b1:5c:5f:f5:3b:4f:80:
         22:8f:66:c0:d6:e1:71:71:1c:90:be:95:b8:0c:09:79:0e:57:
         f0:8b:8e:6b:ac:5b:55:c5:0b:fd:13:08:b9:44:51:71:be:0f:
         a7:0f:2b:32:14:c2:a1:3f:e6:65:52:17:90:a6:eb:62:e0:18:
         90:08:08:38
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUORx08bfvdr4RWm0lVj6COiPe8PUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MmRhYTEwNTdiMWE0Mjg3MTA1MWQ5MThlZWUxYjM3OTc2
ZmI3N2UyODYyNTQ0YmVmMTFmZTI2Y2U3MGE0YjFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxUF7QTnw0aouHlW7qECe1lwx7x4wqj8UlOJH2sEMl59df
2DmxXkWkVfFhzmbnVk3pLtOX/FB3t2PWCyd54ky1YrCA+4GyZm+uAUQDFiWA0CB2
1jTBhXEinpMncUm5z8m/FRDv9PR4UYc2MWGQXp/4aClh7vlRrT4u71Es71q0K/ZQ
zXmMgaaMHveQt77trWPkinQ74zqgkzmaY8l/k6HProfccojImQEeKiKaVHy9u4xt
Kkj1l7DxbM7KJo0Mfvi5sPDJ+6hC+XCeS2aovIm7Kn6DxLI4UlrU9eVI5So5PsWD
pXCjTEchcozJx7a5mQstmUxys0xW7dediznc+cY3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWtGse4H4UGfLT7dUPJcdGzn17AAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY3N2JkNTBkLTM1YzEtNGUxYy1iOWY2LTc5ZDZmNTEyMDYwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4yDANBgkqhkiG9w0BAQsFAAOCAQEALGCQf+Ers6xlz3tWFzRuEwWzAbCn
jPQ/oDtD38uB6N3rwcTlaCqt21RB3QqYlCMbtdcYdNEdEKTgLEUUz5u9vBfkYbn6
WOSkYRhY6nbiDlfUOgXtL+1WMv6Ms9PD9cV7nIIT9uik3rLaoQMH3jOZyXWTjJaP
yfQYn1pHJUqYp79kBifPmPo2NGrkI7wwyeXI7FGKuziEF1NW235aEyMNjD/m6DAy
Njg48grLisTeUcSQMg6Oh7g1sMLWpRySevuxXF/1O0+AIo9mwNbhcXEckL6VuAwJ
eQ5X8IuOa6xbVcUL/RMIuURRcb4Ppw8rMhTCoT/mZVIXkKbrYuAYkAgIOA==
-----END CERTIFICATE-----