Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b6c6596-e683-48b2-971c-a1b65eced38d.roa
File:                     6b6c6596-e683-48b2-971c-a1b65eced38d.roa (raw, json)
Hash identifier:          njzHLK1RWHMlRWbaXxdTOzEUHCxoCZvl5VvvaRDUr4M=
Subject key identifier:   79:1E:98:06:5D:08:C2:4D:A0:4A:73:A8:73:8B:63:35:F3:B1:C2:26
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       129398CCCBC4957E29BB647F98CDD34B30108A07
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b6c6596-e683-48b2-971c-a1b65eced38d.roa
Signing time:             Tue 20 May 2025 00:51:17 +0000
ROA not before:           Tue 20 May 2025 00:51:17 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.127.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Wed 28 May 2025 15:38:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:93:98:cc:cb:c4:95:7e:29:bb:64:7f:98:cd:d3:4b:30:10:8a:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 20 00:51:17 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=d7caa8f50cd4879b9d73e5b08977c14f78790a3bb15cc022ae67eb1954a4ace4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:23:53:97:71:6d:2f:08:10:f1:e5:1e:10:d9:
                    ad:05:8b:b2:64:d7:c4:b5:eb:7c:f7:d9:15:a0:25:
                    f3:b3:04:ee:73:4d:f6:b1:f1:7f:fc:64:00:da:c6:
                    5a:e9:35:74:33:af:aa:56:9d:94:4a:7e:6e:ca:5a:
                    71:6a:13:42:49:4f:0f:b3:ce:02:09:5c:d0:54:9f:
                    09:d7:d5:89:65:b7:3b:99:e4:56:82:3a:00:7f:e3:
                    b5:77:84:1b:9d:56:1d:2b:01:12:b7:95:bc:1c:ae:
                    67:5e:d2:c2:5b:64:1e:b6:94:6f:e4:ec:9a:e8:d5:
                    7a:c5:a9:17:ef:37:fe:2e:c4:32:02:8f:ef:e5:ce:
                    83:c1:7f:4e:09:0c:2b:51:1e:21:0a:ff:2e:46:fe:
                    d5:cf:6e:62:de:3e:1a:83:c6:65:0b:44:bf:aa:ae:
                    0a:8b:4f:e5:9c:53:66:c5:95:0b:9e:92:f5:54:f2:
                    0a:10:ae:15:c2:4e:74:3b:a7:fb:76:d6:10:39:bd:
                    5b:ba:7e:3e:bd:a7:b1:ca:86:1c:6a:d6:cc:69:ad:
                    0f:2c:37:bf:34:c3:01:b8:b2:1a:32:f1:1a:1b:ed:
                    9d:21:9c:5f:08:2c:0d:5c:fe:de:d2:4a:a8:8c:18:
                    c1:af:71:55:b4:06:7b:0c:47:bd:f3:4e:6a:16:52:
                    05:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:1E:98:06:5D:08:C2:4D:A0:4A:73:A8:73:8B:63:35:F3:B1:C2:26
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b6c6596-e683-48b2-971c-a1b65eced38d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.127.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         64:0f:ef:da:f8:cc:67:9a:23:45:ca:75:77:9d:d7:b7:64:18:
         bf:aa:12:94:f5:eb:cb:91:10:45:d2:ab:23:43:69:08:83:e2:
         34:e3:e3:9a:62:67:8c:46:24:34:73:60:d0:03:44:cf:14:c6:
         08:3c:82:28:6d:cb:f2:73:87:77:44:3a:06:2c:f7:0f:e9:da:
         40:31:d8:2b:4d:32:ce:ed:af:db:f2:3a:9d:32:ac:dc:ba:13:
         5e:d6:2e:69:aa:a3:54:d8:9e:42:53:92:7f:77:c0:5e:6b:f7:
         1a:f6:9f:28:f6:fc:e7:cb:90:c4:ed:05:55:44:7f:15:a2:8a:
         b4:fd:1e:46:ee:20:79:c4:21:3d:74:3f:9b:bf:b8:99:59:d8:
         12:09:a4:83:e9:92:c3:a4:f1:a1:9a:62:87:44:8d:d4:d6:38:
         55:72:4b:c2:87:90:db:a5:fc:0c:f5:6c:36:8d:d4:53:d8:24:
         86:6b:34:5b:68:71:de:ff:a1:ad:9e:aa:78:0a:da:05:67:1d:
         f0:5d:12:97:8b:08:2c:c4:3a:7d:27:bb:71:64:86:41:d5:4d:
         48:3f:22:32:ac:d2:38:66:32:64:94:e9:72:7b:ff:7e:98:0e:
         26:7b:7b:01:e4:c5:3b:99:80:b7:0d:27:40:0a:f5:e7:af:9c:
         b8:ee:6c:b4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEpOYzMvElX4pu2R/mM3TSzAQigcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTIwMDA1MTE3WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkN2NhYThmNTBjZDQ4NzliOWQ3M2U1YjA4OTc3YzE0Zjc4
NzkwYTNiYjE1Y2MwMjJhZTY3ZWIxOTU0YTRhY2U0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPI1OXcW0vCBDx5R4Q2a0Fi7Jk18S163z32RWgJfOzBO5z
Tfax8X/8ZADaxlrpNXQzr6pWnZRKfm7KWnFqE0JJTw+zzgIJXNBUnwnX1YlltzuZ
5FaCOgB/47V3hBudVh0rARK3lbwcrmde0sJbZB62lG/k7Jro1XrFqRfvN/4uxDIC
j+/lzoPBf04JDCtRHiEK/y5G/tXPbmLePhqDxmULRL+qrgqLT+WcU2bFlQuekvVU
8goQrhXCTnQ7p/t21hA5vVu6fj69p7HKhhxq1sxprQ8sN780wwG4shoy8Rob7Z0h
nF8ILA1c/t7SSqiMGMGvcVW0BnsMR73zTmoWUgXZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUeR6YBl0Iwk2gSnOoc4tjNfOxwiYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZiNmM2NTk2LWU2ODMtNDhiMi05NzFjLWExYjY1ZWNlZDM4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4fzANBgkqhkiG9w0BAQsFAAOCAQEAZA/v2vjMZ5ojRcp1d53Xt2QYv6oS
lPXry5EQRdKrI0NpCIPiNOPjmmJnjEYkNHNg0ANEzxTGCDyCKG3L8nOHd0Q6Biz3
D+naQDHYK00yzu2v2/I6nTKs3LoTXtYuaaqjVNieQlOSf3fAXmv3GvafKPb858uQ
xO0FVUR/FaKKtP0eRu4gecQhPXQ/m7+4mVnYEgmkg+mSw6TxoZpih0SN1NY4VXJL
woeQ26X8DPVsNo3UU9gkhms0W2hx3v+hrZ6qeAraBWcd8F0Sl4sILMQ6fSe7cWSG
QdVNSD8iMqzSOGYyZJTpcnv/fpgOJnt7AeTFO5mAtw0nQAr156+cuO5stA==
-----END CERTIFICATE-----