Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ac78a6c-d4e9-41a2-a8a0-2c70e836558d.roa
File:                     7ac78a6c-d4e9-41a2-a8a0-2c70e836558d.roa (raw, json)
Hash identifier:          ugGZ6dObccF44+6Z/PQ4Orzy0tQaq7CyLbG7cAM7ZO8=
Subject key identifier:   7E:3C:92:5D:82:69:5C:70:B9:9C:80:1C:86:4D:29:D1:0F:B3:89:60
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7F96395854BF3F479F58DF8FB8EEF06AB6896768
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ac78a6c-d4e9-41a2-a8a0-2c70e836558d.roa
Signing time:             Mon 30 Jun 2025 15:10:29 +0000
ROA not before:           Mon 30 Jun 2025 15:10:29 +0000
ROA not after:            Mon 04 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.70.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Mon 14 Jul 2025 18:07:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:96:39:58:54:bf:3f:47:9f:58:df:8f:b8:ee:f0:6a:b6:89:67:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 30 15:10:29 2025 GMT
            Not After : Aug  4 23:59:59 2025 GMT
        Subject: serialNumber=780c57267a0050a6e04f68c085286588bd6f1429b58b09e4d47a710ca7fe3cbc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:4a:26:1d:06:3f:2f:ed:60:29:c5:2f:e1:df:
                    55:50:70:c4:1c:28:07:d3:cf:3e:58:d3:59:23:63:
                    52:c3:85:94:8b:31:36:2a:7c:84:01:e7:15:95:31:
                    e0:67:a2:20:fd:71:74:44:6b:2a:cf:f9:94:88:5b:
                    2c:65:a4:b8:a1:36:c3:4a:12:02:1f:39:73:76:6c:
                    47:c1:70:00:bc:fa:d9:6a:79:d5:2d:f3:5e:91:75:
                    ac:fb:43:75:2f:42:e2:91:80:03:f8:a4:1c:9b:ef:
                    a3:7a:4c:60:16:5b:d5:44:92:88:68:53:b1:73:1a:
                    fc:d6:f6:37:8c:06:22:bd:30:68:4b:97:e0:8d:bf:
                    c9:76:fc:74:06:c0:80:0d:47:cc:e2:21:13:f8:70:
                    a0:45:2f:af:24:c4:32:b7:ee:79:fe:21:d5:79:0d:
                    00:e2:4c:d5:aa:b2:fa:08:6a:14:8c:e6:6b:74:1d:
                    21:0e:5e:a6:0f:43:76:e5:97:48:24:8e:c0:10:3f:
                    a8:13:dc:86:94:db:d1:7c:22:af:72:fc:40:d8:d9:
                    f8:5a:ae:0f:5a:38:d6:f7:bf:6e:91:7a:c1:46:41:
                    85:11:45:9e:1b:bb:05:7d:e5:9b:eb:5d:72:c7:f5:
                    24:a9:6a:cc:49:39:c2:99:a5:5a:fa:c2:b5:dd:a5:
                    26:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:3C:92:5D:82:69:5C:70:B9:9C:80:1C:86:4D:29:D1:0F:B3:89:60
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ac78a6c-d4e9-41a2-a8a0-2c70e836558d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.70.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         82:2d:07:d8:ce:68:d1:a6:8b:96:18:b5:3f:b1:2a:c5:0b:81:
         61:9c:5d:7a:c2:f7:f3:74:1a:97:60:bd:65:de:10:4e:aa:72:
         70:43:cb:cf:24:77:5e:48:5a:e3:97:37:11:59:db:df:8c:cc:
         5d:b7:e5:7a:a9:0a:f4:2b:9e:1c:60:f3:ad:cc:9a:35:f4:e3:
         8d:fd:04:40:2d:a2:4b:0f:3e:5a:f7:dd:f6:93:99:a5:05:dd:
         a5:91:0e:33:16:fb:a5:c7:cc:a0:5e:98:8f:1a:17:8e:1d:4a:
         aa:d6:50:f8:f1:e0:8b:ed:cc:52:94:fe:cb:26:39:93:bf:42:
         24:f7:e8:aa:72:60:13:4d:9d:23:03:76:f0:74:8e:9c:0a:93:
         4f:4d:04:84:da:ca:65:ef:51:9b:ef:27:0b:f7:33:a5:e4:45:
         9b:b6:2e:9c:8d:e2:c6:c7:f4:3d:3e:6a:ca:00:ac:08:cc:86:
         1d:94:c7:75:9a:82:7b:55:74:5d:57:50:4d:fb:f9:ca:00:ff:
         f5:29:2b:4c:c1:10:27:62:81:34:0c:c6:e2:09:a7:e4:8c:5b:
         8f:09:6b:b2:31:ea:28:9c:6f:fc:bb:3b:e7:fa:8b:15:fb:07:
         f2:ac:e6:71:0b:5c:e6:15:fd:2b:f1:15:25:10:6d:2b:58:d9:
         cb:cf:08:51
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUf5Y5WFS/P0efWN+PuO7waraJZ2gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjMwMTUxMDI5WhcNMjUwODA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ODBjNTcyNjdhMDA1MGE2ZTA0ZjY4YzA4NTI4NjU4OGJk
NmYxNDI5YjU4YjA5ZTRkNDdhNzEwY2E3ZmUzY2JjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzSiYdBj8v7WApxS/h31VQcMQcKAfTzz5Y01kjY1LDhZSL
MTYqfIQB5xWVMeBnoiD9cXREayrP+ZSIWyxlpLihNsNKEgIfOXN2bEfBcAC8+tlq
edUt816Rdaz7Q3UvQuKRgAP4pByb76N6TGAWW9VEkohoU7FzGvzW9jeMBiK9MGhL
l+CNv8l2/HQGwIANR8ziIRP4cKBFL68kxDK37nn+IdV5DQDiTNWqsvoIahSM5mt0
HSEOXqYPQ3bll0gkjsAQP6gT3IaU29F8Iq9y/EDY2fharg9aONb3v26ResFGQYUR
RZ4buwV95ZvrXXLH9SSpasxJOcKZpVr6wrXdpSaHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfjySXYJpXHC5nIAchk0p0Q+ziWAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdhYzc4YTZjLWQ0ZTktNDFhMi1hOGEwLTJjNzBlODM2NTU4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4RjANBgkqhkiG9w0BAQsFAAOCAQEAgi0H2M5o0aaLlhi1P7EqxQuBYZxd
esL383Qal2C9Zd4QTqpycEPLzyR3Xkha45c3EVnb34zMXbfleqkK9CueHGDzrcya
NfTjjf0EQC2iSw8+Wvfd9pOZpQXdpZEOMxb7pcfMoF6YjxoXjh1KqtZQ+PHgi+3M
UpT+yyY5k79CJPfoqnJgE02dIwN28HSOnAqTT00EhNrKZe9Rm+8nC/czpeRFm7Yu
nI3ixsf0PT5qygCsCMyGHZTHdZqCe1V0XVdQTfv5ygD/9SkrTMEQJ2KBNAzG4gmn
5IxbjwlrsjHqKJxv/Ls75/qLFfsH8qzmcQtc5hX9K/EVJRBtK1jZy88IUQ==
-----END CERTIFICATE-----