Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/84074914-b4bd-48d5-a487-56c8675f0d5a.roa
File:                     84074914-b4bd-48d5-a487-56c8675f0d5a.roa (raw, json)
Hash identifier:          N59UR/n1VPb3aT+l+rQFIZ+N0DWG1FU7tclNROiQKhg=
Subject key identifier:   AF:8D:3C:56:EC:FD:0C:CF:17:51:01:A0:27:FF:E9:F8:5C:CB:82:CD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       40726879D07F0F6C295975DF71288C2546DA3248
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/84074914-b4bd-48d5-a487-56c8675f0d5a.roa
Signing time:             Fri 11 Oct 2024 00:00:00 +0000
ROA not before:           Fri 11 Oct 2024 00:00:00 +0000
ROA not after:            Fri 15 Nov 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        206.215.16.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Thu 24 Oct 2024 15:11:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:72:68:79:d0:7f:0f:6c:29:59:75:df:71:28:8c:25:46:da:32:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 11 00:00:00 2024 GMT
            Not After : Nov 15 23:59:59 2024 GMT
        Subject: serialNumber=a23393dd899bb60f1cbe73e4aee7e1785ca0d6d69ae178bf7e1c0f72001c3055, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:eb:57:40:d8:d6:59:c6:72:5f:35:72:89:a5:
                    0d:3e:41:28:2a:04:0f:90:f9:f0:bc:ff:8b:7c:58:
                    a2:8c:34:21:98:bf:db:da:3a:40:e9:de:f5:1a:8a:
                    f7:3e:dd:85:08:78:2d:fe:14:a0:5e:8e:24:e7:15:
                    92:65:71:40:9a:c8:3e:52:d4:31:90:b0:c7:9f:a5:
                    0b:1e:98:92:64:94:fb:41:99:60:67:a8:f5:2f:3b:
                    4e:ae:da:44:0f:7d:71:18:b7:aa:ad:21:ca:e4:0c:
                    86:29:60:47:44:5b:b2:11:22:18:4b:34:aa:4a:49:
                    4b:3d:de:84:f8:fe:a3:0b:38:86:a3:bc:11:c7:d8:
                    60:93:5c:7d:1d:66:34:5c:eb:2d:50:14:26:66:0a:
                    6a:d5:f8:03:26:44:67:f5:a5:be:38:ee:50:ac:fd:
                    ad:ce:ca:5c:75:91:b2:41:b2:67:27:23:43:3e:b8:
                    5d:7c:70:7d:96:3c:cf:91:c9:c4:ce:57:4f:89:49:
                    43:bb:75:05:c2:45:61:18:60:16:2e:8f:84:4e:26:
                    09:02:ab:40:6a:8e:f4:a1:d1:d2:a8:ff:0c:8a:2d:
                    0f:29:80:5f:fa:c4:bf:ca:0a:5e:db:69:96:2b:47:
                    fc:d4:96:73:4c:31:a3:40:86:95:e9:24:fe:f9:69:
                    ff:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:8D:3C:56:EC:FD:0C:CF:17:51:01:A0:27:FF:E9:F8:5C:CB:82:CD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/84074914-b4bd-48d5-a487-56c8675f0d5a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.215.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         26:79:45:c8:f1:97:ee:e3:13:cd:c3:cf:95:af:54:12:8c:f5:
         71:4c:8c:3d:6c:8e:67:8a:02:dc:1f:a9:16:54:36:29:50:ac:
         79:0f:24:eb:59:b2:ab:6e:3b:99:84:9a:3c:2f:08:f6:a8:80:
         df:a3:d3:86:1a:b1:84:66:0a:c1:6f:de:c5:5f:95:bd:dd:a4:
         a9:d0:7e:38:d8:c6:39:6b:e3:b0:35:03:75:62:86:b8:7b:14:
         98:5e:53:08:a8:8c:d3:07:4b:d7:77:85:07:d8:a4:62:76:f7:
         f1:9f:5b:e2:d3:ff:a8:1a:1e:c9:8d:ef:02:1e:3d:d8:39:22:
         92:c0:b7:55:2f:ab:a8:48:36:f2:40:9f:f1:13:e1:f3:56:2e:
         4d:81:fc:e0:8c:03:84:da:b7:95:3a:3e:07:43:f0:40:77:7b:
         e8:fe:f1:8b:1a:17:37:33:96:ea:e3:f9:f4:2f:eb:e4:b9:1d:
         b3:5b:e0:aa:d0:58:1b:c3:f0:11:4a:3c:24:db:d0:d1:ea:c6:
         bf:38:b8:c2:d9:c3:4c:59:4f:c0:9c:11:23:dc:2a:62:38:56:
         d5:7d:1b:7b:99:09:42:fa:1a:71:c2:4a:f9:69:d5:71:0a:58:
         e7:2b:1a:19:dd:2a:27:48:43:b8:cb:8d:e8:e5:4b:6a:c6:d4:
         b9:8d:03:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQHJoedB/D2wpWXXfcSiMJUbaMkgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDExMDAwMDAwWhcNMjQxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMjMzOTNkZDg5OWJiNjBmMWNiZTczZTRhZWU3ZTE3ODVj
YTBkNmQ2OWFlMTc4YmY3ZTFjMGY3MjAwMWMzMDU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt61dA2NZZxnJfNXKJpQ0+QSgqBA+Q+fC8/4t8WKKMNCGY
v9vaOkDp3vUaivc+3YUIeC3+FKBejiTnFZJlcUCayD5S1DGQsMefpQsemJJklPtB
mWBnqPUvO06u2kQPfXEYt6qtIcrkDIYpYEdEW7IRIhhLNKpKSUs93oT4/qMLOIaj
vBHH2GCTXH0dZjRc6y1QFCZmCmrV+AMmRGf1pb447lCs/a3Oylx1kbJBsmcnI0M+
uF18cH2WPM+RycTOV0+JSUO7dQXCRWEYYBYuj4ROJgkCq0BqjvSh0dKo/wyKLQ8p
gF/6xL/KCl7baZYrR/zUlnNMMaNAhpXpJP75af9nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUr408Vuz9DM8XUQGgJ//p+FzLgs0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg0MDc0OTE0LWI0YmQtNDhkNS1hNDg3LTU2Yzg2NzVmMGQ1YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATO1xAwDQYJKoZIhvcNAQELBQADggEBACZ5Rcjxl+7jE83Dz5WvVBKM9XFM
jD1sjmeKAtwfqRZUNilQrHkPJOtZsqtuO5mEmjwvCPaogN+j04YasYRmCsFv3sVf
lb3dpKnQfjjYxjlr47A1A3Vihrh7FJheUwiojNMHS9d3hQfYpGJ29/GfW+LT/6ga
HsmN7wIePdg5IpLAt1Uvq6hINvJAn/ET4fNWLk2B/OCMA4Tat5U6PgdD8EB3e+j+
8YsaFzczlurj+fQv6+S5HbNb4KrQWBvD8BFKPCTb0NHqxr84uMLZw0xZT8CcESPc
KmI4VtV9G3uZCUL6GnHCSvlp1XEKWOcrGhndKidIQ7jLjejlS2rG1LmNAxw=
-----END CERTIFICATE-----