Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88e1678a-5d09-40b0-82b9-b3d33bf8b8e4.roa
File:                     88e1678a-5d09-40b0-82b9-b3d33bf8b8e4.roa (raw, json)
Hash identifier:          oZMjvptoMRGSe6GSXBpm8qGrtqyAwi2emjOjFZM16Is=
Subject key identifier:   60:9C:2B:52:96:A3:23:1D:F1:16:13:6C:1B:48:84:02:A3:B1:53:59
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4DB5B8C7E3C1FFDBF7E20CB4D947B255C97BDFC5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88e1678a-5d09-40b0-82b9-b3d33bf8b8e4.roa
Signing time:             Fri 11 Oct 2024 00:00:00 +0000
ROA not before:           Fri 11 Oct 2024 00:00:00 +0000
ROA not after:            Fri 15 Nov 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        207.95.192.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Thu 24 Oct 2024 15:11:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:b5:b8:c7:e3:c1:ff:db:f7:e2:0c:b4:d9:47:b2:55:c9:7b:df:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 11 00:00:00 2024 GMT
            Not After : Nov 15 23:59:59 2024 GMT
        Subject: serialNumber=eaa970021f10761ad98d9a0e7029495d597fa8217c1782bd091535b1334cd5dc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:a1:8a:45:55:1a:f8:ea:4d:0c:ed:1e:e5:59:
                    79:fb:1b:21:f3:fe:20:a9:63:a0:58:aa:ac:03:94:
                    63:88:f8:38:75:2a:0d:5b:bf:eb:71:ad:c7:24:0a:
                    89:86:8f:f5:af:66:5d:88:2e:24:1b:af:77:d2:a5:
                    7f:24:6c:3c:b3:e5:68:b3:c2:c2:f3:ce:31:a8:90:
                    d8:f2:2d:8b:12:4d:f2:0d:20:f3:19:43:4d:10:9f:
                    77:5b:6c:fe:1f:00:b1:0a:d8:85:c4:48:e9:e5:16:
                    ce:d5:11:b4:93:18:d5:37:f0:62:8c:a4:55:34:b8:
                    6f:98:e1:51:00:4d:3d:9f:3a:b2:46:f3:9f:1a:ef:
                    98:7e:5c:f3:b0:81:af:5b:54:38:38:62:90:1e:05:
                    d7:48:ec:cd:28:de:f7:b0:ae:b4:9e:67:8d:13:91:
                    d1:17:a4:8d:cb:54:d7:cb:41:c8:2e:08:6e:16:91:
                    20:19:36:66:98:5b:15:dd:a7:a1:81:e1:97:7b:7c:
                    82:d5:b0:c2:d7:1b:9a:87:19:19:5c:1b:e7:51:e5:
                    82:36:9f:9b:51:81:0c:9d:9b:eb:39:6e:53:7e:8e:
                    7f:6e:2f:6d:89:1f:3b:2f:ad:1b:af:05:43:13:52:
                    7c:54:24:ed:de:ba:e3:d1:13:25:eb:a8:67:27:1d:
                    09:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:9C:2B:52:96:A3:23:1D:F1:16:13:6C:1B:48:84:02:A3:B1:53:59
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88e1678a-5d09-40b0-82b9-b3d33bf8b8e4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.95.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         28:3f:40:01:ca:e7:51:bd:29:42:bb:4d:58:ae:d7:d3:7f:49:
         f2:52:3e:98:04:78:1a:ca:e6:e4:93:eb:7e:26:d9:bd:bb:38:
         9f:a2:94:9e:1c:85:8f:d3:39:ba:b2:0f:ea:aa:3c:e9:1b:b4:
         ef:79:a0:86:25:40:6f:ef:26:01:ee:b4:12:d3:78:3f:35:02:
         a8:1e:64:35:cc:95:fb:fb:a2:38:98:4b:67:7e:34:b1:9a:b7:
         b2:35:d7:f3:87:25:a9:f7:5f:f0:a1:84:96:01:7d:9e:49:cc:
         10:3f:bb:8d:7a:30:e3:8c:59:32:e5:9e:d6:fd:93:db:89:05:
         51:36:04:03:78:a7:dc:50:13:5a:d7:28:2c:13:5f:7f:e2:fd:
         ec:af:39:68:a3:cb:37:40:3c:58:41:f6:41:0e:fd:28:e7:22:
         7d:31:56:1b:4a:63:6d:db:e9:11:01:41:66:e8:ad:dd:0b:60:
         00:26:10:dd:52:27:0d:7f:24:3b:6e:91:b8:75:9c:05:50:1c:
         8b:cc:8e:d4:83:c6:da:70:3e:1c:01:76:59:f2:46:6c:92:47:
         99:b7:96:9b:4a:e8:2c:bc:83:19:e8:99:b7:f4:d0:c1:f2:17:
         8b:c1:c5:90:e1:cb:5a:03:89:e3:19:da:82:ff:09:73:1b:83:
         f3:95:4c:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTbW4x+PB/9v34gy02UeyVcl738UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDExMDAwMDAwWhcNMjQxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYWE5NzAwMjFmMTA3NjFhZDk4ZDlhMGU3MDI5NDk1ZDU5
N2ZhODIxN2MxNzgyYmQwOTE1MzViMTMzNGNkNWRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKoYpFVRr46k0M7R7lWXn7GyHz/iCpY6BYqqwDlGOI+Dh1
Kg1bv+txrcckComGj/WvZl2ILiQbr3fSpX8kbDyz5WizwsLzzjGokNjyLYsSTfIN
IPMZQ00Qn3dbbP4fALEK2IXESOnlFs7VEbSTGNU38GKMpFU0uG+Y4VEATT2fOrJG
858a75h+XPOwga9bVDg4YpAeBddI7M0o3vewrrSeZ40TkdEXpI3LVNfLQcguCG4W
kSAZNmaYWxXdp6GB4Zd7fILVsMLXG5qHGRlcG+dR5YI2n5tRgQydm+s5blN+jn9u
L22JHzsvrRuvBUMTUnxUJO3euuPREyXrqGcnHQmhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYJwrUpajIx3xFhNsG0iEAqOxU1kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4ZTE2NzhhLTVkMDktNDBiMC04MmI5LWIzZDMzYmY4YjhlNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXPX8AwDQYJKoZIhvcNAQELBQADggEBACg/QAHK51G9KUK7TViu19N/SfJS
PpgEeBrK5uST634m2b27OJ+ilJ4chY/TObqyD+qqPOkbtO95oIYlQG/vJgHutBLT
eD81AqgeZDXMlfv7ojiYS2d+NLGat7I11/OHJan3X/ChhJYBfZ5JzBA/u416MOOM
WTLlntb9k9uJBVE2BAN4p9xQE1rXKCwTX3/i/eyvOWijyzdAPFhB9kEO/SjnIn0x
VhtKY23b6REBQWbord0LYAAmEN1SJw1/JDtukbh1nAVQHIvMjtSDxtpwPhwBdlny
RmySR5m3lptK6Cy8gxnombf00MHyF4vBxZDhy1oDieMZ2oL/CXMbg/OVTGQ=
-----END CERTIFICATE-----