Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/907c1477-ed7a-4c00-a9b3-48ab045038dc.roa
File:                     907c1477-ed7a-4c00-a9b3-48ab045038dc.roa (raw, json)
Hash identifier:          BfWpsAeh0YdyB95nnS66Z3+3gLeKLcn3nS7E1yDc4zY=
Subject key identifier:   96:72:B0:A5:11:98:28:79:8C:A6:77:4D:AF:67:A8:5D:A8:52:C5:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3EB81839B8B922A09B7953D01DDEBC569DDE70D1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/907c1477-ed7a-4c00-a9b3-48ab045038dc.roa
Signing time:             Wed 15 Jan 2025 00:00:00 +0000
ROA not before:           Wed 15 Jan 2025 00:00:00 +0000
ROA not after:            Wed 19 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        143.227.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Wed 15 Jan 2025 10:26:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:b8:18:39:b8:b9:22:a0:9b:79:53:d0:1d:de:bc:56:9d:de:70:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 15 00:00:00 2025 GMT
            Not After : Feb 19 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:5e:61:88:1f:19:c7:3d:c1:38:c7:86:a6:10:
                    6d:61:a5:02:e6:53:9d:43:7b:c1:7d:c0:b2:62:2a:
                    53:93:73:04:e5:7f:a9:4a:db:66:ce:6c:53:ba:de:
                    e6:2c:35:6d:bd:41:64:b5:53:d7:44:92:b4:a8:8a:
                    d3:10:e7:f9:55:73:e1:22:74:7b:f9:a3:09:66:49:
                    15:31:3a:50:51:85:40:67:e7:36:2c:25:93:cb:5a:
                    64:54:41:04:de:ee:e0:03:a0:aa:28:e6:0c:1a:41:
                    f9:88:75:61:ca:7e:2b:c1:78:9d:5f:ab:3d:51:86:
                    b6:bc:e1:06:b9:e0:60:0d:b2:6e:20:bf:20:d5:f8:
                    95:12:78:0b:c0:9c:ce:eb:a5:fc:4e:ec:0b:9f:35:
                    ea:d0:c6:f5:3d:d4:26:a0:35:d2:69:71:cb:dd:b9:
                    bc:74:eb:2b:18:a7:f1:3d:8e:90:49:90:e3:28:69:
                    24:10:0a:64:41:79:b3:26:3f:9c:d6:c1:17:36:bd:
                    9b:96:4f:45:0f:23:df:e9:c2:42:42:b7:78:34:c8:
                    ed:a5:bc:e1:2b:50:fc:ef:69:b3:bb:67:32:77:da:
                    29:ab:7c:d1:a2:e0:41:2b:c1:ab:4a:0e:03:47:62:
                    b6:78:35:ed:2b:2c:57:0f:0e:ff:38:da:26:23:40:
                    c2:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:72:B0:A5:11:98:28:79:8C:A6:77:4D:AF:67:A8:5D:A8:52:C5:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/907c1477-ed7a-4c00-a9b3-48ab045038dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.227.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5f:bb:80:ae:2a:59:ca:ef:ec:cb:8d:b6:12:25:7c:87:a9:6d:
         b1:d6:16:60:37:18:46:12:9e:8e:93:e5:09:44:28:ad:06:98:
         91:85:8d:0d:5d:44:a3:5a:7c:70:a6:c4:46:12:5d:c1:f0:2a:
         94:8c:66:5d:0b:76:54:cc:d3:41:d9:21:f3:42:74:c0:48:6c:
         5e:97:f3:e8:06:0e:8c:10:c1:11:43:55:02:b6:7b:ca:46:1e:
         c2:17:13:1a:ce:03:a6:8b:e9:38:4a:73:a1:c7:84:d9:f7:2a:
         bd:e0:79:e9:ed:23:9e:16:09:43:21:68:2f:d0:eb:de:7e:b8:
         25:e1:fe:bc:0e:0d:92:07:91:3e:ac:82:65:53:4b:f2:b0:c8:
         6a:ad:3e:64:c3:84:d1:f6:ef:07:e6:ab:8e:06:eb:ba:f8:25:
         32:ff:5d:31:3c:4d:91:b6:68:cb:ec:6c:74:74:ef:df:e4:15:
         52:a5:e3:e3:14:9c:fd:43:0a:3d:d2:bf:29:3b:81:d0:84:b6:
         eb:9c:52:7e:51:1e:20:cf:33:cd:d7:6f:8e:fe:34:b5:f9:c8:
         94:92:73:88:81:83:ed:ea:1c:64:0b:57:43:8e:04:54:f6:0d:
         5e:f6:4c:40:67:0f:27:31:4c:af:93:45:3b:9b:71:5f:41:ed:
         d6:9f:ae:93
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPrgYObi5IqCbeVPQHd68Vp3ecNEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE1MDAwMDAwWhcNMjUwMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YjU4MjFkMWU2NjljMjE2ZjljOGU2ZWMxNTY0NjE0YWEw
OGQ0NzY3MmRlZjM0ZjEwYzI4ZmNiNDZiYzQ1ZWQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCGXmGIHxnHPcE4x4amEG1hpQLmU51De8F9wLJiKlOTcwTl
f6lK22bObFO63uYsNW29QWS1U9dEkrSoitMQ5/lVc+EidHv5owlmSRUxOlBRhUBn
5zYsJZPLWmRUQQTe7uADoKoo5gwaQfmIdWHKfivBeJ1fqz1Rhra84Qa54GANsm4g
vyDV+JUSeAvAnM7rpfxO7AufNerQxvU91CagNdJpccvdubx06ysYp/E9jpBJkOMo
aSQQCmRBebMmP5zWwRc2vZuWT0UPI9/pwkJCt3g0yO2lvOErUPzvabO7ZzJ32imr
fNGi4EErwatKDgNHYrZ4Ne0rLFcPDv842iYjQMKtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUlnKwpRGYKHmMpndNr2eoXahSxVEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkwN2MxNDc3LWVkN2EtNGMwMC1hOWIzLTQ4YWIwNDUwMzhkYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCP4zANBgkqhkiG9w0BAQsFAAOCAQEAX7uAripZyu/sy422EiV8h6ltsdYW
YDcYRhKejpPlCUQorQaYkYWNDV1Eo1p8cKbERhJdwfAqlIxmXQt2VMzTQdkh80J0
wEhsXpfz6AYOjBDBEUNVArZ7ykYewhcTGs4DpovpOEpzoceE2fcqveB56e0jnhYJ
QyFoL9Dr3n64JeH+vA4NkgeRPqyCZVNL8rDIaq0+ZMOE0fbvB+arjgbruvglMv9d
MTxNkbZoy+xsdHTv3+QVUqXj4xSc/UMKPdK/KTuB0IS265xSflEeIM8zzddvjv40
tfnIlJJziIGD7eocZAtXQ44EVPYNXvZMQGcPJzFMr5NFO5txX0Ht1p+ukw==
-----END CERTIFICATE-----