Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b9f9064-3f46-4e5b-8937-d4ea055fc447.roa
File:                     9b9f9064-3f46-4e5b-8937-d4ea055fc447.roa (raw, json)
Hash identifier:          Iuq6kQJhkCNWmgY9sltlPyDTf0dc7baBj7p3v1mAHFo=
Subject key identifier:   DD:E2:2A:5D:9B:FE:54:19:EC:74:83:D1:AE:D3:1E:0C:2D:B1:B2:9F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7C792931B5BA727F51EB810314157AE32865FB00
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b9f9064-3f46-4e5b-8937-d4ea055fc447.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        68.158.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Tue 14 Jan 2025 23:23:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:79:29:31:b5:ba:72:7f:51:eb:81:03:14:15:7a:e3:28:65:fb:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:40:46:96:f8:5f:ef:e8:bc:46:e1:98:14:c8:
                    8e:c6:8c:df:5d:3a:94:a8:73:ff:0a:e7:3e:f1:36:
                    8f:4d:be:44:43:b4:a9:ef:90:78:04:26:7c:cd:7a:
                    99:41:df:83:39:40:f9:6a:d7:63:e6:95:cd:79:e5:
                    b7:b8:f5:0d:c2:9c:d4:b5:74:c1:de:c1:25:3d:8e:
                    db:a3:a7:c0:cd:02:23:79:b1:4b:57:a2:dc:84:f5:
                    17:d7:19:35:49:fd:dd:b5:71:e9:4a:36:e7:b8:82:
                    de:82:9d:91:55:14:99:ee:45:1a:33:a0:49:e2:39:
                    4a:3c:9f:ae:9b:c8:e0:c4:25:75:e7:76:ec:96:86:
                    45:bc:68:c4:9f:57:7d:31:78:fe:9d:ea:fb:ff:82:
                    22:d6:04:8d:d0:46:26:72:a4:d0:52:a4:d7:0e:97:
                    12:69:ed:55:65:1f:2f:a5:0c:36:50:a4:3d:6d:b2:
                    dc:25:7a:b6:8f:75:74:b1:26:d5:09:a0:9e:0c:08:
                    2e:11:a1:73:3b:25:8e:c6:00:fb:57:01:4f:cf:96:
                    70:78:0b:e7:1b:87:3b:28:79:c3:62:09:b2:9b:e5:
                    56:ce:27:67:a3:46:ff:22:df:b9:3e:0c:e8:c4:ec:
                    47:0f:fc:26:00:cf:cd:03:97:f1:d1:9c:46:6f:1f:
                    11:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:E2:2A:5D:9B:FE:54:19:EC:74:83:D1:AE:D3:1E:0C:2D:B1:B2:9F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b9f9064-3f46-4e5b-8937-d4ea055fc447.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  68.158.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c6:7a:5a:fc:b6:17:ba:c2:c8:fc:67:6e:99:ca:b9:b6:e2:f4:
         94:6a:42:74:f2:6c:96:85:6c:07:1e:93:78:bd:c6:c8:92:91:
         f2:ef:78:86:e3:5b:61:c5:a9:58:31:7c:b2:62:17:ad:ed:cb:
         54:3c:5d:cf:7e:26:43:82:aa:2e:ac:5e:47:41:04:26:dd:c3:
         dd:f6:b8:75:2e:89:c1:d8:e1:8e:67:f5:e2:c6:93:63:27:96:
         3b:85:49:ef:83:22:25:4d:c2:91:26:24:b6:35:a9:4d:ba:16:
         2b:82:5f:f6:55:e7:28:42:52:dd:8d:80:73:a3:3e:39:ac:2f:
         03:80:67:14:2c:2e:a1:af:0a:37:d3:50:78:15:fb:91:36:42:
         ba:4b:a4:ac:6d:54:98:0a:f1:44:bd:69:ac:5b:bd:39:81:d3:
         e8:e3:af:33:f0:a8:44:80:85:eb:e9:ca:06:9a:bf:26:b2:65:
         18:bf:71:d2:1e:35:68:0c:33:20:3a:9e:f9:91:06:d9:71:ef:
         5f:a9:39:ab:96:cd:0b:5e:37:3e:59:25:39:71:0a:9d:81:07:
         cd:76:34:ef:eb:91:0e:bc:12:c2:e3:78:05:29:f0:81:1f:33:
         44:3b:e5:3b:b6:28:d7:d2:74:93:54:ad:ea:14:b1:0e:30:61:
         7b:84:11:74
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfHkpMbW6cn9R64EDFBV64yhl+wAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNDNiZTZjZmFkNDQzZjIzZjlmZTRkMWE0MjYxMjAyNTIy
MGYwMzVmMzdiYTY3YThjZmE2NDFmMzBiMzBjYTRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuQEaW+F/v6LxG4ZgUyI7GjN9dOpSoc/8K5z7xNo9NvkRD
tKnvkHgEJnzNeplB34M5QPlq12Pmlc155be49Q3CnNS1dMHewSU9jtujp8DNAiN5
sUtXotyE9RfXGTVJ/d21celKNue4gt6CnZFVFJnuRRozoEniOUo8n66byODEJXXn
duyWhkW8aMSfV30xeP6d6vv/giLWBI3QRiZypNBSpNcOlxJp7VVlHy+lDDZQpD1t
stwleraPdXSxJtUJoJ4MCC4RoXM7JY7GAPtXAU/PlnB4C+cbhzsoecNiCbKb5VbO
J2ejRv8i37k+DOjE7EcP/CYAz80Dl/HRnEZvHxEjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3eIqXZv+VBnsdIPRrtMeDC2xsp8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzliOWY5MDY0LTNmNDYtNGU1Yi04OTM3LWQ0ZWEwNTVmYzQ0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBEnjANBgkqhkiG9w0BAQsFAAOCAQEAxnpa/LYXusLI/Gdumcq5tuL0lGpC
dPJsloVsBx6TeL3GyJKR8u94huNbYcWpWDF8smIXre3LVDxdz34mQ4KqLqxeR0EE
Jt3D3fa4dS6Jwdjhjmf14saTYyeWO4VJ74MiJU3CkSYktjWpTboWK4Jf9lXnKEJS
3Y2Ac6M+OawvA4BnFCwuoa8KN9NQeBX7kTZCukukrG1UmArxRL1prFu9OYHT6OOv
M/CoRICF6+nKBpq/JrJlGL9x0h41aAwzIDqe+ZEG2XHvX6k5q5bNC143PlklOXEK
nYEHzXY07+uRDrwSwuN4BSnwgR8zRDvlO7Yo19J0k1St6hSxDjBhe4QRdA==
-----END CERTIFICATE-----