Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d760005-a046-4104-8fb2-0de8201ca677.roa
File:                     9d760005-a046-4104-8fb2-0de8201ca677.roa (raw, json)
Hash identifier:          eJpqAx9cuedS0Qvuvj+CJolvB6uodFtZ91Nirig7wfs=
Subject key identifier:   1B:24:70:8D:1A:42:FF:DE:3F:55:BD:92:AA:5D:9B:8C:09:40:F4:C3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4E896FC0A9514DFF18C4514EB9C3187725589BCE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d760005-a046-4104-8fb2-0de8201ca677.roa
Signing time:             Thu 22 May 2025 01:07:14 +0000
ROA not before:           Thu 22 May 2025 01:07:14 +0000
ROA not after:            Thu 26 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fb9:1000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:23:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:89:6f:c0:a9:51:4d:ff:18:c4:51:4e:b9:c3:18:77:25:58:9b:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 22 01:07:14 2025 GMT
            Not After : Jun 26 23:59:59 2025 GMT
        Subject: serialNumber=7fa0d7be7295013ae7b82027746c8e3c01eeb1c34947641f2c6ff325e25372af, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:19:d9:9c:88:cc:7d:72:2b:e4:2f:54:ac:36:
                    49:e9:69:3e:9d:10:7c:09:f2:e7:a7:e5:34:d2:1f:
                    ed:0a:c6:ee:3b:b3:8d:dc:05:66:fc:1f:67:be:1f:
                    e7:81:dd:21:24:04:a0:70:38:f8:40:cf:0a:6c:a9:
                    e7:31:3c:1f:35:df:8f:3b:ef:a7:29:ed:6e:87:4c:
                    a3:17:f5:d3:48:05:23:fa:35:c5:7b:31:0d:c4:d0:
                    07:ee:36:1c:af:00:96:97:31:99:f4:c5:75:34:3f:
                    f8:30:8f:f9:e6:ae:04:93:0a:de:fb:ec:05:40:92:
                    7c:cf:1a:c2:c4:88:83:d0:f6:b7:26:0c:29:93:ae:
                    31:de:aa:2c:a1:57:a6:1b:f3:2a:ba:bc:f1:cf:6c:
                    18:4c:92:5f:4e:3c:2a:d3:0b:9a:75:e5:69:c7:fa:
                    e2:ba:71:d9:74:fd:ac:a1:d7:48:37:09:6b:8d:d5:
                    80:83:dd:b3:d3:de:46:c9:86:69:53:1e:d8:d6:3b:
                    8e:8d:eb:2a:31:28:7a:1e:d9:08:c0:7e:6b:9f:43:
                    06:4d:fa:47:c8:a9:bf:19:29:ff:0c:ef:61:92:f9:
                    dc:ca:fa:1f:54:04:c9:f8:d1:d9:51:e5:cf:10:55:
                    62:ed:05:81:69:43:02:cf:f2:60:4c:6a:23:66:c9:
                    43:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:24:70:8D:1A:42:FF:DE:3F:55:BD:92:AA:5D:9B:8C:09:40:F4:C3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d760005-a046-4104-8fb2-0de8201ca677.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb9:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         33:8a:c2:ee:46:a5:e5:5e:0b:55:0c:1c:f2:bf:0e:92:9a:65:
         3c:e8:72:17:a6:41:89:fc:a5:c9:85:f4:d3:7a:1a:e0:5b:7a:
         37:f0:ad:e1:22:a0:ac:64:39:9f:17:77:47:dc:70:22:a3:31:
         27:0f:d8:f5:22:46:d3:cd:b8:9f:bb:14:72:b0:ab:e2:3b:f2:
         bb:69:89:bf:33:ac:9c:d8:72:08:56:e3:69:cc:8c:93:8d:16:
         d1:3f:a4:6f:de:89:33:a3:86:07:5e:5f:bc:9a:10:eb:67:d9:
         9c:60:6f:06:e6:ae:02:7d:a8:b0:61:ec:ff:d3:76:22:1b:bb:
         3a:82:b2:5c:ec:b9:45:6e:fb:b3:67:82:cf:7e:24:4d:d2:97:
         a3:7f:9e:55:e2:b9:ec:41:f4:46:54:59:fa:cd:1a:bd:b0:f6:
         8f:ab:b2:a7:e6:aa:c9:81:e4:ab:07:42:34:8c:4c:12:52:cb:
         78:ad:10:9e:76:fe:a2:6c:96:79:5e:e2:ac:dd:5b:e4:7c:d3:
         9a:df:47:2e:57:4a:f5:08:ba:a5:c8:d7:6f:81:e9:82:df:1f:
         1f:0b:25:76:19:0d:a9:b8:d0:da:f0:47:e4:3a:3b:bf:fa:17:
         eb:2f:36:36:38:0c:aa:f5:34:1e:f9:8f:80:be:c9:8f:1c:36:
         df:d3:5b:21
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTolvwKlRTf8YxFFOucMYdyVYm84wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTIyMDEwNzE0WhcNMjUwNjI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZmEwZDdiZTcyOTUwMTNhZTdiODIwMjc3NDZjOGUzYzAx
ZWViMWMzNDk0NzY0MWYyYzZmZjMyNWUyNTM3MmFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcGdmciMx9civkL1SsNknpaT6dEHwJ8uen5TTSH+0Kxu47
s43cBWb8H2e+H+eB3SEkBKBwOPhAzwpsqecxPB81348776cp7W6HTKMX9dNIBSP6
NcV7MQ3E0AfuNhyvAJaXMZn0xXU0P/gwj/nmrgSTCt777AVAknzPGsLEiIPQ9rcm
DCmTrjHeqiyhV6Yb8yq6vPHPbBhMkl9OPCrTC5p15WnH+uK6cdl0/ayh10g3CWuN
1YCD3bPT3kbJhmlTHtjWO46N6yoxKHoe2QjAfmufQwZN+kfIqb8ZKf8M72GS+dzK
+h9UBMn40dlR5c8QVWLtBYFpQwLP8mBMaiNmyUPDAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUGyRwjRpC/94/Vb2Sql2bjAlA9MMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlkNzYwMDA1LWEwNDYtNDEwNC04ZmIyLTBkZTgyMDFjYTY3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+5EDANBgkqhkiG9w0BAQsFAAOCAQEAM4rC7kal5V4LVQwc8r8Okppl
POhyF6ZBifylyYX003oa4Ft6N/Ct4SKgrGQ5nxd3R9xwIqMxJw/Y9SJG0824n7sU
crCr4jvyu2mJvzOsnNhyCFbjacyMk40W0T+kb96JM6OGB15fvJoQ62fZnGBvBuau
An2osGHs/9N2Ihu7OoKyXOy5RW77s2eCz34kTdKXo3+eVeK57EH0RlRZ+s0avbD2
j6uyp+aqyYHkqwdCNIxMElLLeK0Qnnb+omyWeV7irN1b5HzTmt9HLldK9Qi6pcjX
b4Hpgt8fHwsldhkNqbjQ2vBH5Do7v/oX6y82NjgMqvU0HvmPgL7Jjxw239NbIQ==
-----END CERTIFICATE-----