Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e31855d-83f9-4a6c-a51f-b006f05db89d.roa
File:                     9e31855d-83f9-4a6c-a51f-b006f05db89d.roa (raw, json)
Hash identifier:          j3RwSLWtpTCk7asIRVXu1zPNKvEdmVaMsRR5XsCjhiE=
Subject key identifier:   2F:5A:71:78:2B:84:19:8C:32:62:3D:BE:9A:62:3D:03:52:90:B8:49
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       59CBA61958479AF6CC6B973938A3B85E3948BDC9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e31855d-83f9-4a6c-a51f-b006f05db89d.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        40.193.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Mon 13 Jan 2025 22:23:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:cb:a6:19:58:47:9a:f6:cc:6b:97:39:38:a3:b8:5e:39:48:bd:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:81:48:4d:43:4a:62:07:38:55:1f:08:ae:2a:
                    3e:21:3c:b1:33:b9:f1:00:10:18:33:31:8b:36:1a:
                    0c:02:5c:aa:78:c9:5c:d0:a7:9c:44:90:9d:32:82:
                    19:43:c1:33:46:f6:05:f3:6e:38:3e:72:26:62:75:
                    fd:a6:e9:b5:2c:d8:90:44:30:8b:0b:88:a9:e0:f5:
                    22:65:28:52:c0:a2:6f:96:f7:b6:70:3f:09:5c:93:
                    8a:91:bc:b6:b2:68:d5:0e:5e:57:0c:88:d2:fa:eb:
                    70:82:30:90:28:05:67:46:9e:70:e0:f9:50:ff:15:
                    47:ab:8e:d2:1b:e8:4d:6c:d1:f1:ed:2e:cc:55:85:
                    1b:33:e8:d6:66:28:79:15:2f:ec:67:4c:de:12:09:
                    93:af:a9:7c:ba:71:4d:1c:0c:49:51:2e:54:99:6c:
                    5f:36:b3:37:ee:9f:67:c0:36:9a:59:b7:c5:c2:4e:
                    35:e0:8e:73:e8:5c:37:eb:62:56:3b:da:fa:28:e2:
                    07:52:c6:cc:56:a3:e4:64:4e:86:57:8c:04:4e:6b:
                    c2:5e:a5:b1:26:65:86:6b:96:81:13:ee:fe:03:74:
                    9d:2e:d0:63:4f:64:9c:ab:c4:8a:b6:01:e3:c8:3f:
                    b9:73:61:67:b0:25:4b:b2:d0:bd:e3:d4:8e:1a:4e:
                    d6:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:5A:71:78:2B:84:19:8C:32:62:3D:BE:9A:62:3D:03:52:90:B8:49
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e31855d-83f9-4a6c-a51f-b006f05db89d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.193.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         41:6e:86:ff:60:80:e4:1c:fe:70:56:ff:6c:85:af:f6:0a:89:
         b9:b9:f4:0c:06:e4:e9:f4:30:42:10:12:fd:a1:83:47:5f:62:
         ee:d6:61:e1:4b:1a:82:3e:83:f8:42:33:99:fe:57:f3:8e:6d:
         f8:6f:2c:90:7c:0e:c7:0b:cd:81:57:65:be:68:f4:f5:86:1f:
         f1:ad:bb:04:52:ac:cf:2c:73:de:ad:1a:e1:fd:cd:10:98:da:
         b8:1c:e0:c7:2d:d8:73:3e:28:3f:57:31:fd:ca:e4:04:1b:6e:
         8d:7f:03:72:a6:19:8f:ef:b5:5b:08:a1:48:54:8a:78:c6:61:
         fb:c7:84:8d:c3:3c:ae:56:0e:77:8d:04:bf:6b:07:c4:d2:ac:
         e1:1e:63:a6:60:1e:3c:b6:6f:35:b8:13:17:6b:6d:39:4e:1e:
         ad:9e:d4:09:5f:38:ad:5f:77:6f:d8:94:a6:f6:f4:30:62:d2:
         6f:5a:c1:a0:cf:b8:e8:a0:ab:3b:84:80:07:f4:1d:bf:52:00:
         24:aa:51:88:57:35:22:b6:f7:b0:b7:cf:23:46:82:eb:1a:5d:
         b3:5c:7d:3d:8c:5d:82:07:9c:99:6c:d5:3f:84:22:ae:a5:63:
         ef:e7:8f:d3:3f:26:77:6a:2c:30:e8:8e:1b:58:f6:4c:a5:49:
         4b:f8:e8:14
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWcumGVhHmvbMa5c5OKO4XjlIvckwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNGY2Yjk3ODdlMmViNTI2NWNlOWY4OTUwNjRiOTE4ZWU0
NGE2ZjBiOWJiMTlmMGNiMjI5NWJiOWFiMGE0NDE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2gUhNQ0piBzhVHwiuKj4hPLEzufEAEBgzMYs2GgwCXKp4
yVzQp5xEkJ0yghlDwTNG9gXzbjg+ciZidf2m6bUs2JBEMIsLiKng9SJlKFLAom+W
97ZwPwlck4qRvLayaNUOXlcMiNL663CCMJAoBWdGnnDg+VD/FUerjtIb6E1s0fHt
LsxVhRsz6NZmKHkVL+xnTN4SCZOvqXy6cU0cDElRLlSZbF82szfun2fANppZt8XC
TjXgjnPoXDfrYlY72voo4gdSxsxWo+RkToZXjAROa8JepbEmZYZrloET7v4DdJ0u
0GNPZJyrxIq2AePIP7lzYWewJUuy0L3j1I4aTtZfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUL1pxeCuEGYwyYj2+mmI9A1KQuEkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllMzE4NTVkLTgzZjktNGE2Yy1hNTFmLWIwMDZmMDVkYjg5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAowTANBgkqhkiG9w0BAQsFAAOCAQEAQW6G/2CA5Bz+cFb/bIWv9gqJubn0
DAbk6fQwQhAS/aGDR19i7tZh4Usagj6D+EIzmf5X845t+G8skHwOxwvNgVdlvmj0
9YYf8a27BFKszyxz3q0a4f3NEJjauBzgxy3Ycz4oP1cx/crkBBtujX8DcqYZj++1
WwihSFSKeMZh+8eEjcM8rlYOd40Ev2sHxNKs4R5jpmAePLZvNbgTF2ttOU4erZ7U
CV84rV93b9iUpvb0MGLSb1rBoM+46KCrO4SAB/Qdv1IAJKpRiFc1Irb3sLfPI0aC
6xpds1x9PYxdggecmWzVP4QirqVj7+eP0z8md2osMOiOG1j2TKVJS/joFA==
-----END CERTIFICATE-----