Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1749ed4-63c3-4d7e-b546-f0c9e7c168d2.roa
File:                     a1749ed4-63c3-4d7e-b546-f0c9e7c168d2.roa (raw, json)
Hash identifier:          egIaP/rM54YF3//lSjr5qCttsDOmUwQVY3QNuEMaHN8=
Subject key identifier:   CE:F3:6C:5C:F2:2C:E0:75:14:74:BC:D3:95:EE:36:99:44:12:6C:3D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B601706D14AE02434703849DEA97955FBC8B7EF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1749ed4-63c3-4d7e-b546-f0c9e7c168d2.roa
Signing time:             Fri 11 Oct 2024 00:00:00 +0000
ROA not before:           Fri 11 Oct 2024 00:00:00 +0000
ROA not after:            Fri 15 Nov 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        204.31.128.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Thu 24 Oct 2024 15:11:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:60:17:06:d1:4a:e0:24:34:70:38:49:de:a9:79:55:fb:c8:b7:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 11 00:00:00 2024 GMT
            Not After : Nov 15 23:59:59 2024 GMT
        Subject: serialNumber=ef5cb46b2a06dab05d9247a2060b2185ed011b1b9a5c098213bbd49ab777960f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:44:60:e9:88:d3:69:c7:f2:d9:34:e6:8a:9c:
                    4c:1a:07:ef:c1:94:8b:d8:c3:e5:e1:19:6b:ac:5b:
                    bf:9e:71:54:17:05:b1:57:c2:8b:a0:59:15:04:a4:
                    b1:a3:a6:f9:dc:9a:1f:bd:8f:4b:da:88:39:20:cc:
                    33:e3:6d:a3:c2:cf:ad:c6:cf:ae:22:e9:d5:f3:0c:
                    cf:dc:86:54:2e:b6:7a:85:b1:91:43:84:1a:75:2e:
                    63:b5:8f:69:da:99:40:27:eb:50:f3:e9:01:79:4d:
                    c9:c2:a3:51:9e:45:b6:82:46:f2:1b:61:79:6e:af:
                    a7:50:02:7d:a9:1f:a8:49:0d:6e:3e:f9:ae:34:c2:
                    ca:1d:f6:5d:90:d5:90:85:ec:4d:d7:06:e0:77:c2:
                    e7:9c:f3:ac:52:f2:d4:93:df:65:9b:d9:3b:34:c3:
                    fd:08:ea:a0:68:d8:d6:22:cf:09:99:3c:1b:64:10:
                    49:43:93:ff:88:5c:03:c6:e9:05:dc:48:7d:20:bb:
                    a6:d2:fc:29:7f:c3:3b:4a:d0:51:2d:b7:ac:59:9d:
                    dd:d5:fc:57:ca:a6:9e:eb:ec:de:4f:d4:53:f4:c2:
                    f6:50:8b:79:7f:de:30:7f:55:53:c6:c3:53:dc:7b:
                    46:81:69:ed:b5:35:1a:cd:a7:48:31:9e:87:90:05:
                    e6:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F3:6C:5C:F2:2C:E0:75:14:74:BC:D3:95:EE:36:99:44:12:6C:3D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1749ed4-63c3-4d7e-b546-f0c9e7c168d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.31.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         2b:57:54:31:04:45:75:f8:6c:11:25:05:d1:a2:49:f7:b8:91:
         b5:c6:fa:ed:69:30:4d:5d:b5:32:9a:6a:1c:85:03:c6:db:3b:
         64:d3:ab:36:68:ef:c9:25:30:08:18:d4:49:db:28:a7:28:6a:
         89:84:5c:bc:85:9a:d3:1a:d2:3b:e0:41:6f:f6:cd:4a:6e:ad:
         1c:e9:c6:55:61:6b:b8:88:76:56:cd:cc:d2:3e:bd:0b:1f:9f:
         77:1f:4b:c6:cd:ca:0f:7f:77:54:5e:a7:df:1a:81:65:ed:b3:
         0d:87:3a:e1:f1:dd:f7:bf:b9:4b:e8:73:cc:05:ba:2c:e2:37:
         1a:f3:a7:a8:d9:aa:92:36:86:2b:35:20:6a:e6:9e:52:7e:8f:
         73:75:57:0a:f8:97:8c:0d:5e:ef:ce:c7:46:0f:51:d8:ab:50:
         9b:f6:70:12:1c:42:b3:99:24:9c:a5:46:6b:03:b2:26:10:29:
         f3:1a:a8:6f:50:02:2a:7a:3c:f9:f5:54:ab:35:d8:38:5b:7e:
         8c:24:21:89:5d:bc:a2:84:f2:ba:48:08:77:64:e2:81:fc:76:
         39:40:96:af:ac:cb:ee:ed:46:da:91:33:6c:bd:8a:87:bc:aa:
         8f:54:f2:35:31:e4:67:ee:e4:2d:19:05:be:52:b5:33:14:6c:
         4e:c0:05:d9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG2AXBtFK4CQ0cDhJ3ql5VfvIt+8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDExMDAwMDAwWhcNMjQxMTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjVjYjQ2YjJhMDZkYWIwNWQ5MjQ3YTIwNjBiMjE4NWVk
MDExYjFiOWE1YzA5ODIxM2JiZDQ5YWI3Nzc5NjBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0RGDpiNNpx/LZNOaKnEwaB+/BlIvYw+XhGWusW7+ecVQX
BbFXwougWRUEpLGjpvncmh+9j0vaiDkgzDPjbaPCz63Gz64i6dXzDM/chlQutnqF
sZFDhBp1LmO1j2namUAn61Dz6QF5TcnCo1GeRbaCRvIbYXlur6dQAn2pH6hJDW4+
+a40wsod9l2Q1ZCF7E3XBuB3wuec86xS8tST32Wb2Ts0w/0I6qBo2NYizwmZPBtk
EElDk/+IXAPG6QXcSH0gu6bS/Cl/wztK0FEtt6xZnd3V/FfKpp7r7N5P1FP0wvZQ
i3l/3jB/VVPGw1Pce0aBae21NRrNp0gxnoeQBeYPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzvNsXPIs4HUUdLzTle42mUQSbD0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ExNzQ5ZWQ0LTYzYzMtNGQ3ZS1iNTQ2LWYwYzllN2MxNjhkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXMH4AwDQYJKoZIhvcNAQELBQADggEBACtXVDEERXX4bBElBdGiSfe4kbXG
+u1pME1dtTKaahyFA8bbO2TTqzZo78klMAgY1EnbKKcoaomEXLyFmtMa0jvgQW/2
zUpurRzpxlVha7iIdlbNzNI+vQsfn3cfS8bNyg9/d1Rep98agWXtsw2HOuHx3fe/
uUvoc8wFuiziNxrzp6jZqpI2his1IGrmnlJ+j3N1Vwr4l4wNXu/Ox0YPUdirUJv2
cBIcQrOZJJylRmsDsiYQKfMaqG9QAip6PPn1VKs12DhbfowkIYldvKKE8rpICHdk
4oH8djlAlq+sy+7tRtqRM2y9ioe8qo9U8jUx5Gfu5C0ZBb5StTMUbE7ABdk=
-----END CERTIFICATE-----