Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1c5015f-e802-4af1-bb40-097c4e85d8f2.roa
File:                     a1c5015f-e802-4af1-bb40-097c4e85d8f2.roa (raw, json)
Hash identifier:          FSVHstM6AvAiukmTvykvDMFMFri/GdhR1Y23BOIuAnw=
Subject key identifier:   A6:12:A0:52:C8:16:78:94:AD:75:59:2C:0E:12:D6:54:BC:1A:8B:90
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       76E9C75B309BC3F3B6D036B76B90A34BC7F8D599
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1c5015f-e802-4af1-bb40-097c4e85d8f2.roa
Signing time:             Fri 14 Mar 2025 00:10:17 +0000
ROA not before:           Fri 14 Mar 2025 00:10:17 +0000
ROA not after:            Fri 18 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        207.94.160.0/20 maxlen: 24
Validation:               Failed, certificate revoked on Tue 18 Mar 2025 17:09:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:e9:c7:5b:30:9b:c3:f3:b6:d0:36:b7:6b:90:a3:4b:c7:f8:d5:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 14 00:10:17 2025 GMT
            Not After : Apr 18 23:59:59 2025 GMT
        Subject: serialNumber=d6ccf9641228f3e48525e4b55bf00533cbb2b0ba011df56652e558b825950ae6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:60:7c:0b:ad:bf:89:b6:15:26:f0:00:73:07:
                    57:0f:22:c4:42:6d:1a:7b:3b:b0:10:6f:c4:d4:fa:
                    76:35:4d:28:91:ab:fc:0e:c4:77:09:da:47:94:f4:
                    24:1e:79:6d:75:96:03:51:a2:91:81:55:ae:e7:ba:
                    8f:cc:55:64:14:b5:03:44:83:12:20:0d:06:9b:e2:
                    13:55:a9:6b:09:a1:77:5d:52:d5:53:26:7c:fb:16:
                    2d:4b:a6:59:c8:fa:cf:7d:ed:75:cf:95:03:3a:de:
                    0d:ea:74:6c:f5:bb:34:f0:a6:bf:6c:43:6e:73:a4:
                    73:ad:5c:fe:ab:c9:c6:9e:25:b0:12:00:2e:84:de:
                    de:65:e5:fe:26:95:0b:91:71:50:ca:5f:e0:ea:93:
                    26:d1:97:cb:09:71:ff:f4:7e:42:ec:95:18:a9:26:
                    2b:ab:39:21:1c:49:d1:dc:a2:4e:9c:70:f3:4d:82:
                    b4:1e:f1:da:29:e1:e0:8a:40:a5:52:e9:f4:27:01:
                    5e:3f:6c:04:2b:0b:a8:25:09:60:05:81:96:63:9c:
                    a9:00:d0:aa:66:ab:f8:39:ca:28:6b:e0:d4:0f:c1:
                    4b:30:29:fd:1e:84:c3:af:20:5c:b7:88:ca:6d:a3:
                    52:c8:77:c2:0b:92:33:93:65:19:a3:5c:92:37:9b:
                    da:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:12:A0:52:C8:16:78:94:AD:75:59:2C:0E:12:D6:54:BC:1A:8B:90
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1c5015f-e802-4af1-bb40-097c4e85d8f2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.94.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         55:00:fd:0f:be:2a:54:46:2a:0b:23:3d:12:1a:cb:1e:6c:91:
         16:6a:80:a1:8f:e3:10:68:b7:c0:8e:6f:85:13:c3:8a:aa:20:
         9f:50:97:e7:a4:d5:9a:bb:b6:c2:c8:d5:b6:80:b4:a4:9c:32:
         89:a4:53:3d:2c:d5:f4:ad:bd:2c:7c:4e:3d:f8:33:19:4f:ff:
         a2:11:e7:e6:70:5f:fc:7b:4b:6b:e3:24:70:bb:3f:49:83:24:
         78:8c:79:6a:e2:71:9c:0c:ad:ed:39:4f:4b:47:7b:7d:48:96:
         ff:b4:c5:b8:47:b3:b1:33:a6:3e:d9:29:5a:fa:a7:b9:4c:10:
         91:81:fa:40:3a:51:e1:98:b2:c2:52:f9:df:7b:8c:c8:db:36:
         f9:12:74:4f:ee:be:f2:df:b4:9e:9a:75:c3:1c:48:78:1d:1f:
         e9:a2:7e:2f:d3:fd:ba:9a:32:b2:b3:35:24:0d:7b:d5:03:04:
         97:f4:2a:e1:c9:3b:60:93:3c:d9:fa:02:88:28:fa:5f:39:9c:
         67:1d:5a:e4:22:12:45:69:0d:7b:e1:a9:55:db:2f:07:e2:45:
         94:f4:13:77:36:0b:be:00:ab:84:df:f9:8e:37:af:09:52:d5:
         22:da:64:a0:d5:6d:81:5d:55:84:f6:ad:19:10:91:39:72:d6:
         9e:81:df:21
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdunHWzCbw/O20Da3a5CjS8f41ZkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE0MDAxMDE3WhcNMjUwNDE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNmNjZjk2NDEyMjhmM2U0ODUyNWU0YjU1YmYwMDUzM2Ni
YjJiMGJhMDExZGY1NjY1MmU1NThiODI1OTUwYWU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeYHwLrb+JthUm8ABzB1cPIsRCbRp7O7AQb8TU+nY1TSiR
q/wOxHcJ2keU9CQeeW11lgNRopGBVa7nuo/MVWQUtQNEgxIgDQab4hNVqWsJoXdd
UtVTJnz7Fi1LplnI+s997XXPlQM63g3qdGz1uzTwpr9sQ25zpHOtXP6rycaeJbAS
AC6E3t5l5f4mlQuRcVDKX+DqkybRl8sJcf/0fkLslRipJiurOSEcSdHcok6ccPNN
grQe8dop4eCKQKVS6fQnAV4/bAQrC6glCWAFgZZjnKkA0Kpmq/g5yihr4NQPwUsw
Kf0ehMOvIFy3iMpto1LId8ILkjOTZRmjXJI3m9qzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUphKgUsgWeJStdVksDhLWVLwai5AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ExYzUwMTVmLWU4MDItNGFmMS1iYjQwLTA5N2M0ZTg1ZDhmMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATPXqAwDQYJKoZIhvcNAQELBQADggEBAFUA/Q++KlRGKgsjPRIayx5skRZq
gKGP4xBot8COb4UTw4qqIJ9Ql+ek1Zq7tsLI1baAtKScMomkUz0s1fStvSx8Tj34
MxlP/6IR5+ZwX/x7S2vjJHC7P0mDJHiMeWricZwMre05T0tHe31Ilv+0xbhHs7Ez
pj7ZKVr6p7lMEJGB+kA6UeGYssJS+d97jMjbNvkSdE/uvvLftJ6adcMcSHgdH+mi
fi/T/bqaMrKzNSQNe9UDBJf0KuHJO2CTPNn6Aogo+l85nGcdWuQiEkVpDXvhqVXb
LwfiRZT0E3c2C74Aq4Tf+Y43rwlS1SLaZKDVbYFdVYT2rRkQkTly1p6B3yE=
-----END CERTIFICATE-----