Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a887eddf-23b6-4a95-bacd-cb7f8e096ff1.roa
File:                     a887eddf-23b6-4a95-bacd-cb7f8e096ff1.roa (raw, json)
Hash identifier:          U+62jNndIA6POr3XjOqVUWSqOu/dAso/XlW+4vvpAoA=
Subject key identifier:   64:4D:B7:33:CD:A1:99:DC:78:EA:F0:2C:61:F0:F7:4A:4B:12:38:11
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1095746ABBFDD0E5B1175F5EC1C6B7F5DD7E4F96
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a887eddf-23b6-4a95-bacd-cb7f8e096ff1.roa
Signing time:             Tue 04 Feb 2025 00:00:00 +0000
ROA not before:           Tue 04 Feb 2025 00:00:00 +0000
ROA not after:            Tue 11 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fff:8000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Tue 04 Feb 2025 15:11:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:95:74:6a:bb:fd:d0:e5:b1:17:5f:5e:c1:c6:b7:f5:dd:7e:4f:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  4 00:00:00 2025 GMT
            Not After : Mar 11 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:a7:11:31:34:40:6f:3c:53:46:d5:96:09:a8:
                    2b:e8:b7:8d:24:ac:c8:cf:be:f2:f2:ee:b5:3c:f4:
                    25:ad:69:e9:68:19:65:56:75:aa:d5:04:15:3b:45:
                    f0:62:3b:57:13:67:8f:f1:1c:32:86:d0:c4:1f:8e:
                    3f:a1:6c:a7:d6:3d:bf:8f:93:a5:ec:77:6b:bc:1c:
                    41:06:d9:79:44:08:29:7c:0c:57:df:75:72:8f:60:
                    c2:69:af:9d:23:c6:e3:6b:4c:4e:d4:77:dc:2e:bf:
                    b0:2e:0c:c4:1e:e7:40:25:e1:cd:b7:9f:0a:09:4e:
                    47:24:9e:40:0e:f1:ce:e8:95:89:bb:c5:6f:99:cc:
                    55:0b:d6:54:a9:d3:7c:9c:a3:81:fc:e6:86:5e:85:
                    d6:a0:0e:a3:3d:91:a8:32:81:c2:2b:13:f0:8c:8c:
                    dd:be:fd:56:61:84:6c:9b:e4:d8:ff:35:79:cc:89:
                    b1:e6:ba:30:b5:d9:ed:a3:0e:68:4a:d7:92:9f:e9:
                    28:90:e2:18:ce:fa:2d:9c:a5:21:01:59:19:68:7b:
                    44:e7:83:8b:dc:fe:3c:d6:2d:8f:d4:b3:54:5d:92:
                    46:1c:d2:9c:51:8e:76:b4:1f:1d:5a:fe:65:16:bf:
                    5d:0f:d3:2a:aa:24:f0:92:d7:4c:fe:ac:6f:9c:93:
                    22:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:4D:B7:33:CD:A1:99:DC:78:EA:F0:2C:61:F0:F7:4A:4B:12:38:11
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a887eddf-23b6-4a95-bacd-cb7f8e096ff1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         5e:03:6e:05:e2:80:d7:39:22:f0:63:bf:9b:71:53:03:c9:65:
         9e:22:0c:9b:02:25:19:65:7e:97:0e:88:7e:fa:29:d2:6b:07:
         bc:05:41:e3:ff:c8:24:44:f2:09:59:02:ef:ff:9b:95:9e:bc:
         1c:3b:07:c6:69:5c:69:a7:61:65:36:c4:d2:1b:dc:9a:c1:85:
         db:5d:5f:ac:cc:f7:66:ef:61:b8:59:5b:aa:d3:2a:a4:47:96:
         e0:cb:2d:9e:a7:1d:c1:88:15:49:38:a1:d9:ab:e9:13:41:ff:
         30:ff:66:8f:1d:70:fe:87:5b:1f:21:29:0d:b5:f4:9e:10:7c:
         05:7d:85:20:75:29:3f:9c:b5:15:e5:9d:96:5e:8f:e9:be:a8:
         53:27:1d:d8:f0:30:03:4f:5e:f9:ec:d1:94:74:89:90:2c:1e:
         64:0e:30:96:5b:2b:c8:c3:dd:cb:92:2b:38:e7:b4:c5:f2:95:
         e1:d3:3a:c9:8b:b5:f7:03:17:ea:4f:2b:b2:a4:28:1c:61:c1:
         d2:b0:8a:d9:ef:a3:fa:65:2a:9d:2c:18:05:89:29:cc:04:a2:
         bf:f5:b5:c0:80:46:06:cb:d0:7d:44:41:8c:96:fb:6f:5e:5a:
         89:08:a1:b6:75:0b:29:ca:22:d6:8a:ab:c7:72:94:2d:a7:2b:
         00:eb:41:3d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEJV0arv90OWxF19ewca39d1+T5YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDFiNDAyNmMzYmQ1MWM1ZDIyMzA1NWE5NjlhMmRlNDhj
ZTkzYmY4OTgzODI2NjJhZTFkY2M3NjU4YjM1MGRlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlpxExNEBvPFNG1ZYJqCvot40krMjPvvLy7rU89CWtaelo
GWVWdarVBBU7RfBiO1cTZ4/xHDKG0MQfjj+hbKfWPb+Pk6Xsd2u8HEEG2XlECCl8
DFffdXKPYMJpr50jxuNrTE7Ud9wuv7AuDMQe50Al4c23nwoJTkcknkAO8c7olYm7
xW+ZzFUL1lSp03yco4H85oZehdagDqM9kagygcIrE/CMjN2+/VZhhGyb5Nj/NXnM
ibHmujC12e2jDmhK15Kf6SiQ4hjO+i2cpSEBWRloe0Tng4vc/jzWLY/Us1RdkkYc
0pxRjna0Hx1a/mUWv10P0yqqJPCS10z+rG+ckyLBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUZE23M82hmdx46vAsYfD3SksSOBEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E4ODdlZGRmLTIzYjYtNGE5NS1iYWNkLWNiN2Y4ZTA5NmZmMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB//gDANBgkqhkiG9w0BAQsFAAOCAQEAXgNuBeKA1zki8GO/m3FTA8ll
niIMmwIlGWV+lw6Ifvop0msHvAVB4//IJETyCVkC7/+blZ68HDsHxmlcaadhZTbE
0hvcmsGF211frMz3Zu9huFlbqtMqpEeW4MstnqcdwYgVSTih2avpE0H/MP9mjx1w
/odbHyEpDbX0nhB8BX2FIHUpP5y1FeWdll6P6b6oUycd2PAwA09e+ezRlHSJkCwe
ZA4wllsryMPdy5IrOOe0xfKV4dM6yYu19wMX6k8rsqQoHGHB0rCK2e+j+mUqnSwY
BYkpzASiv/W1wIBGBsvQfURBjJb7b15aiQihtnULKcoi1oqrx3KULacrAOtBPQ==
-----END CERTIFICATE-----