Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0cdb99c-80ae-4cab-9dda-4da4b37568c7.roa
File:                     b0cdb99c-80ae-4cab-9dda-4da4b37568c7.roa (raw, json)
Hash identifier:          tHKutFZtAvwaxXF76erg87AQcQX5VE1BEneD9wWbaP8=
Subject key identifier:   F2:92:BD:F2:FC:22:72:FA:ED:0A:DA:E5:2A:AE:76:E0:D5:7F:76:26
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       37ED6903EBF98A49B318F41A041E83C8E7A95228
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0cdb99c-80ae-4cab-9dda-4da4b37568c7.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        107.20.0.0/14 maxlen: 14
Validation:               Failed, certificate revoked on Mon 13 Jan 2025 16:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:ed:69:03:eb:f9:8a:49:b3:18:f4:1a:04:1e:83:c8:e7:a9:52:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:01:a7:d8:ca:17:a4:d1:91:54:20:91:4b:f3:
                    c4:f4:6f:3f:8c:1e:94:4f:b6:c2:e6:43:16:28:b9:
                    fc:dd:e9:9e:d4:95:34:a3:ce:61:cb:a9:ab:55:1a:
                    96:52:09:9e:a4:19:3b:4e:f3:6e:9b:c3:62:6d:d5:
                    f2:3a:e3:bc:51:82:ce:7b:a1:e9:c9:ca:61:20:58:
                    e7:67:e7:99:9a:2a:45:60:c7:47:59:72:e3:a3:2a:
                    dc:c4:c9:13:07:01:1f:7b:fa:ef:18:43:ab:fd:fe:
                    b1:6a:83:4a:83:77:8d:0b:77:f9:fa:94:c3:22:a6:
                    6b:04:a7:0f:3e:94:9d:a9:81:b8:55:12:e0:1b:a4:
                    59:4b:63:cb:51:cf:48:62:0a:1f:19:e5:16:07:28:
                    46:81:90:99:8e:18:fc:09:1d:d5:2f:08:de:bb:17:
                    53:e8:13:57:b8:80:9e:49:cb:54:9e:25:4d:35:d0:
                    92:c2:f1:38:f5:69:e3:a6:ee:b9:30:ac:63:c8:97:
                    4d:d8:da:9e:6f:6f:dd:0a:30:14:06:cf:8e:53:03:
                    66:2d:8d:ee:73:74:28:49:e0:c3:2e:fb:3b:6e:aa:
                    60:34:fe:4d:13:64:1f:d0:06:22:6a:3a:34:59:c1:
                    ba:26:b6:a8:ab:f4:cc:0c:b7:48:64:c7:0e:49:04:
                    b3:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:92:BD:F2:FC:22:72:FA:ED:0A:DA:E5:2A:AE:76:E0:D5:7F:76:26
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b0cdb99c-80ae-4cab-9dda-4da4b37568c7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.20.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         6b:0c:43:46:b9:83:da:c5:d5:b4:27:73:bd:64:72:0f:3e:23:
         53:e2:ea:5b:d2:76:d4:70:75:10:a2:92:11:25:2b:bf:a1:37:
         df:d3:d0:7e:38:2b:5c:a4:6c:08:f7:b3:ff:65:24:5e:db:ac:
         a2:4b:58:2d:7a:26:b7:96:43:21:a6:55:01:e7:b9:b4:ff:97:
         6c:b5:1a:9d:a7:6b:9f:c5:6e:9f:bd:fd:f6:00:f5:f9:39:8d:
         fb:b7:eb:94:c8:cb:9c:c1:32:ed:55:ae:e4:c8:91:33:7d:14:
         ac:7e:c0:50:45:f7:2f:3a:1e:66:80:5a:ad:65:75:04:4a:e1:
         ef:49:56:0e:c8:bc:cb:a8:56:30:ac:87:91:08:b7:ae:3c:93:
         5b:48:67:63:72:a7:11:6b:96:52:14:d7:6a:da:5f:5d:b4:87:
         af:9f:7a:59:7c:49:b0:b7:23:9d:b0:d7:01:d5:af:ac:e1:cb:
         76:dc:d5:ff:a3:b7:68:f2:e7:3d:8b:7d:64:04:80:34:85:9e:
         d9:e3:c3:4a:d5:36:1d:af:87:bb:45:7d:6c:93:65:f9:bb:39:
         b9:a7:7c:8f:bb:a3:f1:c3:4c:01:08:0b:d4:63:87:4b:25:fb:
         dc:38:3c:ad:45:e4:fb:c8:16:c4:c7:34:51:f7:e4:ac:de:38:
         d7:4a:0c:c8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUN+1pA+v5ikmzGPQaBB6DyOepUigwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYzcwZTBhNjhjMmNhNmIyMzQyMGY4ZmUyY2EzYWVkYTI2
NDVhYTAxODU1NjM4MzUyZWNhM2FjOGQwNDkyY2Q2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcAafYyhek0ZFUIJFL88T0bz+MHpRPtsLmQxYoufzd6Z7U
lTSjzmHLqatVGpZSCZ6kGTtO826bw2Jt1fI647xRgs57oenJymEgWOdn55maKkVg
x0dZcuOjKtzEyRMHAR97+u8YQ6v9/rFqg0qDd40Ld/n6lMMipmsEpw8+lJ2pgbhV
EuAbpFlLY8tRz0hiCh8Z5RYHKEaBkJmOGPwJHdUvCN67F1PoE1e4gJ5Jy1SeJU01
0JLC8Tj1aeOm7rkwrGPIl03Y2p5vb90KMBQGz45TA2Ytje5zdChJ4MMu+ztuqmA0
/k0TZB/QBiJqOjRZwbomtqir9MwMt0hkxw5JBLOtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8pK98vwicvrtCtrlKq524NV/diYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IwY2RiOTljLTgwYWUtNGNhYi05ZGRhLTRkYTRiMzc1NjhjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJrFDANBgkqhkiG9w0BAQsFAAOCAQEAawxDRrmD2sXVtCdzvWRyDz4jU+Lq
W9J21HB1EKKSESUrv6E339PQfjgrXKRsCPez/2UkXtusoktYLXomt5ZDIaZVAee5
tP+XbLUanadrn8Vun7399gD1+TmN+7frlMjLnMEy7VWu5MiRM30UrH7AUEX3Lzoe
ZoBarWV1BErh70lWDsi8y6hWMKyHkQi3rjyTW0hnY3KnEWuWUhTXatpfXbSHr596
WXxJsLcjnbDXAdWvrOHLdtzV/6O3aPLnPYt9ZASANIWe2ePDStU2Ha+Hu0V9bJNl
+bs5uad8j7uj8cNMAQgL1GOHSyX73Dg8rUXk+8gWxMc0UffkrN4410oMyA==
-----END CERTIFICATE-----