Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5d5e9d2-cda7-4a1b-97a9-3db059676b16.roa
File:                     b5d5e9d2-cda7-4a1b-97a9-3db059676b16.roa (raw, json)
Hash identifier:          J5lcixyBGhl9R9FDASnXnwMFB9I/e1Bo/sKbyH2X1Ok=
Subject key identifier:   24:A1:85:87:00:CB:3C:EC:DA:EB:BE:5A:17:42:16:1E:A9:C1:76:B5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       110E45E961D5543CA837C47BE9A3BBB8D10CB326
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5d5e9d2-cda7-4a1b-97a9-3db059676b16.roa
Signing time:             Tue 04 Feb 2025 00:00:00 +0000
ROA not before:           Tue 04 Feb 2025 00:00:00 +0000
ROA not after:            Tue 11 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ffb:2000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Tue 04 Feb 2025 18:11:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:0e:45:e9:61:d5:54:3c:a8:37:c4:7b:e9:a3:bb:b8:d1:0c:b3:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  4 00:00:00 2025 GMT
            Not After : Mar 11 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b5:ee:b0:1e:ec:86:9f:66:91:a1:82:b8:45:
                    47:10:cb:07:db:d1:c4:66:73:97:3c:49:a5:ab:93:
                    df:b8:87:1b:1c:67:b3:46:f7:0d:ac:a3:eb:26:d5:
                    f3:73:84:3a:70:49:6c:94:29:1a:70:d5:4b:69:a1:
                    35:5f:71:11:9e:a7:e1:ec:e4:bc:d2:ed:d2:36:97:
                    c8:ae:23:4a:79:84:43:06:38:c0:3e:d9:21:81:c2:
                    20:e6:d5:65:98:51:e6:ae:f4:17:0a:f0:5d:b8:e6:
                    9c:c8:c8:a9:c5:f0:77:ab:99:11:af:e0:93:9e:cd:
                    40:88:c8:d3:5f:03:3c:7b:df:7d:2b:04:bc:b5:27:
                    6b:24:82:28:86:00:19:4f:f0:04:d8:60:84:18:80:
                    71:df:85:48:85:56:8d:0e:c6:7c:ed:a8:47:2e:ff:
                    d6:e8:96:b4:68:37:9c:82:b7:e8:58:48:05:2a:9b:
                    6f:0b:53:5d:a1:9b:64:2b:9d:0b:60:3f:31:a1:44:
                    6d:bc:ed:72:45:f8:d5:b4:ef:1f:2f:15:8d:69:ef:
                    fa:0b:cb:5c:ab:10:5a:86:55:d7:cd:78:46:32:0e:
                    98:87:30:ea:e4:11:e5:69:78:05:a9:a6:09:8e:f3:
                    c5:66:7f:9c:70:ca:c8:44:bc:46:4a:9b:66:fb:cc:
                    73:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:A1:85:87:00:CB:3C:EC:DA:EB:BE:5A:17:42:16:1E:A9:C1:76:B5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5d5e9d2-cda7-4a1b-97a9-3db059676b16.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffb:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         b3:7f:d3:06:77:e3:32:16:5f:4d:b4:a6:49:b9:5b:3e:e2:7a:
         e3:fc:7d:c7:0a:df:3c:3f:01:af:20:8f:c5:62:57:0c:df:cc:
         c9:8b:3e:32:a9:05:aa:93:cd:11:94:de:37:ad:83:d0:12:c4:
         e4:cf:bb:6a:38:65:4e:26:61:b4:ae:65:99:12:61:c0:3f:6e:
         86:a7:19:ac:55:86:64:f9:9f:c5:28:8e:b5:86:1f:28:3d:b1:
         26:90:6c:d4:04:d0:de:75:9a:18:c3:21:d4:05:69:94:64:b6:
         44:40:95:29:55:8b:d7:89:38:95:cf:35:b6:3c:e9:15:4d:52:
         04:22:1d:c9:6c:35:a7:22:67:dc:2f:f9:d5:7b:cd:6b:7d:8c:
         7b:34:20:12:c7:fb:ef:02:09:88:a9:6d:1c:9b:b7:ae:84:64:
         91:59:00:99:4c:84:7c:98:bd:a7:67:de:26:80:74:cb:00:3b:
         6a:28:6a:88:98:15:1d:2f:79:65:f5:ac:46:a1:05:1f:74:b4:
         51:81:5e:2d:16:1c:5b:58:df:85:43:0f:58:ba:8b:2b:88:95:
         34:95:a5:82:3d:75:0b:2c:4e:48:1c:86:0c:59:eb:82:e3:c2:
         aa:dc:20:a8:0b:b5:95:b6:7a:e0:0c:d9:9d:73:66:05:09:a1:
         5e:14:6b:ab
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEQ5F6WHVVDyoN8R76aO7uNEMsyYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNmRkMjFjNjE3OWM3OWZiMWI1Nzg0OTAzYWZmNWYxNTcw
ZjkyMzA1MzRiNTEwYTg2MGU4NzliYjc4YTM4YTFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCte6wHuyGn2aRoYK4RUcQywfb0cRmc5c8SaWrk9+4hxsc
Z7NG9w2so+sm1fNzhDpwSWyUKRpw1UtpoTVfcRGep+Hs5LzS7dI2l8iuI0p5hEMG
OMA+2SGBwiDm1WWYUeau9BcK8F245pzIyKnF8HermRGv4JOezUCIyNNfAzx7330r
BLy1J2skgiiGABlP8ATYYIQYgHHfhUiFVo0OxnztqEcu/9bolrRoN5yCt+hYSAUq
m28LU12hm2QrnQtgPzGhRG287XJF+NW07x8vFY1p7/oLy1yrEFqGVdfNeEYyDpiH
MOrkEeVpeAWppgmO88Vmf5xwyshEvEZKm2b7zHMhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUJKGFhwDLPOza675aF0IWHqnBdrUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I1ZDVlOWQyLWNkYTctNGExYi05N2E5LTNkYjA1OTY3NmIxNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/7IDANBgkqhkiG9w0BAQsFAAOCAQEAs3/TBnfjMhZfTbSmSblbPuJ6
4/x9xwrfPD8BryCPxWJXDN/MyYs+MqkFqpPNEZTeN62D0BLE5M+7ajhlTiZhtK5l
mRJhwD9uhqcZrFWGZPmfxSiOtYYfKD2xJpBs1ATQ3nWaGMMh1AVplGS2RECVKVWL
14k4lc81tjzpFU1SBCIdyWw1pyJn3C/51XvNa32MezQgEsf77wIJiKltHJu3roRk
kVkAmUyEfJi9p2feJoB0ywA7aihqiJgVHS95ZfWsRqEFH3S0UYFeLRYcW1jfhUMP
WLqLK4iVNJWlgj11CyxOSByGDFnrguPCqtwgqAu1lbZ64AzZnXNmBQmhXhRrqw==
-----END CERTIFICATE-----