Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb1f8a4b-cbc0-4461-bf22-e07065dc0fd6.roa
File:                     bb1f8a4b-cbc0-4461-bf22-e07065dc0fd6.roa (raw, json)
Hash identifier:          BUEayCcBqtj6Tq3vnzbhiA7GjN4FIO3bHe/xTvSKXjM=
Subject key identifier:   20:9E:37:EE:68:AF:A6:68:CC:76:0A:E0:5D:35:50:B6:AA:A9:A7:59
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       60EFA4D9213676B60A86ABDA971EB81CADDB44FC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb1f8a4b-cbc0-4461-bf22-e07065dc0fd6.roa
Signing time:             Mon 19 May 2025 17:32:09 +0000
ROA not before:           Mon 19 May 2025 17:32:09 +0000
ROA not after:            Mon 23 Jun 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1fb9:5000::/40 maxlen: 48
Validation:               Failed, certificate revoked on Thu 22 May 2025 01:07:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:ef:a4:d9:21:36:76:b6:0a:86:ab:da:97:1e:b8:1c:ad:db:44:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 19 17:32:09 2025 GMT
            Not After : Jun 23 23:59:59 2025 GMT
        Subject: serialNumber=a247c3c993b6c148628b6e43e02f76db184c024dee6000ccf7adc90909f9a622, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:04:99:0e:3b:f8:55:a3:43:7b:27:e3:13:70:
                    a8:d9:24:32:56:0f:28:dc:e8:e8:5d:be:f0:ee:fc:
                    00:44:ee:08:7c:eb:65:80:b1:47:b6:40:bc:f2:12:
                    80:df:56:85:1e:a7:27:e0:3d:40:c2:f6:19:6a:14:
                    ca:a0:6c:d6:df:a5:65:ce:46:89:b7:49:63:4b:ac:
                    ed:48:44:46:28:80:93:99:47:3d:67:0d:d0:4c:26:
                    d9:de:b2:7a:91:1a:73:c3:de:7a:89:3b:0a:df:29:
                    6c:37:6c:83:bb:84:9f:9c:b9:4c:d4:fe:06:0b:68:
                    b3:7c:e0:bc:d3:fa:4c:0b:81:fa:6b:57:09:ab:13:
                    8d:5e:da:6a:b4:4d:20:06:dc:8e:e6:a5:63:2b:1a:
                    66:31:9b:8a:bd:e7:7e:56:a3:1c:98:f9:59:68:4d:
                    c8:50:a8:08:65:1b:0a:cb:66:fa:55:0c:73:cb:39:
                    d9:83:91:99:73:ca:59:94:3c:48:be:05:7d:8b:20:
                    d5:9c:d3:4e:13:78:55:fb:d4:b6:8f:49:1e:c2:ae:
                    ff:cb:a6:67:7e:d4:4b:b4:0a:86:8c:42:dc:ac:ee:
                    92:78:d5:69:df:d5:34:54:fe:89:15:fa:58:23:e9:
                    f8:bc:b3:a0:5f:e1:18:66:31:d1:aa:7d:6e:aa:31:
                    02:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:9E:37:EE:68:AF:A6:68:CC:76:0A:E0:5D:35:50:B6:AA:A9:A7:59
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bb1f8a4b-cbc0-4461-bf22-e07065dc0fd6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb9:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         50:bf:a1:8e:d0:c1:7a:38:6b:d6:8a:27:aa:e4:b3:4d:85:2d:
         ae:86:59:4a:89:1b:ba:68:8e:c5:98:06:a7:de:ed:6a:8d:bb:
         e4:68:71:1d:bc:d5:b5:9f:0e:b6:c5:b5:bd:94:d8:e3:13:a8:
         81:f0:c8:b6:fc:28:89:76:7c:39:21:75:1a:2f:ed:8b:13:79:
         62:8b:61:52:5c:5f:76:1d:ee:47:36:a7:24:8d:a9:e7:ad:1d:
         ca:88:4d:76:e5:a8:04:f3:09:1f:26:dc:7c:01:93:7b:40:86:
         20:a6:d4:e3:bd:20:6a:5a:e1:20:a1:b8:1c:0d:7c:ef:6a:38:
         f0:09:bf:ea:82:bb:0e:88:4d:7d:b7:3d:e5:27:43:c9:05:59:
         c9:83:ea:84:fd:f1:30:59:55:fc:d8:6f:a4:63:25:eb:2e:73:
         75:9f:38:8d:17:47:e2:27:ac:81:08:e0:89:88:57:be:1c:2d:
         27:4c:a7:37:ac:cc:be:85:c7:54:54:62:32:3f:4f:e8:81:27:
         be:94:dd:6f:dc:99:85:2c:df:91:c6:3b:07:2b:2b:51:c5:ba:
         b3:f7:3a:4f:f5:73:76:60:9e:ac:0b:9a:54:fa:04:ba:2b:89:
         1f:9c:56:b0:2f:4b:37:46:82:7a:80:fb:59:67:39:27:fc:51:
         8f:ac:98:d3
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYO+k2SE2drYKhqvalx64HK3bRPwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE5MTczMjA5WhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMjQ3YzNjOTkzYjZjMTQ4NjI4YjZlNDNlMDJmNzZkYjE4
NGMwMjRkZWU2MDAwY2NmN2FkYzkwOTA5ZjlhNjIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOBJkOO/hVo0N7J+MTcKjZJDJWDyjc6OhdvvDu/ABE7gh8
62WAsUe2QLzyEoDfVoUepyfgPUDC9hlqFMqgbNbfpWXORom3SWNLrO1IREYogJOZ
Rz1nDdBMJtnesnqRGnPD3nqJOwrfKWw3bIO7hJ+cuUzU/gYLaLN84LzT+kwLgfpr
VwmrE41e2mq0TSAG3I7mpWMrGmYxm4q9535WoxyY+VloTchQqAhlGwrLZvpVDHPL
OdmDkZlzylmUPEi+BX2LINWc004TeFX71LaPSR7Crv/Lpmd+1Eu0CoaMQtys7pJ4
1Wnf1TRU/okV+lgj6fi8s6Bf4RhmMdGqfW6qMQLFAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUIJ437mivpmjMdgrgXTVQtqqpp1kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JiMWY4YTRiLWNiYzAtNDQ2MS1iZjIyLWUwNzA2NWRjMGZkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+5UDANBgkqhkiG9w0BAQsFAAOCAQEAUL+hjtDBejhr1oonquSzTYUt
roZZSokbumiOxZgGp97tao275GhxHbzVtZ8OtsW1vZTY4xOogfDItvwoiXZ8OSF1
Gi/tixN5YothUlxfdh3uRzanJI2p560dyohNduWoBPMJHybcfAGTe0CGIKbU470g
alrhIKG4HA1872o48Am/6oK7DohNfbc95SdDyQVZyYPqhP3xMFlV/NhvpGMl6y5z
dZ84jRdH4iesgQjgiYhXvhwtJ0ynN6zMvoXHVFRiMj9P6IEnvpTdb9yZhSzfkcY7
BysrUcW6s/c6T/VzdmCerAuaVPoEuiuJH5xWsC9LN0aCeoD7WWc5J/xRj6yY0w==
-----END CERTIFICATE-----