Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0ccc412-f5c2-48c5-a53e-954616340636.roa
File:                     c0ccc412-f5c2-48c5-a53e-954616340636.roa (raw, json)
Hash identifier:          5sMQBSnVSC7bBx3jBgg3cnXFBPR0mgRqvqpwIExwoqw=
Subject key identifier:   C3:16:BB:6B:D6:16:2E:78:8B:21:E3:4E:5C:A0:DA:DF:EE:43:6C:19
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       64D8ED8D585E86DD3530542291CF6BEC9B96055D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0ccc412-f5c2-48c5-a53e-954616340636.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.246.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Thu 16 Jan 2025 10:24:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:d8:ed:8d:58:5e:86:dd:35:30:54:22:91:cf:6b:ec:9b:96:05:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:91:d0:9d:c7:65:2e:67:dc:14:44:03:c8:e1:
                    e0:9a:6b:43:e9:a4:64:e4:c6:e1:20:1d:82:62:0b:
                    f1:72:aa:7f:67:a9:68:e8:e5:c0:a5:2d:ea:d6:66:
                    72:ce:aa:7f:e9:98:be:ef:d0:98:7e:13:35:16:1f:
                    1f:b0:8e:93:ef:34:e0:39:cc:e9:7c:c9:2b:b1:eb:
                    07:1e:10:ea:79:98:11:b4:a7:59:f0:ff:76:45:76:
                    46:9d:15:40:1d:43:18:5c:69:fc:be:05:1f:7f:92:
                    73:5d:61:1d:8e:42:2b:eb:0c:97:3c:88:aa:19:2c:
                    64:76:17:0b:29:64:0c:15:9d:62:67:66:09:30:ee:
                    25:c8:a3:73:96:1a:06:43:3e:d1:f0:38:7b:b7:23:
                    2a:63:ad:fe:95:aa:21:5d:05:2a:90:32:85:71:fc:
                    17:d8:f9:4b:29:79:a2:cd:da:21:c4:88:7f:0c:e3:
                    b4:04:32:5c:31:dc:6a:e1:e4:e9:ca:11:7f:18:9c:
                    3f:4a:2c:f8:e2:91:b3:21:e3:27:d1:53:fe:5f:e5:
                    5d:9e:95:69:a3:41:10:c3:89:23:99:e2:b2:63:42:
                    0b:95:f2:9f:a1:5c:ea:3c:f5:79:cd:31:fb:ac:28:
                    94:93:80:89:9b:1a:dc:33:7e:2b:7b:df:3f:db:1b:
                    36:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:16:BB:6B:D6:16:2E:78:8B:21:E3:4E:5C:A0:DA:DF:EE:43:6C:19
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0ccc412-f5c2-48c5-a53e-954616340636.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.246.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b1:57:56:f7:f8:ed:74:4a:9d:39:c2:18:25:9a:0e:c4:f5:fc:
         d6:66:92:33:46:c0:10:a7:98:88:68:ee:81:d7:5c:83:9f:51:
         ce:76:4b:cb:af:ca:82:4e:8e:da:ab:5a:23:09:6b:46:31:55:
         4b:6e:8c:3c:2d:3b:60:7d:f3:b0:7e:44:95:1f:1f:b3:46:87:
         26:d8:3a:01:ba:df:68:93:18:68:da:98:23:14:f6:49:c8:49:
         eb:dd:61:0b:43:6f:4c:42:01:cc:4f:2b:15:ef:77:4b:ef:88:
         e7:ec:bd:ff:ff:ba:94:c1:82:ff:16:b1:f9:14:01:ba:39:43:
         a3:99:d5:0e:7e:ea:0e:9f:84:60:bf:fb:b6:36:b6:c0:8c:d3:
         0b:17:cd:e1:80:38:15:d5:9c:ac:15:1e:9f:a3:f8:af:1f:ae:
         56:af:8a:86:3a:5b:cf:e4:16:60:3d:0a:83:f1:5e:6a:12:e3:
         5e:5a:40:73:1d:db:6f:5e:44:d3:7e:15:5d:af:8f:ed:85:e9:
         76:1b:4c:c1:21:4a:69:f3:d4:37:12:ec:e8:d0:cd:d3:43:21:
         c7:35:59:81:1a:1a:61:ac:fa:bc:9d:02:66:e3:d8:63:c2:8c:
         83:32:a6:68:6e:09:b1:eb:0d:7f:a0:65:9e:ad:1e:e2:0f:36:
         09:36:3c:9c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZNjtjVheht01MFQikc9r7JuWBV0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiY2I5OWQ0OTdkZTI0NTZkYzEyNTk5M2FjMDNiNmJlNmQy
NjdkNDkwOWIzMWZkYTdiMWQzNGVmYjhkNWQ4OWQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTkdCdx2UuZ9wURAPI4eCaa0PppGTkxuEgHYJiC/Fyqn9n
qWjo5cClLerWZnLOqn/pmL7v0Jh+EzUWHx+wjpPvNOA5zOl8ySux6wceEOp5mBG0
p1nw/3ZFdkadFUAdQxhcafy+BR9/knNdYR2OQivrDJc8iKoZLGR2FwspZAwVnWJn
Zgkw7iXIo3OWGgZDPtHwOHu3Iypjrf6VqiFdBSqQMoVx/BfY+UspeaLN2iHEiH8M
47QEMlwx3Grh5OnKEX8YnD9KLPjikbMh4yfRU/5f5V2elWmjQRDDiSOZ4rJjQguV
8p+hXOo89XnNMfusKJSTgImbGtwzfit73z/bGza/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUwxa7a9YWLniLIeNOXKDa3+5DbBkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MwY2NjNDEyLWY1YzItNDhjNS1hNTNlLTk1NDYxNjM0MDYzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA49jANBgkqhkiG9w0BAQsFAAOCAQEAsVdW9/jtdEqdOcIYJZoOxPX81maS
M0bAEKeYiGjugddcg59RznZLy6/Kgk6O2qtaIwlrRjFVS26MPC07YH3zsH5ElR8f
s0aHJtg6AbrfaJMYaNqYIxT2SchJ691hC0NvTEIBzE8rFe93S++I5+y9//+6lMGC
/xax+RQBujlDo5nVDn7qDp+EYL/7tja2wIzTCxfN4YA4FdWcrBUen6P4rx+uVq+K
hjpbz+QWYD0Kg/FeahLjXlpAcx3bb15E034VXa+P7YXpdhtMwSFKafPUNxLs6NDN
00MhxzVZgRoaYaz6vJ0CZuPYY8KMgzKmaG4JsesNf6Blnq0e4g82CTY8nA==
-----END CERTIFICATE-----