Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7014528-b1b3-4dab-9df1-adfd3b6f0a61.roa
File:                     c7014528-b1b3-4dab-9df1-adfd3b6f0a61.roa (raw, json)
Hash identifier:          busa6rhEdYJrFkunStLyXPL8oV3yv/+RS3W9S6v7oSI=
Subject key identifier:   F0:39:8C:A2:E8:C0:30:AB:51:BC:A6:E6:A0:2A:20:15:63:3F:D9:7E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       22FF09D2CAE9ADF95C0EDCFF057D281AC18F67FF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7014528-b1b3-4dab-9df1-adfd3b6f0a61.roa
Signing time:             Tue 04 Feb 2025 00:00:00 +0000
ROA not before:           Tue 04 Feb 2025 00:00:00 +0000
ROA not after:            Tue 11 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fff:8000::/39 maxlen: 39
Validation:               Failed, certificate revoked on Tue 04 Feb 2025 00:51:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:ff:09:d2:ca:e9:ad:f9:5c:0e:dc:ff:05:7d:28:1a:c1:8f:67:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  4 00:00:00 2025 GMT
            Not After : Mar 11 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:3b:99:e0:31:58:01:6b:c0:51:28:75:b9:85:
                    98:cd:3a:3b:70:2e:1a:aa:59:7b:b4:f7:5a:4a:75:
                    ca:78:82:ac:8d:c9:90:f6:2e:57:2d:9d:ed:31:a5:
                    5c:ec:f2:1c:13:62:ee:18:de:bd:36:d6:64:b2:ad:
                    65:ce:c0:e1:7b:70:6e:e2:07:3a:1c:9d:1c:14:97:
                    2c:ad:c5:ef:5f:b0:bd:3b:bb:9f:95:6f:ef:78:39:
                    82:10:0c:e7:87:72:46:88:dd:2b:91:81:d5:20:dd:
                    cb:ed:93:3a:66:d3:e9:72:36:64:42:db:91:e9:f0:
                    31:1c:99:0d:38:ea:28:09:f1:fc:b8:f2:6b:c1:53:
                    43:a8:2f:4c:4d:ea:33:8e:f1:88:69:1e:a1:f6:97:
                    5c:33:24:e1:61:61:df:35:9a:ff:6d:2b:c5:70:f1:
                    50:b7:b8:63:76:56:06:f5:bc:a6:89:98:a1:dd:d7:
                    7f:9c:bb:93:f9:cb:ca:9f:5f:6d:87:55:ab:c6:3e:
                    0e:46:01:2c:e5:00:b5:cd:8f:59:df:5a:34:d9:90:
                    4d:c8:d5:c5:c7:2b:aa:e7:fd:88:de:88:e2:04:7f:
                    50:9c:78:5a:36:2a:a7:be:d7:55:2e:e2:17:77:42:
                    bb:35:47:3e:9f:0f:8a:4c:96:1c:51:6f:34:1e:ae:
                    36:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:39:8C:A2:E8:C0:30:AB:51:BC:A6:E6:A0:2A:20:15:63:3F:D9:7E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7014528-b1b3-4dab-9df1-adfd3b6f0a61.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         3b:05:0d:94:5b:c7:0f:b7:f6:8a:22:93:ed:c3:89:49:04:dc:
         68:b5:fb:e4:1b:3e:bb:58:3c:78:bf:4a:1b:8f:1c:71:89:fe:
         18:1a:82:82:3e:e6:3a:8d:c6:98:10:33:c7:31:93:95:33:ec:
         b9:5b:e8:13:21:6c:9b:ca:23:fb:88:15:88:72:d4:24:9a:a6:
         0b:00:ae:51:ed:36:95:2e:92:e0:2a:03:b2:23:ca:e8:6f:ec:
         c2:15:0c:16:3e:fe:52:54:a6:ee:0b:0e:8f:a3:a0:ba:58:2a:
         d5:27:4b:80:ff:da:ef:5b:61:55:39:46:8c:17:61:bc:a9:23:
         a8:28:d3:b6:b6:8a:d6:0f:34:e4:a9:bd:bd:d9:99:ed:60:af:
         d5:86:12:0a:07:c5:49:ed:00:30:8c:c6:b4:be:3d:3b:2b:30:
         85:53:fd:4e:2b:34:09:88:b8:b0:8c:3f:62:ec:af:2f:43:15:
         ff:cb:6d:f5:5a:ee:f0:7d:6b:2c:5b:8a:e7:94:31:6c:b5:bf:
         b2:b3:7d:fd:ef:8d:01:58:b0:e6:1b:ab:9f:d4:a3:d9:eb:b5:
         d5:b0:e3:9a:73:7c:3b:59:68:f4:08:9b:03:b6:a1:cd:99:ea:
         e1:62:8e:4b:0a:25:02:bc:5e:e1:25:77:9e:55:59:70:d8:14:
         3e:a1:b2:3c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUIv8J0srprflcDtz/BX0oGsGPZ/8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NWQ2ZTY2ZTdmZTNjYjhjYTFhMDg3OTBmMDIwYTM0YTYx
NDVjNDNiMjRmZjU0M2JiNTE2YWM2ODFlOGRiOTY1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiO5ngMVgBa8BRKHW5hZjNOjtwLhqqWXu091pKdcp4gqyN
yZD2Llctne0xpVzs8hwTYu4Y3r021mSyrWXOwOF7cG7iBzocnRwUlyytxe9fsL07
u5+Vb+94OYIQDOeHckaI3SuRgdUg3cvtkzpm0+lyNmRC25Hp8DEcmQ046igJ8fy4
8mvBU0OoL0xN6jOO8YhpHqH2l1wzJOFhYd81mv9tK8Vw8VC3uGN2Vgb1vKaJmKHd
13+cu5P5y8qfX22HVavGPg5GASzlALXNj1nfWjTZkE3I1cXHK6rn/YjeiOIEf1Cc
eFo2Kqe+11Uu4hd3Qrs1Rz6fD4pMlhxRbzQerja7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU8DmMoujAMKtRvKbmoCogFWM/2X4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3MDE0NTI4LWIxYjMtNGRhYi05ZGYxLWFkZmQzYjZmMGE2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB//gDANBgkqhkiG9w0BAQsFAAOCAQEAOwUNlFvHD7f2iiKT7cOJSQTc
aLX75Bs+u1g8eL9KG48ccYn+GBqCgj7mOo3GmBAzxzGTlTPsuVvoEyFsm8oj+4gV
iHLUJJqmCwCuUe02lS6S4CoDsiPK6G/swhUMFj7+UlSm7gsOj6Ogulgq1SdLgP/a
71thVTlGjBdhvKkjqCjTtraK1g805Km9vdmZ7WCv1YYSCgfFSe0AMIzGtL49Oysw
hVP9Tis0CYi4sIw/YuyvL0MV/8tt9Vru8H1rLFuK55QxbLW/srN9/e+NAViw5hur
n9Sj2eu11bDjmnN8O1lo9AibA7ahzZnq4WKOSwolArxe4SV3nlVZcNgUPqGyPA==
-----END CERTIFICATE-----