Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf9f9c1e-0e1b-4282-9df6-71ca543a6f1f.roa
File:                     cf9f9c1e-0e1b-4282-9df6-71ca543a6f1f.roa (raw, json)
Hash identifier:          KUo2uYe/M45lsYreeHIDLdkki6VRFX/a1LEfZa2A2AY=
Subject key identifier:   AC:49:6A:6D:CB:0F:16:78:5A:67:B3:51:6B:9F:74:DF:05:25:55:84
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09445E72CF4B60F17E21CF12B1EFE4B0F8E0AC99
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf9f9c1e-0e1b-4282-9df6-71ca543a6f1f.roa
Signing time:             Tue 04 Feb 2025 00:00:00 +0000
ROA not before:           Tue 04 Feb 2025 00:00:00 +0000
ROA not after:            Tue 11 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f38:8000::/39 maxlen: 39
Validation:               Failed, certificate revoked on Tue 04 Feb 2025 00:40:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:44:5e:72:cf:4b:60:f1:7e:21:cf:12:b1:ef:e4:b0:f8:e0:ac:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  4 00:00:00 2025 GMT
            Not After : Mar 11 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ca:8d:fb:29:24:d4:05:db:77:a8:ec:0e:46:
                    63:ec:24:a6:b9:9d:37:1e:6a:5e:96:40:a6:3e:5a:
                    41:9e:44:a7:7e:3b:31:8c:b8:95:1d:c0:18:9c:b0:
                    7c:1e:4e:c0:19:87:dd:f2:ed:d5:8d:1e:bd:c6:14:
                    6b:64:6e:1e:31:69:e8:14:bc:7c:ae:8d:ce:0a:d0:
                    75:af:a6:ec:27:13:be:05:84:61:26:32:bc:99:96:
                    ea:b4:8e:3b:12:9f:6d:40:0f:2f:76:39:ee:01:5e:
                    2f:c5:cf:4e:a2:98:81:05:cd:47:f1:a5:9a:cd:68:
                    b3:92:11:7e:83:dc:ae:c3:c9:90:90:b9:bb:66:fb:
                    b0:7d:05:d8:4f:f3:2c:67:e9:b3:f4:ba:51:bb:6b:
                    36:9e:0d:7c:be:9c:77:2e:80:a8:da:c5:c1:5a:50:
                    85:34:33:1f:36:40:2b:d1:11:b8:df:82:8c:2a:00:
                    de:c5:d5:d7:b6:b0:51:aa:bd:94:d2:6a:14:a0:4a:
                    55:fd:ff:ce:88:0a:39:73:d8:38:dc:08:4a:86:27:
                    65:20:52:3b:64:84:ec:ff:f4:65:e9:67:23:c0:79:
                    c8:3a:2f:5b:d1:1f:0f:0e:85:48:65:bf:16:16:c1:
                    fd:9f:31:d2:1d:09:32:18:49:8b:23:a6:f7:4e:3d:
                    7a:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:49:6A:6D:CB:0F:16:78:5A:67:B3:51:6B:9F:74:DF:05:25:55:84
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf9f9c1e-0e1b-4282-9df6-71ca543a6f1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         6d:c3:59:b6:e5:4a:05:55:6c:73:26:b9:26:f6:e3:b6:4d:0e:
         29:4a:14:8e:e1:99:cd:7f:18:72:4e:ad:e0:5d:94:25:43:f3:
         93:a6:45:90:9e:4f:10:77:c6:a7:63:69:61:28:b2:cc:fb:51:
         b3:07:c6:bb:f4:ed:5a:9d:a7:10:fd:e6:c3:e6:3f:fe:65:cd:
         fb:f3:7b:b2:8b:17:fd:ec:3d:e7:40:94:5d:8e:19:4b:09:51:
         e5:d5:20:ab:e4:53:7a:da:5b:98:c3:01:3a:df:27:99:a0:e6:
         7d:b7:0d:4c:a0:eb:a5:07:1d:5c:fb:11:bc:d9:6a:84:ec:b9:
         45:6b:d4:98:f9:aa:dc:b3:10:41:ff:43:ed:2f:62:aa:3b:cf:
         82:27:ff:fc:50:83:13:81:29:c4:2d:8e:57:ee:41:af:4a:57:
         bc:13:b8:b9:fc:9b:0c:63:a6:8c:4d:84:64:bf:63:fb:d5:a4:
         f2:0a:0e:5d:4e:39:a9:5f:bc:d0:4b:d0:07:ad:95:26:58:af:
         5a:3b:39:1e:3a:21:f7:2d:a9:04:df:ec:3d:07:07:63:e5:d3:
         87:d5:3c:f1:97:71:6a:46:89:68:d2:79:e5:ee:b3:b1:7a:97:
         01:2a:92:b8:61:31:e0:a8:d6:a1:e4:14:1f:38:91:23:1c:11:
         4d:cb:e6:bd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUCURecs9LYPF+Ic8Sse/ksPjgrJkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlN2UyMDljMDI3YmUzMGZiYjIzNTYwZTE1NjhiZWIyMWMx
NjI1ZWViYTlhYmVkZTRhNjFjMTQ4ZTc1NTg3NDlmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8yo37KSTUBdt3qOwORmPsJKa5nTceal6WQKY+WkGeRKd+
OzGMuJUdwBicsHweTsAZh93y7dWNHr3GFGtkbh4xaegUvHyujc4K0HWvpuwnE74F
hGEmMryZluq0jjsSn21ADy92Oe4BXi/Fz06imIEFzUfxpZrNaLOSEX6D3K7DyZCQ
ubtm+7B9BdhP8yxn6bP0ulG7azaeDXy+nHcugKjaxcFaUIU0Mx82QCvREbjfgowq
AN7F1de2sFGqvZTSahSgSlX9/86ICjlz2DjcCEqGJ2UgUjtkhOz/9GXpZyPAecg6
L1vRHw8OhUhlvxYWwf2fMdIdCTIYSYsjpvdOPXoJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUrElqbcsPFnhaZ7NRa5903wUlVYQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NmOWY5YzFlLTBlMWItNDI4Mi05ZGY2LTcxY2E1NDNhNmYxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB84gDANBgkqhkiG9w0BAQsFAAOCAQEAbcNZtuVKBVVscya5Jvbjtk0O
KUoUjuGZzX8Yck6t4F2UJUPzk6ZFkJ5PEHfGp2NpYSiyzPtRswfGu/TtWp2nEP3m
w+Y//mXN+/N7sosX/ew950CUXY4ZSwlR5dUgq+RTetpbmMMBOt8nmaDmfbcNTKDr
pQcdXPsRvNlqhOy5RWvUmPmq3LMQQf9D7S9iqjvPgif//FCDE4EpxC2OV+5Br0pX
vBO4ufybDGOmjE2EZL9j+9Wk8goOXU45qV+80EvQB62VJlivWjs5Hjoh9y2pBN/s
PQcHY+XTh9U88ZdxakaJaNJ55e6zsXqXASqSuGEx4KjWoeQUHziRIxwRTcvmvQ==
-----END CERTIFICATE-----