Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0c30795-f169-4c8b-92e5-239a523f5289.roa
File:                     d0c30795-f169-4c8b-92e5-239a523f5289.roa (raw, json)
Hash identifier:          MhDA0C9uLI4geC/ZwLjF+vLU7LB0WFHmIVfLAfzRtAo=
Subject key identifier:   E1:04:FE:46:EE:15:23:E9:0B:E1:CA:C9:23:CD:3D:77:2C:94:F3:10
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       21F4929023D37129443334045BCEA398D727EECC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0c30795-f169-4c8b-92e5-239a523f5289.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        76.223.0.0/17 maxlen: 24
Validation:               Failed, certificate revoked on Thu 16 Jan 2025 02:56:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:f4:92:90:23:d3:71:29:44:33:34:04:5b:ce:a3:98:d7:27:ee:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ac:31:42:27:6a:83:ef:87:16:fa:1e:35:65:
                    10:94:3d:1d:2f:1a:d5:ac:b8:13:4d:7e:b9:43:3a:
                    9e:ce:12:58:fa:b2:81:ab:7a:b2:b8:2f:ec:f3:00:
                    0a:92:28:70:76:9f:bd:e6:fd:52:1e:4a:23:2f:44:
                    a7:a3:8d:2f:ee:3f:4e:f3:6b:d9:9f:ca:12:a7:3c:
                    ea:36:3f:11:5f:7a:69:94:ed:81:8e:f1:5b:98:5e:
                    6e:bd:b8:59:d9:ec:1d:3e:25:c8:5b:e8:6c:ea:5f:
                    7d:82:59:f5:8b:57:45:40:97:eb:bd:99:97:92:6a:
                    a8:ac:e4:7b:f5:ef:f5:74:03:3e:1e:5c:44:93:d2:
                    6d:5f:09:5f:cf:ad:aa:b1:a3:b1:f4:f3:7b:fa:22:
                    13:8c:4f:ec:2f:cd:a7:f1:cf:fe:04:a3:93:f0:99:
                    95:5c:09:c4:b3:38:a9:18:e5:9e:6b:db:07:cf:f2:
                    b6:b4:40:42:2c:71:c9:a0:98:1f:3c:aa:9c:57:ba:
                    4e:d9:91:df:31:a2:5e:ab:30:dc:a7:97:80:a9:31:
                    09:e4:73:03:c7:c8:ee:cb:97:02:76:85:97:3e:da:
                    66:46:d4:32:30:26:ba:ea:c1:bb:ea:6b:95:f0:67:
                    86:0c:75:c3:79:0e:29:0a:93:13:5b:c4:18:3b:48:
                    aa:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:04:FE:46:EE:15:23:E9:0B:E1:CA:C9:23:CD:3D:77:2C:94:F3:10
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0c30795-f169-4c8b-92e5-239a523f5289.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         ac:c1:17:06:93:ba:7b:fd:93:7e:02:c1:fe:4b:26:c7:02:ec:
         7c:22:ab:e4:00:15:e1:8f:25:36:3c:02:ac:49:5e:8d:e2:38:
         94:57:a9:2b:0e:e7:1c:f0:2b:d2:65:67:71:60:cd:f4:f9:84:
         02:c9:0c:f6:8b:e2:3c:0c:36:d6:bb:40:23:77:b6:cd:54:91:
         78:5e:69:4d:11:8e:c9:40:33:06:e7:8d:71:93:ce:4d:64:2d:
         4a:66:ab:dc:3f:22:91:7b:09:a0:3d:c8:d3:58:52:8c:a5:3c:
         4e:47:7f:d5:15:23:e8:f5:b0:80:08:d5:af:7e:58:53:b8:11:
         85:3a:8c:d9:11:21:73:ca:fc:b2:a9:1f:8c:ad:93:5c:31:d1:
         a6:43:d3:9c:85:53:17:ed:80:1f:d0:08:5b:62:b4:ae:fa:98:
         45:67:1c:56:a4:00:dd:7c:78:ad:7b:2a:79:84:41:c3:04:88:
         cc:a1:1d:77:0c:5f:46:23:a9:f5:79:b5:12:83:98:67:42:5e:
         bc:1a:fc:42:76:e0:67:82:ce:56:bd:77:4c:91:d3:42:10:21:
         7d:1c:39:e9:c8:7b:fc:a3:6d:df:59:4c:5d:22:09:5b:78:9d:
         3e:b7:ae:78:b3:e8:d1:7a:0f:60:fa:2f:00:5f:30:74:c2:31:
         9c:53:b1:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIfSSkCPTcSlEMzQEW86jmNcn7swwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYzA5ZWI2NTNlOTg1MGUyYWU1MzA0ZWUwZmUzNTY0N2Ez
NWYzMjk5ZTY3ZDcyMzZiNTkxYWRhODQ4YTBiNjAyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVrDFCJ2qD74cW+h41ZRCUPR0vGtWsuBNNfrlDOp7OElj6
soGrerK4L+zzAAqSKHB2n73m/VIeSiMvRKejjS/uP07za9mfyhKnPOo2PxFfemmU
7YGO8VuYXm69uFnZ7B0+Jchb6GzqX32CWfWLV0VAl+u9mZeSaqis5Hv17/V0Az4e
XEST0m1fCV/Praqxo7H083v6IhOMT+wvzafxz/4Eo5PwmZVcCcSzOKkY5Z5r2wfP
8ra0QEIsccmgmB88qpxXuk7Zkd8xol6rMNynl4CpMQnkcwPHyO7LlwJ2hZc+2mZG
1DIwJrrqwbvqa5XwZ4YMdcN5DikKkxNbxBg7SKqTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4QT+Ru4VI+kL4crJI809dyyU8xAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QwYzMwNzk1LWYxNjktNGM4Yi05MmU1LTIzOWE1MjNmNTI4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdM3wAwDQYJKoZIhvcNAQELBQADggEBAKzBFwaTunv9k34Cwf5LJscC7Hwi
q+QAFeGPJTY8AqxJXo3iOJRXqSsO5xzwK9JlZ3FgzfT5hALJDPaL4jwMNta7QCN3
ts1UkXheaU0RjslAMwbnjXGTzk1kLUpmq9w/IpF7CaA9yNNYUoylPE5Hf9UVI+j1
sIAI1a9+WFO4EYU6jNkRIXPK/LKpH4ytk1wx0aZD05yFUxftgB/QCFtitK76mEVn
HFakAN18eK17KnmEQcMEiMyhHXcMX0YjqfV5tRKDmGdCXrwa/EJ24GeCzla9d0yR
00IQIX0cOenIe/yjbd9ZTF0iCVt4nT63rniz6NF6D2D6LwBfMHTCMZxTsRM=
-----END CERTIFICATE-----