Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1cdc500-54c5-447c-974f-78ae9d1df2ff.roa
File:                     e1cdc500-54c5-447c-974f-78ae9d1df2ff.roa (raw, json)
Hash identifier:          CC0TvOsZCZDknwuZIUD5Xl2ZhnzLlN4+txN/ti/c2NA=
Subject key identifier:   C1:C4:ED:89:9E:0A:53:EB:47:DA:39:73:79:AE:4D:C7:6B:EF:15:6C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       34C6DA7E27E1E9298B3BAB26DCE5498C59B0A39F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1cdc500-54c5-447c-974f-78ae9d1df2ff.roa
Signing time:             Tue 04 Feb 2025 00:00:00 +0000
ROA not before:           Tue 04 Feb 2025 00:00:00 +0000
ROA not after:            Tue 11 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1ff7:8000::/39 maxlen: 39
Validation:               Failed, certificate revoked on Tue 04 Feb 2025 18:50:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:c6:da:7e:27:e1:e9:29:8b:3b:ab:26:dc:e5:49:8c:59:b0:a3:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  4 00:00:00 2025 GMT
            Not After : Mar 11 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:5e:c8:6d:64:b0:2f:34:d6:15:73:90:4d:35:
                    a6:4b:1e:60:d7:70:19:83:f5:02:19:24:74:42:df:
                    21:99:c1:61:88:6e:f6:af:b3:77:76:a7:9f:ac:42:
                    52:75:f5:2a:ad:fe:f2:c9:b4:38:e1:f2:2c:d1:86:
                    e6:89:48:c3:0c:b3:e9:9d:3f:e2:5e:5a:d5:2e:aa:
                    53:65:d2:a2:39:3e:f4:f1:52:bf:77:54:6a:ab:e0:
                    85:12:d6:1a:1e:6c:63:70:34:f8:7c:60:19:a9:af:
                    e1:32:64:99:f8:66:5f:37:ec:2a:ff:d9:f9:0c:9f:
                    39:4b:e0:7a:77:42:e7:b6:92:42:6b:eb:56:4b:75:
                    2e:a0:90:ca:f0:e2:77:df:6c:64:13:f4:a8:80:83:
                    e6:7b:2b:fd:37:c7:1a:6b:ef:11:cf:58:a4:59:82:
                    8a:2e:23:9f:39:a1:70:ff:69:5b:70:9e:32:91:18:
                    96:b5:f5:be:72:ad:d7:bb:47:94:5b:26:68:e8:b7:
                    77:93:2e:7b:6e:2e:33:bd:d9:37:65:09:63:4b:c0:
                    43:89:47:86:33:b4:37:6f:5b:00:a1:fa:9d:c2:c3:
                    08:fe:a5:73:2a:fd:24:ed:af:30:ef:04:1a:a2:83:
                    14:f8:39:8c:64:08:e6:c8:a4:ad:7a:c6:ad:11:d9:
                    43:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:C4:ED:89:9E:0A:53:EB:47:DA:39:73:79:AE:4D:C7:6B:EF:15:6C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1cdc500-54c5-447c-974f-78ae9d1df2ff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff7:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         2c:23:31:ec:f8:5c:58:2f:19:af:55:bd:d4:53:d5:e9:3b:e9:
         63:a0:a7:e9:5b:a9:5b:c6:1b:53:95:80:f2:c9:35:5d:b3:1f:
         73:ea:c7:54:d3:66:ae:ba:7d:95:8a:c4:f5:e2:b6:33:e7:7f:
         17:a1:1e:1a:69:45:e0:21:03:18:27:14:08:10:d1:98:62:7f:
         8d:5f:a0:b2:4b:70:e3:2c:94:24:bf:a8:f9:da:96:c9:79:80:
         73:2a:ce:cd:45:cc:63:cd:38:6d:ff:a2:d1:b7:b4:d3:60:6c:
         f5:26:a1:20:cc:d7:87:00:1a:d0:82:bf:e1:74:b4:40:77:dd:
         37:6c:82:6b:ea:a3:5a:83:fe:ca:45:0b:a7:90:c7:70:c0:9f:
         03:ea:97:52:cb:27:82:22:78:f4:55:20:be:2f:ba:9a:bb:4e:
         0b:3b:5f:19:e9:15:cf:f7:5d:1e:58:5c:5d:14:0e:80:55:3c:
         a9:0e:c2:2b:d7:c3:a5:11:d7:72:a5:da:d2:f8:f9:15:df:dd:
         f1:9e:52:0c:2a:d6:87:5e:5b:85:ac:b9:83:64:b4:2c:1d:00:
         42:3d:bb:2d:db:22:f1:7d:43:04:4c:a1:32:71:5e:21:82:da:
         0d:ae:c9:a3:8d:07:5a:24:eb:c1:6a:54:b8:f7:99:45:43:b2:
         62:15:56:51
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUNMbafifh6SmLO6sm3OVJjFmwo58wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNzUxMTQ3MWVlOTM3ZmRjMjMzZmE5ZmI0ZTUyNWRiNTY1
YTRiYjE3ZWE0Yzk3M2RiNGJhZmUwMzk0NWZlM2I4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCXshtZLAvNNYVc5BNNaZLHmDXcBmD9QIZJHRC3yGZwWGI
bvavs3d2p5+sQlJ19Sqt/vLJtDjh8izRhuaJSMMMs+mdP+JeWtUuqlNl0qI5PvTx
Ur93VGqr4IUS1hoebGNwNPh8YBmpr+EyZJn4Zl837Cr/2fkMnzlL4Hp3Que2kkJr
61ZLdS6gkMrw4nffbGQT9KiAg+Z7K/03xxpr7xHPWKRZgoouI585oXD/aVtwnjKR
GJa19b5yrde7R5RbJmjot3eTLntuLjO92TdlCWNLwEOJR4YztDdvWwCh+p3Cwwj+
pXMq/STtrzDvBBqigxT4OYxkCObIpK16xq0R2UO5AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUwcTtiZ4KU+tH2jlzea5Nx2vvFWwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UxY2RjNTAwLTU0YzUtNDQ3Yy05NzRmLTc4YWU5ZDFkZjJmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB/3gDANBgkqhkiG9w0BAQsFAAOCAQEALCMx7PhcWC8Zr1W91FPV6Tvp
Y6Cn6VupW8YbU5WA8sk1XbMfc+rHVNNmrrp9lYrE9eK2M+d/F6EeGmlF4CEDGCcU
CBDRmGJ/jV+gsktw4yyUJL+o+dqWyXmAcyrOzUXMY804bf+i0be002Bs9SahIMzX
hwAa0IK/4XS0QHfdN2yCa+qjWoP+ykULp5DHcMCfA+qXUssngiJ49FUgvi+6mrtO
CztfGekVz/ddHlhcXRQOgFU8qQ7CK9fDpRHXcqXa0vj5Fd/d8Z5SDCrWh15bhay5
g2S0LB0AQj27Ldsi8X1DBEyhMnFeIYLaDa7Jo40HWiTrwWpUuPeZRUOyYhVWUQ==
-----END CERTIFICATE-----