Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed29eef1-ac6c-4ff4-ac0a-25bb9cb1d511.roa
File:                     ed29eef1-ac6c-4ff4-ac0a-25bb9cb1d511.roa (raw, json)
Hash identifier:          88+RJcbeSB5vQ5HHmtwdSleztvUKZ9fcrVG4uVbzq9g=
Subject key identifier:   80:36:9B:A3:39:A5:FC:5E:AF:1A:A9:8C:D1:CD:20:D9:01:5E:C0:D9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2640325DE22B743A90AAE592CC46550158723250
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed29eef1-ac6c-4ff4-ac0a-25bb9cb1d511.roa
Signing time:             Tue 08 Oct 2024 00:00:00 +0000
ROA not before:           Tue 08 Oct 2024 00:00:00 +0000
ROA not after:            Tue 12 Nov 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        192.157.36.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Oct 2024 14:27:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:40:32:5d:e2:2b:74:3a:90:aa:e5:92:cc:46:55:01:58:72:32:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  8 00:00:00 2024 GMT
            Not After : Nov 12 23:59:59 2024 GMT
        Subject: serialNumber=5d2eb386907a6b246b532ae0d24a172c7e1a5366e6f15e628d3a917c228b7c08, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:0f:f1:a8:82:67:aa:85:62:db:72:d9:0c:af:
                    6f:98:b8:59:fd:2e:d4:d9:f5:57:2d:b6:28:bd:73:
                    41:1c:ad:5b:79:b2:a4:d4:94:1f:17:9b:ac:60:7d:
                    4d:dc:cf:af:72:1b:1d:c6:9c:80:41:e4:be:b9:f4:
                    0c:c6:bf:39:0e:d4:ed:73:30:b9:97:c3:4d:4b:11:
                    78:05:ae:3f:6e:b9:7c:a3:b1:0b:a8:94:49:44:dd:
                    92:d7:ba:13:1e:55:7d:d5:1e:1c:41:bf:3e:25:9f:
                    5f:10:bd:70:d5:d3:cd:18:e3:fa:65:10:a3:64:44:
                    44:9c:45:43:f4:a5:5d:38:13:77:8a:bf:52:a7:99:
                    75:08:4d:48:c0:ed:39:e2:96:f3:02:07:08:d3:92:
                    24:e9:12:34:c1:9a:5c:4c:4e:f3:89:d9:58:6e:cb:
                    d3:ba:b0:d0:21:3a:bf:c3:33:e1:01:e3:26:d6:b1:
                    10:1f:2a:df:7a:4b:31:03:56:ca:f3:26:98:66:48:
                    72:ae:7d:57:b4:61:88:12:41:f6:b8:7d:f9:c9:fa:
                    28:1b:ec:a2:bb:6d:b2:5e:98:08:b9:63:82:07:27:
                    1b:1a:85:65:01:8d:89:be:4e:22:2d:0e:6c:9c:ea:
                    34:d1:67:79:be:63:9c:d0:4a:fd:9c:9e:c8:78:b8:
                    e3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:36:9B:A3:39:A5:FC:5E:AF:1A:A9:8C:D1:CD:20:D9:01:5E:C0:D9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed29eef1-ac6c-4ff4-ac0a-25bb9cb1d511.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.157.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:5a:e6:9b:7b:71:ed:63:d5:2e:37:1c:ed:ec:c4:66:97:ed:
         96:ab:ff:3e:28:e8:30:de:22:28:66:11:3e:eb:fe:63:30:6a:
         e2:bb:55:aa:2c:0a:3f:7f:25:a6:3b:56:dc:c0:10:53:b6:b2:
         61:fd:22:4a:4c:85:82:05:34:e8:14:e0:0e:e7:cf:86:3d:08:
         40:45:0f:46:00:ad:43:18:bb:f2:19:7a:34:d9:5c:53:b6:6a:
         58:31:02:eb:73:29:ac:8d:b8:04:d7:e3:e3:02:e5:37:8b:4b:
         cf:73:25:04:b9:76:b3:15:91:19:dd:46:fb:89:3d:97:e0:49:
         3b:67:62:1b:a0:22:00:80:0f:5e:f2:b0:f9:08:10:2e:f7:88:
         3e:8c:dd:bf:2b:a0:a3:d2:c0:a9:4e:70:b1:53:8a:d4:5a:0c:
         00:7b:a4:e2:10:dd:5a:44:71:d4:94:ea:64:1c:77:37:37:21:
         94:c8:82:55:c0:c8:3b:06:ae:95:8e:43:39:0c:5f:7c:cb:55:
         63:de:95:cd:fe:eb:51:5e:61:9b:d4:0a:f3:81:04:0c:ec:09:
         bf:73:71:1e:10:e8:1a:ec:52:db:a0:92:04:8b:cc:a0:02:9d:
         0f:11:4c:7c:e8:44:cf:5c:31:72:3f:d7:4a:f1:bc:99:dd:37:
         ae:cd:7a:41
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJkAyXeIrdDqQquWSzEZVAVhyMlAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDA4MDAwMDAwWhcNMjQxMTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZDJlYjM4NjkwN2E2YjI0NmI1MzJhZTBkMjRhMTcyYzdl
MWE1MzY2ZTZmMTVlNjI4ZDNhOTE3YzIyOGI3YzA4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDvD/GogmeqhWLbctkMr2+YuFn9LtTZ9Vcttii9c0EcrVt5
sqTUlB8Xm6xgfU3cz69yGx3GnIBB5L659AzGvzkO1O1zMLmXw01LEXgFrj9uuXyj
sQuolElE3ZLXuhMeVX3VHhxBvz4ln18QvXDV080Y4/plEKNkREScRUP0pV04E3eK
v1KnmXUITUjA7TnilvMCBwjTkiTpEjTBmlxMTvOJ2Vhuy9O6sNAhOr/DM+EB4ybW
sRAfKt96SzEDVsrzJphmSHKufVe0YYgSQfa4ffnJ+igb7KK7bbJemAi5Y4IHJxsa
hWUBjYm+TiItDmyc6jTRZ3m+Y5zQSv2cnsh4uOMFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgDabozml/F6vGqmM0c0g2QFewNkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkMjllZWYxLWFjNmMtNGZmNC1hYzBhLTI1YmI5Y2IxZDUxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHAnSQwDQYJKoZIhvcNAQELBQADggEBADta5pt7ce1j1S43HO3sxGaX7Zar
/z4o6DDeIihmET7r/mMwauK7VaosCj9/JaY7VtzAEFO2smH9IkpMhYIFNOgU4A7n
z4Y9CEBFD0YArUMYu/IZejTZXFO2algxAutzKayNuATX4+MC5TeLS89zJQS5drMV
kRndRvuJPZfgSTtnYhugIgCAD17ysPkIEC73iD6M3b8roKPSwKlOcLFTitRaDAB7
pOIQ3VpEcdSU6mQcdzc3IZTIglXAyDsGrpWOQzkMX3zLVWPelc3+61FeYZvUCvOB
BAzsCb9zcR4Q6BrsUtugkgSLzKACnQ8RTHzoRM9cMXI/10rxvJndN67NekE=
-----END CERTIFICATE-----