Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02447562-bdb2-4ece-a131-122a3348550c.roa
File:                     02447562-bdb2-4ece-a131-122a3348550c.roa (raw, json)
Hash identifier:          fN/pasG5MzeThl6PZA37DB8bMHuVF015SXWkQRqg2w8=
Subject key identifier:   75:DC:6A:87:D9:4F:B6:7F:9E:E2:E3:AB:B1:0A:8E:50:9B:4E:A9:01
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5827C400294395DFC60A8974688E5FFD8568E65A
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02447562-bdb2-4ece-a131-122a3348550c.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f3:ce00::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 17 Jan 2025 18:37:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:27:c4:00:29:43:95:df:c6:0a:89:74:68:8e:5f:fd:85:68:e6:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=965127f09b966c1ff1d2819ab9893b75369ecd7e2544b7440d462836430d07cf, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:05:a7:bc:d5:90:04:2a:28:9f:ad:05:0b:65:
                    1d:98:f0:af:24:bf:0e:06:17:29:3b:1b:b5:d8:5e:
                    b0:82:cc:b3:39:20:9b:64:e2:65:67:b5:89:e9:52:
                    63:5f:eb:04:bc:4b:9c:23:12:4a:49:87:44:87:3f:
                    43:a7:4f:cd:3a:32:f2:b7:35:f3:37:df:c5:04:ca:
                    d3:e2:67:7b:2e:b5:ec:fc:55:0a:b9:4a:7a:67:1e:
                    01:fd:44:bd:c7:c7:e7:c1:05:b7:3f:74:43:06:48:
                    e9:22:29:24:ff:c2:c8:ec:c0:5d:f2:3c:56:5a:2c:
                    7e:6e:0d:a2:d4:bf:cb:37:28:e9:c8:8f:5d:e2:bb:
                    05:8d:f3:c2:65:2e:36:bb:70:b1:7f:27:9c:a2:ae:
                    52:d8:79:7e:41:bd:b2:9d:42:77:8f:fa:cf:82:82:
                    9f:5c:82:1d:4d:5d:ed:18:14:ac:8b:68:04:85:93:
                    1a:22:79:33:1e:b6:74:a3:b2:70:26:5d:b0:bc:3d:
                    76:af:7a:3c:b2:df:0e:6c:0c:73:2c:6f:96:de:28:
                    1d:e5:31:62:c9:2f:cf:0f:09:ff:2b:b1:aa:f9:04:
                    17:44:8f:00:1d:c3:66:23:43:14:f1:c2:90:8b:15:
                    af:3c:cf:2a:b8:93:9b:c8:ea:4c:f8:ac:a6:73:c9:
                    8d:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:DC:6A:87:D9:4F:B6:7F:9E:E2:E3:AB:B1:0A:8E:50:9B:4E:A9:01
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02447562-bdb2-4ece-a131-122a3348550c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f3:ce00::/48

    Signature Algorithm: sha256WithRSAEncryption
         9b:e8:0b:0f:60:a7:83:6f:a4:74:8f:40:3e:3d:63:0f:ed:d4:
         c5:a3:7c:da:f6:25:94:2a:e8:0e:69:d6:76:da:39:05:83:06:
         54:35:06:ff:73:0a:fc:01:b2:2e:fc:5a:cc:eb:b3:db:7e:ca:
         b3:38:43:0b:c6:3b:cb:1a:74:0f:69:fe:46:89:ac:c4:e3:38:
         18:a2:ce:26:3b:6d:fc:48:99:6d:7e:0f:ab:37:3b:8b:62:62:
         5b:68:1c:8f:08:db:c2:dc:ce:26:fa:bb:c7:8f:4a:11:c8:7f:
         7e:54:df:aa:73:e4:67:7c:55:80:91:fb:86:42:be:e1:49:d9:
         8b:47:82:b9:e8:50:fa:6a:a5:45:01:b7:54:6b:f6:e4:e0:f1:
         12:ac:c4:f1:b1:c2:e2:80:94:67:cc:86:49:f1:d8:ec:c4:f4:
         18:ae:95:c7:51:74:41:cf:ea:2d:53:8a:a7:8b:32:af:71:72:
         f6:0a:0b:59:fd:ba:ea:a2:d1:54:63:4b:ce:0c:46:ea:99:42:
         29:17:05:05:57:b6:9b:bf:1f:63:ab:64:29:b0:fe:8c:59:7f:
         6d:23:f7:8f:ae:ae:59:47:6f:cd:4d:ca:6a:77:24:13:6e:27:
         76:da:3c:bb:cc:d6:4d:8b:24:17:51:1f:86:a7:80:75:86:45:
         04:73:b0:8d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWCfEAClDld/GCol0aI5f/YVo5lowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NjUxMjdmMDliOTY2YzFmZjFkMjgxOWFiOTg5M2I3NTM2
OWVjZDdlMjU0NGI3NDQwZDQ2MjgzNjQzMGQwN2NmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpBae81ZAEKiifrQULZR2Y8K8kvw4GFyk7G7XYXrCCzLM5
IJtk4mVntYnpUmNf6wS8S5wjEkpJh0SHP0OnT806MvK3NfM338UEytPiZ3sutez8
VQq5SnpnHgH9RL3Hx+fBBbc/dEMGSOkiKST/wsjswF3yPFZaLH5uDaLUv8s3KOnI
j13iuwWN88JlLja7cLF/J5yirlLYeX5BvbKdQneP+s+Cgp9cgh1NXe0YFKyLaASF
kxoieTMetnSjsnAmXbC8PXavejyy3w5sDHMsb5beKB3lMWLJL88PCf8rsar5BBdE
jwAdw2YjQxTxwpCLFa88zyq4k5vI6kz4rKZzyY3JAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUddxqh9lPtn+e4uOrsQqOUJtOqQEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzAyNDQ3NTYyLWJkYjItNGVjZS1hMTMxLTEyMmEzMzQ4NTUwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDzzgAwDQYJKoZIhvcNAQELBQADggEBAJvoCw9gp4NvpHSPQD49Yw/t
1MWjfNr2JZQq6A5p1nbaOQWDBlQ1Bv9zCvwBsi78Wszrs9t+yrM4QwvGO8sadA9p
/kaJrMTjOBiiziY7bfxImW1+D6s3O4tiYltoHI8I28Lczib6u8ePShHIf35U36pz
5Gd8VYCR+4ZCvuFJ2YtHgrnoUPpqpUUBt1Rr9uTg8RKsxPGxwuKAlGfMhknx2OzE
9BiulcdRdEHP6i1TiqeLMq9xcvYKC1n9uuqi0VRjS84MRuqZQikXBQVXtpu/H2Or
ZCmw/oxZf20j94+urllHb81Nymp3JBNuJ3baPLvM1k2LJBdRH4angHWGRQRzsI0=
-----END CERTIFICATE-----
Generated at Fri Jan 17 21:35:14 2025 by rpki-client on console-fra.rpki-client.org