Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03e7e0ef-e55a-41d2-8c0e-b8d86e31dd0d.roa
File:                     03e7e0ef-e55a-41d2-8c0e-b8d86e31dd0d.roa (raw, json)
Hash identifier:          JVX5UIPUo6KFadN1ZBjfBXDmUSpkw8SD4GEfslVNTeQ=
Subject key identifier:   F0:27:66:CD:F6:47:1F:CF:3C:72:FA:95:B6:2D:0D:A7:76:27:2F:39
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       53D62BD40CDFF1B46E535DDE1970287DC30507C3
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03e7e0ef-e55a-41d2-8c0e-b8d86e31dd0d.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5522::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:21:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:d6:2b:d4:0c:df:f1:b4:6e:53:5d:de:19:70:28:7d:c3:05:07:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=cac6fde804d6465863b28320f0666ba632bb315cb46f3af6ec399f587aed9665, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fa:d7:df:7d:b9:20:21:07:88:2d:a8:bc:a8:
                    09:dd:84:b0:3d:ee:4c:c4:fd:fa:75:25:7b:d0:01:
                    f0:3b:23:f1:d6:ab:06:c7:9c:e4:21:06:81:8d:6a:
                    55:c4:73:d8:6a:46:f2:82:8f:90:7b:b7:09:51:94:
                    ee:fa:8f:23:1d:4b:38:8a:17:40:f2:18:eb:92:dd:
                    6c:9a:66:3f:2c:b6:7d:ca:c7:a9:d7:80:8e:b8:d2:
                    f1:eb:4f:c1:79:dd:87:53:e0:46:28:d4:3a:e2:8e:
                    6b:27:53:c3:fd:25:bd:de:93:3b:86:ec:23:00:e7:
                    53:2f:0b:be:19:79:60:66:b9:6f:0f:10:7a:24:02:
                    c7:a8:12:91:05:cd:66:ac:f6:5c:c7:b8:f1:5a:0d:
                    63:0b:f4:6d:20:ad:e0:59:cb:26:31:17:2f:29:80:
                    dd:a7:3e:ca:7e:7e:34:cb:60:51:13:5f:d6:a8:c6:
                    07:5e:62:03:71:23:2d:83:80:26:2a:6f:52:ca:7c:
                    22:63:e5:99:26:ec:ac:1f:ae:e7:62:ca:33:6d:27:
                    f0:35:38:0b:2d:57:2e:f7:28:8e:97:c3:15:83:3e:
                    63:8b:99:2a:f1:3a:0e:60:35:6e:63:6f:75:27:52:
                    b8:f8:4f:87:92:b2:22:d2:0b:26:6d:ae:ab:7b:a7:
                    6f:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:27:66:CD:F6:47:1F:CF:3C:72:FA:95:B6:2D:0D:A7:76:27:2F:39
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03e7e0ef-e55a-41d2-8c0e-b8d86e31dd0d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5522::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:ec:77:d7:24:df:c8:76:81:1e:dc:17:18:3d:38:b5:5b:49:
         9f:70:b1:31:83:c1:a9:b0:50:02:6e:0d:37:63:43:05:c5:c5:
         a6:80:1b:02:12:07:da:d3:90:3a:77:2d:7a:f1:51:ea:c8:5a:
         dd:db:72:ca:e5:30:d3:66:03:15:93:8f:e2:5d:e6:06:29:05:
         2f:75:89:f1:2c:89:d3:f1:cb:9c:a6:7e:16:f8:ae:c8:0a:6a:
         83:bf:df:3d:e3:b0:3a:26:80:22:4c:d8:8a:5d:ed:37:02:d8:
         b0:15:92:ba:1a:c7:f2:f4:78:29:00:79:78:7c:ff:ee:be:a3:
         26:7e:cf:9f:27:cc:28:87:f4:37:a9:3f:44:37:bc:6f:37:df:
         3b:c8:b4:f4:71:44:ee:e0:1e:cb:f3:29:7f:40:ae:8f:e1:6a:
         f5:99:a7:a2:3e:eb:ca:9e:b9:d7:32:24:6a:dc:95:c0:99:9b:
         f4:e3:69:f4:f6:95:c8:64:97:04:fc:34:f6:dc:8a:90:77:9f:
         da:3d:8b:4a:89:e4:b4:64:8a:11:24:9c:5f:75:54:ec:48:ff:
         55:df:f5:7c:b4:a6:29:13:22:53:c1:cd:ee:ed:56:8d:89:59:
         ff:dc:c8:95:ba:0d:6f:01:2e:79:e0:49:a1:37:af:55:f2:97:
         dd:99:a6:43
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUU9Yr1Azf8bRuU13eGXAofcMFB8MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYWM2ZmRlODA0ZDY0NjU4NjNiMjgzMjBmMDY2NmJhNjMy
YmIzMTVjYjQ2ZjNhZjZlYzM5OWY1ODdhZWQ5NjY1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy+tfffbkgIQeILai8qAndhLA97kzE/fp1JXvQAfA7I/HW
qwbHnOQhBoGNalXEc9hqRvKCj5B7twlRlO76jyMdSziKF0DyGOuS3WyaZj8stn3K
x6nXgI640vHrT8F53YdT4EYo1DrijmsnU8P9Jb3ekzuG7CMA51MvC74ZeWBmuW8P
EHokAseoEpEFzWas9lzHuPFaDWML9G0greBZyyYxFy8pgN2nPsp+fjTLYFETX9ao
xgdeYgNxIy2DgCYqb1LKfCJj5Zkm7KwfrudiyjNtJ/A1OAstVy73KI6XwxWDPmOL
mSrxOg5gNW5jb3UnUrj4T4eSsiLSCyZtrqt7p2+HAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU8CdmzfZHH888cvqVti0Np3YnLzkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzAzZTdlMGVmLWU1NWEtNDFkMi04YzBlLWI4ZDg2ZTMxZGQwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVSIwDQYJKoZIhvcNAQELBQADggEBAHLsd9ck38h2gR7cFxg9OLVb
SZ9wsTGDwamwUAJuDTdjQwXFxaaAGwISB9rTkDp3LXrxUerIWt3bcsrlMNNmAxWT
j+Jd5gYpBS91ifEsidPxy5ymfhb4rsgKaoO/3z3jsDomgCJM2Ipd7TcC2LAVkroa
x/L0eCkAeXh8/+6+oyZ+z58nzCiH9DepP0Q3vG833zvItPRxRO7gHsvzKX9Aro/h
avWZp6I+68qeudcyJGrclcCZm/TjafT2lchklwT8NPbcipB3n9o9i0qJ5LRkihEk
nF91VOxI/1Xf9Xy0pikTIlPBze7tVo2JWf/cyJW6DW8BLnngSaE3r1Xyl92ZpkM=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org