Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0fd601e6-fd05-40c3-987d-d04d1d36ebd1.roa
File:                     0fd601e6-fd05-40c3-987d-d04d1d36ebd1.roa (raw, json)
Hash identifier:          vJHkH4VciP2qEewZ6bXSjMS7sSeszUCTyEA+zisTFMg=
Subject key identifier:   D3:BE:1E:AC:A5:96:60:91:56:E0:1F:4F:38:48:69:6F:A8:67:56:6F
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       78B3739805353C45097342F643471CE85319AED3
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0fd601e6-fd05-40c3-987d-d04d1d36ebd1.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f00e:400::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:38:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:b3:73:98:05:35:3c:45:09:73:42:f6:43:47:1c:e8:53:19:ae:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=273c712db36f9c0198490b339378c3d09aabf9cd74b99037eefa5158e06654dc, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:1a:c8:d4:70:ff:63:55:fd:97:e3:e6:03:78:
                    91:19:20:10:53:e5:ca:22:39:cb:26:ec:9b:6d:78:
                    42:99:ba:e1:be:a3:f3:7b:e3:c7:f2:9c:eb:3d:3d:
                    6b:a5:ca:54:8a:96:ee:d0:2f:48:70:2f:32:00:45:
                    0f:fb:ba:10:55:65:0e:0f:cb:d9:8e:35:84:71:6b:
                    bb:ed:2e:48:19:fb:a8:14:ee:c2:c0:e4:0f:4d:a6:
                    28:65:75:6c:16:aa:d7:73:c8:07:93:ab:93:8b:41:
                    f4:e7:41:c7:45:5a:cc:fd:ba:04:e5:99:68:f6:7d:
                    bc:60:7c:ec:dc:ee:48:3d:11:54:c7:3c:9e:0d:77:
                    b6:89:38:36:42:02:ed:c7:f1:0f:85:9a:b2:d5:6b:
                    a2:19:fe:18:a5:a4:bf:0a:ea:db:88:ed:b4:43:1a:
                    8c:4c:5d:ab:08:c9:9e:fd:84:79:0a:d4:fe:9a:2f:
                    05:48:11:a3:f9:02:cb:38:05:6b:e7:71:77:da:c4:
                    fd:05:83:96:3c:2e:af:4a:6c:47:f3:d4:30:64:eb:
                    5e:11:0c:5c:8a:71:f3:be:8f:a6:56:6a:ec:de:54:
                    76:d1:df:ad:0b:af:39:ca:46:8b:55:bf:5b:d3:ce:
                    bb:fa:3b:6b:3f:c9:d2:57:b6:87:35:54:6f:e4:c2:
                    65:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:BE:1E:AC:A5:96:60:91:56:E0:1F:4F:38:48:69:6F:A8:67:56:6F
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0fd601e6-fd05-40c3-987d-d04d1d36ebd1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f00e:400::/40

    Signature Algorithm: sha256WithRSAEncryption
         9d:e4:c6:ae:df:8f:6d:5d:08:57:b0:9e:d8:58:13:9b:ac:59:
         5f:54:d1:77:ed:75:59:fe:eb:a3:92:ef:a4:f7:db:2c:bd:39:
         40:c9:d4:13:09:9b:0b:6e:99:c9:0b:dc:f7:b1:a7:18:36:56:
         c3:79:19:ce:51:95:17:ed:d9:30:fa:a1:d5:86:eb:7a:94:40:
         8e:cf:46:1a:e9:b7:f5:fb:67:91:b4:b7:52:ba:27:92:15:15:
         f3:cd:cc:84:7d:03:8f:4b:89:65:32:40:a6:79:9d:df:a7:98:
         7b:64:a1:a5:4f:96:22:81:8c:4f:89:ed:d8:c6:c9:ba:4a:af:
         05:d3:54:a5:6e:0e:db:94:fd:0a:3b:8a:06:4c:82:59:16:27:
         f3:da:3f:a7:09:c3:14:52:7c:12:b0:1a:72:cc:67:8b:54:b6:
         4b:4f:a7:11:f6:bd:3c:1d:78:d4:44:38:8d:a8:13:2a:b6:d5:
         c9:cc:75:17:9c:58:84:38:ea:75:3f:4b:83:3a:24:9b:a4:62:
         1e:41:e5:81:60:67:07:8f:b5:d8:73:1f:b7:36:6e:da:38:f8:
         64:b5:59:ce:0b:66:08:ef:99:15:13:06:bc:f4:8c:78:fa:1f:
         be:d6:dd:55:09:07:20:09:17:7e:cc:05:8e:dd:fe:a7:94:b4:
         ca:49:dd:50
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUeLNzmAU1PEUJc0L2Q0cc6FMZrtMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzNjNzEyZGIzNmY5YzAxOTg0OTBiMzM5Mzc4YzNkMDlh
YWJmOWNkNzRiOTkwMzdlZWZhNTE1OGUwNjY1NGRjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmGsjUcP9jVf2X4+YDeJEZIBBT5coiOcsm7JtteEKZuuG+
o/N748fynOs9PWulylSKlu7QL0hwLzIARQ/7uhBVZQ4Py9mONYRxa7vtLkgZ+6gU
7sLA5A9NpihldWwWqtdzyAeTq5OLQfTnQcdFWsz9ugTlmWj2fbxgfOzc7kg9EVTH
PJ4Nd7aJODZCAu3H8Q+FmrLVa6IZ/hilpL8K6tuI7bRDGoxMXasIyZ79hHkK1P6a
LwVIEaP5Ass4BWvncXfaxP0Fg5Y8Lq9KbEfz1DBk614RDFyKcfO+j6ZWauzeVHbR
360LrznKRotVv1vTzrv6O2s/ydJXtoc1VG/kwmUbAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU074erKWWYJFW4B9POEhpb6hnVm8wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzBmZDYwMWU2LWZkMDUtNDBjMy05ODdkLWQwNGQxZDM2ZWJkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPAOBDANBgkqhkiG9w0BAQsFAAOCAQEAneTGrt+PbV0IV7Ce2FgTm6xZ
X1TRd+11Wf7ro5LvpPfbLL05QMnUEwmbC26ZyQvc97GnGDZWw3kZzlGVF+3ZMPqh
1YbrepRAjs9GGum39ftnkbS3UronkhUV883MhH0Dj0uJZTJApnmd36eYe2ShpU+W
IoGMT4nt2MbJukqvBdNUpW4O25T9CjuKBkyCWRYn89o/pwnDFFJ8ErAacsxni1S2
S0+nEfa9PB141EQ4jagTKrbVycx1F5xYhDjqdT9Lgzokm6RiHkHlgWBnB4+12HMf
tzZu2jj4ZLVZzgtmCO+ZFRMGvPSMePofvtbdVQkHIAkXfswFjt3+p5S0ykndUA==
-----END CERTIFICATE-----
Generated at Tue Jan 7 02:45:22 2025 by rpki-client on console-ams.rpki-client.org