Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/263c986d-6d69-4baa-a444-e3885ce515f3.roa
File:                     263c986d-6d69-4baa-a444-e3885ce515f3.roa (raw, json)
Hash identifier:          yCEb8k9vW+2oqCGNOOhOQ4r9HL6MsX78MkMPxh01Myw=
Subject key identifier:   0E:B7:11:52:B0:A0:70:6E:C7:18:91:D8:7F:64:73:7A:5B:80:69:C8
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4FFC0AFD5009A48BDB78EACD1472AC19F9398D0B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/263c986d-6d69-4baa-a444-e3885ce515f3.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5524::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:21:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:fc:0a:fd:50:09:a4:8b:db:78:ea:cd:14:72:ac:19:f9:39:8d:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=918f0777998a855ce511babfbd9e25a0eb1868d308c42d69d147bd7948d93841, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:14:68:6e:f3:9a:4f:b8:8d:3c:93:89:54:74:
                    85:4d:fa:b2:19:93:3a:5b:2f:e8:a9:99:99:3e:09:
                    31:59:68:1a:a0:6d:34:f2:31:9d:b5:3e:41:39:1a:
                    91:08:4f:a8:4d:53:f2:a5:29:f9:d5:85:4f:88:8b:
                    92:8a:7c:d1:dd:ed:c6:4b:30:ae:a3:df:7c:ff:f2:
                    df:3f:a2:d5:52:73:fe:0c:51:82:28:4e:fb:76:05:
                    12:40:ff:f8:f1:b2:8a:92:7f:06:f2:86:9b:af:37:
                    a3:18:00:02:d1:6b:1d:f7:a9:37:20:08:5b:f7:79:
                    47:88:85:11:80:73:bd:21:2f:d1:05:22:42:53:8d:
                    3b:5e:40:90:9f:d7:da:ce:b7:0c:2a:f7:db:a1:d7:
                    7f:be:a9:9f:3e:6f:95:e6:df:07:dd:b8:a4:26:0e:
                    40:74:33:50:5a:7e:92:62:75:bc:44:a5:5a:d3:8c:
                    04:85:29:9e:64:3f:9e:58:ee:e1:00:9a:27:f2:bf:
                    67:06:81:ae:82:38:01:ba:f0:0d:17:27:b7:ed:09:
                    43:65:93:61:68:cd:a1:b7:15:a5:f0:c4:14:98:c0:
                    ba:7f:24:06:ba:e3:85:36:5b:a7:27:52:7e:2e:30:
                    ee:1b:4b:d8:35:d3:08:c2:9c:9c:91:33:1a:89:02:
                    54:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:B7:11:52:B0:A0:70:6E:C7:18:91:D8:7F:64:73:7A:5B:80:69:C8
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/263c986d-6d69-4baa-a444-e3885ce515f3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5524::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:99:44:ec:b3:c6:a3:9d:ec:a2:17:2d:79:56:1a:49:bc:5c:
         07:c4:cd:ef:c1:16:6a:bd:4b:1e:f7:f2:9c:8c:da:e6:72:00:
         41:21:c0:65:e6:d6:2d:7f:9f:2d:d0:7f:34:bb:25:bc:23:e1:
         a3:d3:b3:b6:2f:74:a7:f1:54:ad:4c:ed:c2:76:37:bd:1b:ab:
         94:50:cc:70:d1:d3:33:eb:6d:72:af:a5:2e:3f:71:2c:98:48:
         a3:9a:04:df:29:7c:ea:fa:7e:89:e2:e2:95:03:ff:48:8c:3a:
         c2:e2:2f:50:45:e7:9c:82:4a:80:7b:76:dc:90:60:c0:ed:1b:
         16:22:2d:71:af:53:2a:d8:cc:62:c2:38:26:e0:fb:27:89:f9:
         28:b8:b6:66:b1:59:91:e9:d3:69:91:93:5c:92:7c:cc:8d:0d:
         dd:34:8a:85:49:8c:4c:b4:8f:b6:40:89:e3:a8:12:f7:97:f4:
         e1:97:8d:00:8a:13:37:5c:36:54:3b:ae:dd:28:ed:17:f4:9c:
         08:62:a3:e9:06:d7:1e:e0:02:12:83:99:4b:66:6d:6f:c0:58:
         7e:50:26:ea:e8:85:7a:92:ea:5f:2f:9e:c5:62:96:9a:10:f0:
         b3:30:21:73:9b:ee:50:26:83:da:88:2d:df:38:c5:ff:9f:99:
         76:2c:86:57
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUT/wK/VAJpIvbeOrNFHKsGfk5jQswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MThmMDc3Nzk5OGE4NTVjZTUxMWJhYmZiZDllMjVhMGVi
MTg2OGQzMDhjNDJkNjlkMTQ3YmQ3OTQ4ZDkzODQxMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKFGhu85pPuI08k4lUdIVN+rIZkzpbL+ipmZk+CTFZaBqg
bTTyMZ21PkE5GpEIT6hNU/KlKfnVhU+Ii5KKfNHd7cZLMK6j33z/8t8/otVSc/4M
UYIoTvt2BRJA//jxsoqSfwbyhpuvN6MYAALRax33qTcgCFv3eUeIhRGAc70hL9EF
IkJTjTteQJCf19rOtwwq99uh13++qZ8+b5Xm3wfduKQmDkB0M1BafpJidbxEpVrT
jASFKZ5kP55Y7uEAmifyv2cGga6COAG68A0XJ7ftCUNlk2FozaG3FaXwxBSYwLp/
JAa644U2W6cnUn4uMO4bS9g10wjCnJyRMxqJAlShAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUDrcRUrCgcG7HGJHYf2RzeluAacgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzI2M2M5ODZkLTZkNjktNGJhYS1hNDQ0LWUzODg1Y2U1MTVmMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVSQwDQYJKoZIhvcNAQELBQADggEBAI6ZROyzxqOd7KIXLXlWGkm8
XAfEze/BFmq9Sx738pyM2uZyAEEhwGXm1i1/ny3QfzS7Jbwj4aPTs7YvdKfxVK1M
7cJ2N70bq5RQzHDR0zPrbXKvpS4/cSyYSKOaBN8pfOr6foni4pUD/0iMOsLiL1BF
55yCSoB7dtyQYMDtGxYiLXGvUyrYzGLCOCbg+yeJ+Si4tmaxWZHp02mRk1ySfMyN
Dd00ioVJjEy0j7ZAieOoEveX9OGXjQCKEzdcNlQ7rt0o7Rf0nAhio+kG1x7gAhKD
mUtmbW/AWH5QJurohXqS6l8vnsVilpoQ8LMwIXOb7lAmg9qILd84xf+fmXYshlc=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org