Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/32177b6f-d52e-46a1-9ccf-762a43e8f18d.roa
File:                     32177b6f-d52e-46a1-9ccf-762a43e8f18d.roa (raw, json)
Hash identifier:          kF5hVZzbEnQspdVuVyL3nJ6KQ71LMeUZJrRa/ZcCGUk=
Subject key identifier:   15:AA:A4:CB:61:AC:7A:26:3F:6D:64:89:39:D5:7C:DD:86:02:15:86
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1326CFE7655E4244AE9CB2358A1D3CD4BCCA0507
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/32177b6f-d52e-46a1-9ccf-762a43e8f18d.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5536::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:22:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:26:cf:e7:65:5e:42:44:ae:9c:b2:35:8a:1d:3c:d4:bc:ca:05:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=971ecfe879e780b202506e9cc110e4d51808be69bc2c3fa6d02c3b098f825e2d, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:07:b3:a4:90:85:a0:fa:fd:da:1f:1a:49:b6:
                    d4:ba:63:1d:66:f9:78:c6:cf:16:ca:98:b2:a7:c7:
                    f4:50:42:f2:29:51:2c:e4:ee:d2:29:73:0e:ba:74:
                    3d:fe:a8:57:5c:46:15:66:58:8e:6e:fe:56:d9:9d:
                    25:92:80:31:ec:9d:fe:92:28:55:27:7d:43:f9:94:
                    05:71:a0:ad:48:2e:c1:8a:ef:44:90:be:76:d3:12:
                    9b:29:1d:d4:ac:87:c7:05:74:cc:8f:34:66:f4:f2:
                    41:cb:1f:5e:a2:fd:dd:93:0c:03:7e:82:cf:a9:41:
                    38:37:f8:6e:d4:9f:0f:ad:78:a3:4a:a2:93:0e:c1:
                    f9:4f:30:4e:27:b5:3f:c6:6c:fc:52:51:55:c4:0e:
                    f4:ca:88:33:0f:7c:40:97:28:c1:fe:0b:34:73:71:
                    de:e8:bb:4d:a6:8c:64:2f:f5:a8:71:31:40:67:0e:
                    23:4b:fc:64:28:0f:7f:88:a9:07:c4:7d:50:72:cb:
                    ec:78:3b:5e:42:39:2a:ec:57:d4:3f:ad:6c:e2:e0:
                    55:98:58:40:6b:26:7a:bf:14:60:f6:41:2c:5e:68:
                    e8:78:c9:b1:07:cb:06:f0:5c:c5:ea:87:cf:37:9b:
                    b1:f2:ac:b7:80:c8:60:e4:3f:da:20:82:2c:40:df:
                    58:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:AA:A4:CB:61:AC:7A:26:3F:6D:64:89:39:D5:7C:DD:86:02:15:86
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/32177b6f-d52e-46a1-9ccf-762a43e8f18d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5536::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:eb:64:f1:b1:1a:27:5d:e2:0f:44:75:54:ef:d5:47:95:00:
         19:d1:8f:0f:5b:5b:f6:84:4e:26:29:c7:43:94:b6:71:b1:fd:
         ce:f1:32:3d:f8:b8:ee:30:90:0c:e0:f3:af:36:ef:c7:49:80:
         54:e8:0e:71:46:40:6d:9c:c4:94:20:00:0d:84:49:be:e3:7c:
         e4:df:e3:48:f0:9d:e4:5b:0b:70:03:ec:13:9c:0d:6a:9c:0e:
         16:b6:46:b7:c5:90:f3:bb:9c:7c:5b:87:3f:5d:89:36:b4:4f:
         c4:73:03:53:bc:00:46:24:74:ea:6c:a8:62:03:d0:da:34:4c:
         0a:39:81:f4:bc:62:56:d1:81:05:18:43:8a:c5:e2:a2:76:a8:
         59:8c:a8:47:33:58:58:31:42:d1:ab:fc:28:ff:db:2f:57:51:
         ca:7f:d9:22:1b:34:1c:19:13:84:76:40:19:1c:b8:62:dc:76:
         ee:65:9e:34:ae:63:5a:28:cb:19:d7:0d:62:89:02:b7:b9:32:
         7a:e1:a7:7a:24:91:a7:2d:15:42:35:a1:f9:13:22:95:56:d2:
         87:d1:00:65:86:ea:1f:c7:9c:7c:14:a5:5d:b7:f0:f3:f3:0e:
         3e:d8:dd:d9:79:8a:e6:20:d8:7e:64:35:0a:96:ca:53:69:19:
         b6:e8:81:03
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUEybP52VeQkSunLI1ih081LzKBQcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NzFlY2ZlODc5ZTc4MGIyMDI1MDZlOWNjMTEwZTRkNTE4
MDhiZTY5YmMyYzNmYTZkMDJjM2IwOThmODI1ZTJkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUB7OkkIWg+v3aHxpJttS6Yx1m+XjGzxbKmLKnx/RQQvIp
USzk7tIpcw66dD3+qFdcRhVmWI5u/lbZnSWSgDHsnf6SKFUnfUP5lAVxoK1ILsGK
70SQvnbTEpspHdSsh8cFdMyPNGb08kHLH16i/d2TDAN+gs+pQTg3+G7Unw+teKNK
opMOwflPME4ntT/GbPxSUVXEDvTKiDMPfECXKMH+CzRzcd7ou02mjGQv9ahxMUBn
DiNL/GQoD3+IqQfEfVByy+x4O15COSrsV9Q/rWzi4FWYWEBrJnq/FGD2QSxeaOh4
ybEHywbwXMXqh883m7HyrLeAyGDkP9oggixA31iTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUFaqky2GseiY/bWSJOdV83YYCFYYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzMyMTc3YjZmLWQ1MmUtNDZhMS05Y2NmLTc2MmE0M2U4ZjE4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVTYwDQYJKoZIhvcNAQELBQADggEBAIfrZPGxGidd4g9EdVTv1UeV
ABnRjw9bW/aETiYpx0OUtnGx/c7xMj34uO4wkAzg868278dJgFToDnFGQG2cxJQg
AA2ESb7jfOTf40jwneRbC3AD7BOcDWqcDha2RrfFkPO7nHxbhz9diTa0T8RzA1O8
AEYkdOpsqGID0No0TAo5gfS8YlbRgQUYQ4rF4qJ2qFmMqEczWFgxQtGr/Cj/2y9X
Ucp/2SIbNBwZE4R2QBkcuGLcdu5lnjSuY1ooyxnXDWKJAre5Mnrhp3okkactFUI1
ofkTIpVW0ofRAGWG6h/HnHwUpV238PPzDj7Y3dl5iuYg2H5kNQqWylNpGbbogQM=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org