Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/348f5e60-8c02-48e8-8bab-280a4365a7cb.roa
File:                     348f5e60-8c02-48e8-8bab-280a4365a7cb.roa (raw, json)
Hash identifier:          BI9RkoROg7dOZsqMUh0aFKDd65bp0md3UPqCIyBtcNs=
Subject key identifier:   58:24:50:15:74:05:69:CA:A6:6F:72:7C:33:EE:5C:96:1F:12:ED:40
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7F4084AC268CE4252BA9F2FBC0DF7C7D70618E8C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/348f5e60-8c02-48e8-8bab-280a4365a7cb.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f1:8802::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:23:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:40:84:ac:26:8c:e4:25:2b:a9:f2:fb:c0:df:7c:7d:70:61:8e:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=cbc4a14d797c3f9f67c89fced9e26884f6892452a0ccb51bee80cded87cce302, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:c4:05:8b:2d:e1:f9:89:61:a2:2c:2a:34:57:
                    45:15:a2:ce:3b:fb:87:2d:c5:76:9a:41:fb:c4:94:
                    48:01:72:cd:75:b0:40:e7:cf:90:a3:82:21:9e:fb:
                    59:01:fc:3b:23:b5:4e:e2:71:cc:24:4d:4e:89:99:
                    ad:b9:d7:e0:cd:c0:e3:f3:5b:c7:3f:f7:74:83:d9:
                    8a:29:04:f6:79:b5:7e:a7:e4:5b:c1:6e:65:81:56:
                    f7:61:10:b0:7e:3e:18:64:32:c3:a2:39:29:6c:68:
                    a6:4f:a0:61:ee:6f:59:40:31:5c:d3:fc:8c:4b:31:
                    09:a4:60:af:8d:79:cf:b9:66:2e:af:e2:03:26:34:
                    c2:38:10:7a:c5:49:17:92:54:d1:ec:c3:8f:2b:3d:
                    0b:f8:cf:53:c0:0c:b9:f7:76:2c:b6:7d:a0:1e:69:
                    3d:12:2c:e6:94:f2:0e:ee:87:4d:43:a3:9d:88:77:
                    98:8e:35:1f:cc:89:81:5b:d9:77:c4:39:9a:63:c0:
                    e6:c8:14:1a:66:f4:c1:41:85:03:31:2c:16:c6:91:
                    4e:f0:f0:dd:0f:20:0d:be:81:5d:ee:f5:9c:a7:3f:
                    c2:aa:fc:e8:9f:8e:b0:c3:52:e9:8f:f3:30:ab:f7:
                    b9:74:d3:63:30:57:f4:30:b5:91:bc:1c:ea:0c:36:
                    ec:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:24:50:15:74:05:69:CA:A6:6F:72:7C:33:EE:5C:96:1F:12:ED:40
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/348f5e60-8c02-48e8-8bab-280a4365a7cb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f1:8802::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:6d:79:5d:f2:db:83:39:51:e1:3d:07:0d:84:42:a9:77:11:
         a8:5d:61:ed:af:ac:aa:4e:05:24:c2:d0:72:3a:e5:87:f4:b8:
         d5:70:7f:d7:b4:31:92:6b:aa:5a:68:f1:52:f3:79:82:d2:da:
         ad:fc:18:2e:5c:ed:97:c1:aa:7b:a0:97:af:91:3d:cd:5e:38:
         fd:f6:29:2b:fd:91:ac:eb:68:5f:2c:9f:ee:14:27:48:cc:1b:
         04:62:e8:91:0f:fd:c1:38:6e:04:c0:8e:07:fa:00:8d:c0:40:
         03:04:78:a5:fb:ec:ca:e5:c4:58:d6:62:a5:59:70:fa:5f:e8:
         f3:8b:99:8a:c9:ed:cc:9d:82:1f:0f:7e:e3:51:c0:fb:de:b5:
         42:9a:52:0b:eb:d0:8c:05:24:a4:c4:ff:bc:c8:9f:d6:f6:cf:
         70:08:7d:5b:bf:81:1c:c5:ac:68:d2:ed:ca:5c:78:44:82:fb:
         c0:35:41:1b:80:6a:e6:dd:68:32:7b:07:f9:5d:60:08:34:5b:
         65:b7:ce:11:de:7d:4f:83:21:a8:a2:57:bc:91:56:87:2c:c3:
         8d:52:7e:fe:5e:0d:7f:a1:7a:cc:4c:d9:77:04:de:85:54:70:
         e3:b7:84:d7:58:47:56:10:86:fb:f9:6f:76:f3:b5:d3:9b:95:
         8d:ee:ff:8e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUf0CErCaM5CUrqfL7wN98fXBhjowwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYmM0YTE0ZDc5N2MzZjlmNjdjODlmY2VkOWUyNjg4NGY2
ODkyNDUyYTBjY2I1MWJlZTgwY2RlZDg3Y2NlMzAyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVxAWLLeH5iWGiLCo0V0UVos47+4ctxXaaQfvElEgBcs11
sEDnz5CjgiGe+1kB/DsjtU7iccwkTU6Jma251+DNwOPzW8c/93SD2YopBPZ5tX6n
5FvBbmWBVvdhELB+PhhkMsOiOSlsaKZPoGHub1lAMVzT/IxLMQmkYK+Nec+5Zi6v
4gMmNMI4EHrFSReSVNHsw48rPQv4z1PADLn3diy2faAeaT0SLOaU8g7uh01Do52I
d5iONR/MiYFb2XfEOZpjwObIFBpm9MFBhQMxLBbGkU7w8N0PIA2+gV3u9ZynP8Kq
/OifjrDDUumP8zCr97l002MwV/QwtZG8HOoMNuxxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUWCRQFXQFacqmb3J8M+5clh8S7UAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzM0OGY1ZTYwLThjMDItNDhlOC04YmFiLTI4MGE0MzY1YTdjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDxiAIwDQYJKoZIhvcNAQELBQADggEBAFlteV3y24M5UeE9Bw2EQql3
EahdYe2vrKpOBSTC0HI65Yf0uNVwf9e0MZJrqlpo8VLzeYLS2q38GC5c7ZfBqnug
l6+RPc1eOP32KSv9kazraF8sn+4UJ0jMGwRi6JEP/cE4bgTAjgf6AI3AQAMEeKX7
7MrlxFjWYqVZcPpf6POLmYrJ7cydgh8PfuNRwPvetUKaUgvr0IwFJKTE/7zIn9b2
z3AIfVu/gRzFrGjS7cpceESC+8A1QRuAaubdaDJ7B/ldYAg0W2W3zhHefU+DIaii
V7yRVocsw41Sfv5eDX+hesxM2XcE3oVUcOO3hNdYR1YQhvv5b3bztdOblY3u/44=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org