Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3615c317-c337-40cd-8aa5-dc3a42e98151.roa
File:                     3615c317-c337-40cd-8aa5-dc3a42e98151.roa (raw, json)
Hash identifier:          zPtwjrc0lHywvi27ILilr1Bu201PwRhqJqttdG63FCQ=
Subject key identifier:   0D:E6:24:88:EB:67:44:F6:71:33:40:AE:F5:27:D9:47:EF:21:C6:A6
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7870E0F0C3699F3DE7CD9F576894C70C2CA532BA
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3615c317-c337-40cd-8aa5-dc3a42e98151.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f3:ce80::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 17 Jan 2025 18:37:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:70:e0:f0:c3:69:9f:3d:e7:cd:9f:57:68:94:c7:0c:2c:a5:32:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=aeea8bd3ed80ed7a4b46c81f6c891e9b40ca6747380d45f8d56c1a35c653e879, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:35:0d:6c:9f:b5:8f:8f:93:1a:a5:f4:fb:fa:
                    89:33:01:14:4a:20:e5:aa:9d:f3:b1:04:75:bf:7d:
                    01:4a:c3:4a:a4:7c:3a:97:38:b0:4e:4c:3a:b9:cf:
                    da:07:b2:00:b8:f5:94:11:3a:d6:af:6f:7a:c0:cb:
                    fe:7e:39:98:db:b4:25:d7:fd:a7:03:01:24:9f:4b:
                    8d:83:fd:bf:10:4e:f0:23:94:f4:4d:9a:02:2c:98:
                    22:67:36:ee:bc:9e:a1:8a:f8:b3:42:bb:33:4f:7a:
                    b3:20:a6:2d:da:8c:4f:48:24:51:84:08:78:be:24:
                    2a:a6:44:d6:52:27:9c:cb:c6:f8:2b:53:2b:f3:7a:
                    24:14:ac:04:8c:ce:8e:2b:f6:c1:89:5b:da:7f:bb:
                    10:87:fa:b4:49:a6:c8:cb:0c:bf:73:b5:ea:71:e4:
                    38:e2:e3:6a:f2:47:2d:5a:4d:b6:61:69:83:3b:09:
                    37:5d:ff:b9:2a:c0:fe:38:49:10:b6:7d:e9:60:66:
                    9e:4b:5f:28:bf:7b:87:ce:67:f3:59:95:ae:06:11:
                    cb:72:b2:fe:12:c6:af:51:6d:f5:1b:e5:a7:81:b7:
                    08:70:2e:94:82:e5:e9:19:b8:1f:4a:e7:85:91:f9:
                    e1:a1:2b:a5:92:0f:cb:40:7d:37:82:bb:6a:8d:ee:
                    ed:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:E6:24:88:EB:67:44:F6:71:33:40:AE:F5:27:D9:47:EF:21:C6:A6
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3615c317-c337-40cd-8aa5-dc3a42e98151.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f3:ce80::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:10:87:a9:af:4f:af:c3:77:a0:00:c9:4c:f5:55:c5:15:3b:
         30:94:95:f9:e2:41:90:38:19:73:03:19:37:a2:95:06:35:c9:
         b7:30:8f:3b:41:93:b7:42:52:63:ba:71:74:40:4c:9d:94:05:
         42:1a:98:0d:b7:29:5f:85:88:df:7e:da:8a:0e:ac:97:a6:fa:
         5e:14:57:c1:53:70:89:51:82:fe:0a:a4:5f:61:c8:1e:48:d7:
         06:26:82:77:e8:0e:51:9b:07:63:4e:d7:06:59:c4:40:dd:a7:
         95:0c:a6:8b:1a:45:94:2a:2e:2a:64:0a:11:c0:c3:05:db:01:
         e7:f3:8b:64:2b:81:8a:6a:12:24:f5:8b:03:33:b4:1b:e5:60:
         33:49:15:e0:ba:d7:35:0b:e3:82:be:ec:36:c5:02:c6:45:67:
         92:fa:c7:c0:ee:e0:6e:a5:7d:8c:96:dd:b9:e6:39:08:04:78:
         e1:3b:1c:1e:c6:0e:66:ca:33:7b:05:89:71:d5:a8:3f:86:3a:
         d4:16:13:2a:9b:f3:aa:d5:17:28:da:b7:cf:bc:b2:b6:03:fa:
         70:83:0d:42:e4:7e:99:71:fc:8b:1e:45:c0:ce:bf:52:db:79:
         8a:f3:1c:75:0e:68:a6:82:2e:de:60:49:c6:43:55:e5:7e:83:
         62:e7:17:55
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUeHDg8MNpnz3nzZ9XaJTHDCylMrowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZWVhOGJkM2VkODBlZDdhNGI0NmM4MWY2Yzg5MWU5YjQw
Y2E2NzQ3MzgwZDQ1ZjhkNTZjMWEzNWM2NTNlODc5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzNQ1sn7WPj5MapfT7+okzARRKIOWqnfOxBHW/fQFKw0qk
fDqXOLBOTDq5z9oHsgC49ZQROtavb3rAy/5+OZjbtCXX/acDASSfS42D/b8QTvAj
lPRNmgIsmCJnNu68nqGK+LNCuzNPerMgpi3ajE9IJFGECHi+JCqmRNZSJ5zLxvgr
UyvzeiQUrASMzo4r9sGJW9p/uxCH+rRJpsjLDL9ztepx5Dji42ryRy1aTbZhaYM7
CTdd/7kqwP44SRC2felgZp5LXyi/e4fOZ/NZla4GEctysv4Sxq9RbfUb5aeBtwhw
LpSC5ekZuB9K54WR+eGhK6WSD8tAfTeCu2qN7u1ZAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUDeYkiOtnRPZxM0Cu9SfZR+8hxqYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzM2MTVjMzE3LWMzMzctNDBjZC04YWE1LWRjM2E0MmU5ODE1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDzzoAwDQYJKoZIhvcNAQELBQADggEBAG8Qh6mvT6/Dd6AAyUz1VcUV
OzCUlfniQZA4GXMDGTeilQY1ybcwjztBk7dCUmO6cXRATJ2UBUIamA23KV+FiN9+
2ooOrJem+l4UV8FTcIlRgv4KpF9hyB5I1wYmgnfoDlGbB2NO1wZZxEDdp5UMposa
RZQqLipkChHAwwXbAefzi2QrgYpqEiT1iwMztBvlYDNJFeC61zUL44K+7DbFAsZF
Z5L6x8Du4G6lfYyW3bnmOQgEeOE7HB7GDmbKM3sFiXHVqD+GOtQWEyqb86rVFyja
t8+8srYD+nCDDULkfplx/IseRcDOv1LbeYrzHHUOaKaCLt5gScZDVeV+g2LnF1U=
-----END CERTIFICATE-----
Generated at Fri Jan 17 23:23:03 2025 by rpki-client on console-ams.rpki-client.org