Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3e66065c-803b-4b16-998f-c22a451550ca.roa
File:                     3e66065c-803b-4b16-998f-c22a451550ca.roa (raw, json)
Hash identifier:          JNUXXYwk2zVcNGbUwn2F94ieNTpWBO+aVtDwUZnJKRk=
Subject key identifier:   57:1F:1C:75:D3:7B:44:37:C2:16:B3:A1:4C:BF:B5:69:2D:37:01:9F
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       0B4098161E93F00E03CC550B958B27055AE43F5C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3e66065c-803b-4b16-998f-c22a451550ca.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:552a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:21:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:40:98:16:1e:93:f0:0e:03:cc:55:0b:95:8b:27:05:5a:e4:3f:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=63f7d27a18d88e448c2ab0f039438b608680a79ac8d76cfaa0d8a805a7d37f64, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a3:f8:24:dd:28:55:bf:2d:db:2b:76:a2:2d:
                    1a:c1:f1:7f:64:6e:67:b1:29:30:30:1b:32:19:56:
                    cb:77:53:b6:a6:f0:32:34:11:e0:cd:5a:8d:ab:ba:
                    84:2d:4f:5f:4a:c1:9e:d8:ec:9c:fc:20:5c:28:f8:
                    ee:d0:bc:ce:4d:a1:e7:35:51:71:fe:c4:85:5d:64:
                    1e:ff:b1:99:4b:a0:8e:b4:11:a4:3a:7e:4b:c4:c1:
                    77:12:f5:31:ed:8a:61:4e:e7:d6:4b:55:ac:46:90:
                    d6:09:1f:3e:05:df:73:ff:27:28:48:ff:b3:55:64:
                    cd:05:6d:9c:3f:61:51:53:b7:17:0b:b8:56:d9:5e:
                    66:4a:71:11:dc:aa:23:0a:8e:90:e5:56:d6:07:5c:
                    a8:49:7e:e0:f6:02:28:fe:ea:9f:b3:6b:a2:83:49:
                    06:95:1a:1a:14:b6:db:1f:02:aa:6f:2a:a9:86:09:
                    3b:5f:14:10:7e:b5:0b:52:8f:91:fe:bd:63:a1:b3:
                    36:86:f8:b6:41:3f:d2:a6:7a:2b:57:9b:8a:b5:1a:
                    e7:39:01:66:87:c9:5d:a1:47:62:9d:11:51:a3:f4:
                    b6:51:b8:df:7d:c8:70:70:fc:14:96:16:85:c1:86:
                    08:5c:d9:0b:8f:97:55:bf:84:10:00:29:77:8d:7a:
                    dd:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:1F:1C:75:D3:7B:44:37:C2:16:B3:A1:4C:BF:B5:69:2D:37:01:9F
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3e66065c-803b-4b16-998f-c22a451550ca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:552a::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:0a:91:6e:05:8b:17:c0:23:4d:94:9d:ed:41:5f:ac:40:d0:
         3e:75:43:ec:49:59:17:15:81:08:dd:38:4b:9e:1c:17:b0:ec:
         4f:11:84:7c:66:d8:73:07:b5:16:7a:24:9f:f8:5e:8b:29:26:
         62:9a:4b:5e:74:14:d2:10:a4:74:00:14:70:c3:89:50:ce:53:
         8f:b1:20:16:67:41:36:38:42:d0:fa:a7:b2:15:d5:94:3f:05:
         58:75:24:80:e9:68:17:cf:fc:3b:fd:90:80:45:2b:9a:4b:c8:
         ed:27:31:af:1c:c5:75:49:1d:6d:52:5a:66:56:52:3e:df:fc:
         90:e5:3a:ba:71:78:4a:91:81:db:61:dd:2d:e1:74:2f:1e:ad:
         ba:3e:58:e7:06:1b:34:37:8e:08:0e:a6:c9:b6:dd:c4:49:aa:
         a9:47:6e:3b:b5:bd:28:0a:97:2d:cc:7a:4b:69:79:5e:80:d6:
         02:87:f0:18:10:64:6a:3f:a6:8f:04:93:5c:99:14:ad:02:e0:
         93:98:2b:e4:fd:6a:8c:10:2c:a3:9b:3e:b0:70:83:ab:21:d1:
         16:33:82:08:78:cd:55:07:8e:80:00:57:d9:b0:f2:a5:a4:c0:
         4e:0d:ca:ab:6e:c6:e2:b5:6e:50:b1:71:f4:74:67:95:87:f9:
         96:b3:0c:17
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUC0CYFh6T8A4DzFULlYsnBVrkP1wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2M2Y3ZDI3YTE4ZDg4ZTQ0OGMyYWIwZjAzOTQzOGI2MDg2
ODBhNzlhYzhkNzZjZmFhMGQ4YTgwNWE3ZDM3ZjY0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpo/gk3ShVvy3bK3aiLRrB8X9kbmexKTAwGzIZVst3U7am
8DI0EeDNWo2ruoQtT19KwZ7Y7Jz8IFwo+O7QvM5Noec1UXH+xIVdZB7/sZlLoI60
EaQ6fkvEwXcS9THtimFO59ZLVaxGkNYJHz4F33P/JyhI/7NVZM0FbZw/YVFTtxcL
uFbZXmZKcRHcqiMKjpDlVtYHXKhJfuD2Aij+6p+za6KDSQaVGhoUttsfAqpvKqmG
CTtfFBB+tQtSj5H+vWOhszaG+LZBP9KmeitXm4q1Guc5AWaHyV2hR2KdEVGj9LZR
uN99yHBw/BSWFoXBhghc2QuPl1W/hBAAKXeNet2DAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUVx8cddN7RDfCFrOhTL+1aS03AZ8wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzNlNjYwNjVjLTgwM2ItNGIxNi05OThmLWMyMmE0NTE1NTBjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVSowDQYJKoZIhvcNAQELBQADggEBAAUKkW4FixfAI02Une1BX6xA
0D51Q+xJWRcVgQjdOEueHBew7E8RhHxm2HMHtRZ6JJ/4XospJmKaS150FNIQpHQA
FHDDiVDOU4+xIBZnQTY4QtD6p7IV1ZQ/BVh1JIDpaBfP/Dv9kIBFK5pLyO0nMa8c
xXVJHW1SWmZWUj7f/JDlOrpxeEqRgdth3S3hdC8erbo+WOcGGzQ3jggOpsm23cRJ
qqlHbju1vSgKly3MektpeV6A1gKH8BgQZGo/po8Ek1yZFK0C4JOYK+T9aowQLKOb
PrBwg6sh0RYzggh4zVUHjoAAV9mw8qWkwE4NyqtuxuK1blCxcfR0Z5WH+ZazDBc=
-----END CERTIFICATE-----
Generated at Tue Jan 7 02:45:22 2025 by rpki-client on console-ams.rpki-client.org