Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4634d2fa-4169-42c0-a7d7-63b635776dcc.roa
File: 4634d2fa-4169-42c0-a7d7-63b635776dcc.roa (raw, json)
Hash identifier: HuvKcBBVCtO+yJOzeHtBZQldgdzbsKbSqdu8OjOgiqI=
Subject key identifier: E7:06:E0:06:0D:56:2B:A8:AE:0E:7A:3E:F4:55:E8:21:CB:A0:F1:2E
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 6A1F46D4C9F9A6AABEB76FA0D4B5CB3CF2AD3C71
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4634d2fa-4169-42c0-a7d7-63b635776dcc.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0fb:e500::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 23:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:1f:46:d4:c9:f9:a6:aa:be:b7:6f:a0:d4:b5:cb:3c:f2:ad:3c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=313c185faa677792feb29d71888aa775d6043aaf1a19f04cdaeb5853f8769b62, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:5b:f7:62:20:de:cc:3d:10:f9:5f:05:3f:34:
ae:ab:96:21:9a:09:49:34:31:db:b4:20:18:f8:69:
0d:85:dd:4c:aa:04:10:87:19:98:2f:2f:56:17:79:
d6:0e:db:8c:5f:43:3c:87:8c:2b:d8:58:e5:10:90:
84:ad:a9:e0:89:9c:fe:0a:ba:a2:08:6e:91:94:ca:
fd:ca:32:84:1d:68:d2:9c:9e:da:fd:35:7e:a0:48:
01:6c:19:4c:2e:82:73:b1:c4:9e:e0:ae:ef:8f:fa:
5c:6d:81:0f:b2:cc:1b:6f:0e:fb:7f:18:94:e1:44:
9c:8a:64:71:61:d4:4e:15:ee:f2:8c:e2:90:fd:45:
d4:50:df:ae:87:bf:02:7a:01:03:b4:29:b6:02:d2:
30:24:81:5e:db:09:1b:df:3a:ee:6f:a9:46:78:ff:
d0:83:39:2d:7e:9c:53:c1:36:18:ec:4f:2e:d0:c1:
81:cd:a8:6b:0c:42:ac:58:83:f7:2b:bb:bd:36:52:
bf:0b:4b:6b:d1:27:22:68:9d:6a:d9:7e:b7:72:60:
7e:28:3e:3c:f4:a4:75:1e:87:d6:c8:71:0a:00:e5:
b9:2f:ea:47:a2:a0:8b:1c:4b:4a:f4:b6:73:48:84:
e4:ff:f1:cd:da:82:fc:85:89:b2:7d:ad:e5:94:d8:
25:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:06:E0:06:0D:56:2B:A8:AE:0E:7A:3E:F4:55:E8:21:CB:A0:F1:2E
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4634d2fa-4169-42c0-a7d7-63b635776dcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0fb:e500::/40
Signature Algorithm: sha256WithRSAEncryption
a1:b3:a3:5a:aa:fa:33:21:0a:44:25:cd:83:5f:1b:9f:d5:4b:
3d:d9:6f:fe:54:b3:e5:80:95:56:f0:18:be:d0:cc:ad:c4:bd:
dc:a8:92:40:f5:69:1d:ca:5f:54:4d:d5:bd:26:f0:de:05:21:
1b:41:ff:61:7a:00:b6:02:10:9c:a0:13:e1:dd:19:90:cd:91:
7c:94:56:9d:4b:d0:c4:3c:54:13:b7:ae:65:ab:ec:bb:80:58:
71:b1:ac:86:72:9f:d1:2e:c1:e9:8d:f4:bd:97:86:5b:e6:77:
ad:44:82:8d:a0:28:0a:b4:d8:11:1c:9d:33:ee:83:2c:4d:3b:
c0:66:02:70:62:0b:ee:99:c8:77:8b:85:81:b3:22:59:68:56:
4b:89:fe:ee:4a:c0:19:31:b4:01:eb:5e:3d:eb:96:d8:1f:79:
4e:7e:c9:c9:77:25:3f:d0:8f:07:e2:54:de:0b:37:13:32:72:
40:e5:58:01:2b:55:49:04:46:5b:a8:f6:e5:3a:cc:01:7b:9b:
d5:43:5b:87:b8:bd:86:29:13:32:29:0c:73:7d:ea:15:e9:e9:
22:dd:05:5b:28:33:75:e5:06:5f:b1:f7:ae:5a:d2:c7:7b:64:
e9:0d:3a:cf:1c:48:0b:a0:97:b6:79:52:64:5a:c2:ef:b0:94:
38:47:86:24
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUah9G1Mn5pqq+t2+g1LXLPPKtPHEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMTNjMTg1ZmFhNjc3NzkyZmViMjlkNzE4ODhhYTc3NWQ2
MDQzYWFmMWExOWYwNGNkYWViNTg1M2Y4NzY5YjYyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDxW/diIN7MPRD5XwU/NK6rliGaCUk0Mdu0IBj4aQ2F3Uyq
BBCHGZgvL1YXedYO24xfQzyHjCvYWOUQkIStqeCJnP4KuqIIbpGUyv3KMoQdaNKc
ntr9NX6gSAFsGUwugnOxxJ7gru+P+lxtgQ+yzBtvDvt/GJThRJyKZHFh1E4V7vKM
4pD9RdRQ366HvwJ6AQO0KbYC0jAkgV7bCRvfOu5vqUZ4/9CDOS1+nFPBNhjsTy7Q
wYHNqGsMQqxYg/cru702Ur8LS2vRJyJonWrZfrdyYH4oPjz0pHUeh9bIcQoA5bkv
6keioIscS0r0tnNIhOT/8c3agvyFibJ9reWU2CX1AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU5wbgBg1WK6iuDno+9FXoIcug8S4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzQ2MzRkMmZhLTQxNjktNDJjMC1hN2Q3LTYzYjYzNTc3NmRjYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD75TANBgkqhkiG9w0BAQsFAAOCAQEAobOjWqr6MyEKRCXNg18bn9VL
Pdlv/lSz5YCVVvAYvtDMrcS93KiSQPVpHcpfVE3VvSbw3gUhG0H/YXoAtgIQnKAT
4d0ZkM2RfJRWnUvQxDxUE7euZavsu4BYcbGshnKf0S7B6Y30vZeGW+Z3rUSCjaAo
CrTYERydM+6DLE07wGYCcGIL7pnId4uFgbMiWWhWS4n+7krAGTG0AetePeuW2B95
Tn7JyXclP9CPB+JU3gs3EzJyQOVYAStVSQRGW6j25TrMAXub1UNbh7i9hikTMikM
c33qFenpIt0FWygzdeUGX7H3rlrSx3tk6Q06zxxIC6CXtnlSZFrC77CUOEeGJA==
-----END CERTIFICATE-----
Generated at Tue Jan 7 02:45:22 2025 by rpki-client on console-ams.rpki-client.org