Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/47401e09-098d-4ed3-a47d-f40ed86e312e.roa
File:                     47401e09-098d-4ed3-a47d-f40ed86e312e.roa (raw, json)
Hash identifier:          /3jDKx+TiZ3dnbpmx7SQJlXQPXU6cKrrZwtu79cbgRo=
Subject key identifier:   D9:55:B3:D4:C6:0F:63:B7:E4:B9:61:A9:E8:12:BF:43:9F:24:8C:94
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2D18C344D7579305404B749576A46B192B18BCA9
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/47401e09-098d-4ed3-a47d-f40ed86e312e.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f3:ce00::/42 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:37:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:18:c3:44:d7:57:93:05:40:4b:74:95:76:a4:6b:19:2b:18:bc:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=14a0bdd0659d9aa9df362f7682e081fc25ed042a23d711b8905326aeac17c68b, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:3a:e1:b8:46:ab:d8:97:a8:0e:f6:f9:60:50:
                    34:72:2a:59:2b:dd:cb:c7:19:c2:43:96:6f:e6:aa:
                    ec:ce:14:5a:f9:cc:b4:06:81:13:40:00:aa:d9:a6:
                    c5:ed:4a:96:f4:93:8d:36:8b:53:38:36:d8:c6:aa:
                    cd:63:48:c8:71:ba:44:40:59:b0:80:6a:1d:50:17:
                    07:da:b1:08:7e:74:87:3b:21:05:be:2a:ed:fd:41:
                    9f:d7:11:43:71:0b:64:fb:ab:75:3b:bc:ef:ac:3f:
                    c7:c7:08:cb:62:09:8c:bc:c6:25:6e:92:cb:fd:98:
                    1c:50:a9:5b:8b:6c:c4:e3:90:c1:7c:93:f2:01:5c:
                    f4:26:14:49:75:1a:88:bd:20:13:14:05:d5:5c:5c:
                    63:4c:d0:d0:05:52:dd:f2:25:bc:36:b1:a9:9b:c5:
                    70:e2:7b:11:cd:58:d2:dc:01:0e:2b:e6:db:6c:77:
                    4d:2c:6e:6e:3b:3a:4e:e5:ed:85:df:bf:4c:c4:1d:
                    2f:1b:ad:5b:fb:72:7e:b2:59:fb:45:35:f8:77:bb:
                    bf:f1:5b:10:5e:23:96:2a:e2:9f:0e:58:f5:1a:08:
                    76:5d:02:9b:db:41:6c:16:59:cf:74:f9:9d:85:e2:
                    7c:e3:cc:b2:02:a5:4f:f6:ff:d9:bf:a5:e7:ff:78:
                    ce:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:55:B3:D4:C6:0F:63:B7:E4:B9:61:A9:E8:12:BF:43:9F:24:8C:94
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/47401e09-098d-4ed3-a47d-f40ed86e312e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f3:ce00::/42

    Signature Algorithm: sha256WithRSAEncryption
         96:7d:17:b2:0a:b9:4e:62:31:5e:89:da:7d:d6:c9:cd:5b:0a:
         c7:11:c6:4c:e2:57:b4:0d:fc:08:b3:15:b9:96:dd:0e:44:84:
         ca:ba:8f:3f:58:5f:18:cc:16:d6:95:3a:dc:cf:67:59:50:1b:
         5a:b2:a3:8a:a3:dc:0c:15:fb:2a:37:50:45:77:de:9f:9f:3b:
         69:fe:42:a3:d4:45:85:50:01:08:46:0f:30:95:5e:cb:24:5a:
         fd:82:9e:9c:8a:3a:07:ca:59:56:27:b2:cd:b7:29:db:0d:3b:
         aa:17:0e:01:e4:72:c7:21:1a:7d:28:be:ba:04:da:06:1a:12:
         9b:b4:a9:0b:fe:1b:59:b3:a7:84:0c:72:e5:74:8f:c4:2d:38:
         e9:ac:c6:54:4d:85:d5:2a:eb:0e:65:f9:f7:93:74:ac:e9:6b:
         d7:22:fd:db:54:e7:58:85:7b:aa:b8:18:0c:98:d2:d5:43:68:
         b9:14:d7:da:ee:54:08:9b:24:0f:da:c0:b9:b2:b3:a6:44:90:
         a4:eb:3c:89:ea:ec:fd:1f:3d:ef:95:25:bb:8e:77:e2:4d:f5:
         be:ca:58:2a:f2:3d:94:75:0b:a7:90:36:be:6d:7e:03:52:c7:
         aa:5d:74:5e:df:e6:ba:66:49:d7:22:6f:ba:61:63:19:c7:7d:
         0f:34:2c:07
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULRjDRNdXkwVAS3SVdqRrGSsYvKkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNGEwYmRkMDY1OWQ5YWE5ZGYzNjJmNzY4MmUwODFmYzI1
ZWQwNDJhMjNkNzExYjg5MDUzMjZhZWFjMTdjNjhiMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaOuG4RqvYl6gO9vlgUDRyKlkr3cvHGcJDlm/mquzOFFr5
zLQGgRNAAKrZpsXtSpb0k402i1M4NtjGqs1jSMhxukRAWbCAah1QFwfasQh+dIc7
IQW+Ku39QZ/XEUNxC2T7q3U7vO+sP8fHCMtiCYy8xiVuksv9mBxQqVuLbMTjkMF8
k/IBXPQmFEl1Goi9IBMUBdVcXGNM0NAFUt3yJbw2sambxXDiexHNWNLcAQ4r5tts
d00sbm47Ok7l7YXfv0zEHS8brVv7cn6yWftFNfh3u7/xWxBeI5Yq4p8OWPUaCHZd
ApvbQWwWWc90+Z2F4nzjzLICpU/2/9m/pef/eM67AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU2VWz1MYPY7fkuWGp6BK/Q58kjJQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzQ3NDAxZTA5LTA5OGQtNGVkMy1hNDdkLWY0MGVkODZlMzEyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPDzzgAwDQYJKoZIhvcNAQELBQADggEBAJZ9F7IKuU5iMV6J2n3Wyc1b
CscRxkziV7QN/AizFbmW3Q5EhMq6jz9YXxjMFtaVOtzPZ1lQG1qyo4qj3AwV+yo3
UEV33p+fO2n+QqPURYVQAQhGDzCVXsskWv2CnpyKOgfKWVYnss23KdsNO6oXDgHk
cschGn0ovroE2gYaEpu0qQv+G1mzp4QMcuV0j8QtOOmsxlRNhdUq6w5l+feTdKzp
a9ci/dtU51iFe6q4GAyY0tVDaLkU19ruVAibJA/awLmys6ZEkKTrPInq7P0fPe+V
JbuOd+JN9b7KWCryPZR1C6eQNr5tfgNSx6pddF7f5rpmSdcib7phYxnHfQ80LAc=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org