Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/500a3cf1-3f40-4339-812a-4cafda9ec993.roa
File:                     500a3cf1-3f40-4339-812a-4cafda9ec993.roa (raw, json)
Hash identifier:          Lq3iAbbcZ0ROAOpf2yfoS2LAr9wA5zJ0HfhVs5GNl6U=
Subject key identifier:   05:50:DF:92:39:CD:0E:86:F8:61:55:A2:92:01:03:5F:8B:8C:1A:18
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       11565AE4AAFB869FB6D94E69458DF6E049751881
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/500a3cf1-3f40-4339-812a-4cafda9ec993.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5539::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:22:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:56:5a:e4:aa:fb:86:9f:b6:d9:4e:69:45:8d:f6:e0:49:75:18:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=0010e5d36edb7579cde239cb54611ddd138c9cc7e76f1b15d008811e59b83ecb, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:3f:5f:4f:be:d8:89:f8:a2:91:a6:b2:fe:92:
                    12:a7:71:99:7b:d6:41:a6:63:7a:f3:55:a6:af:b2:
                    ec:71:55:53:c6:a0:ca:b1:ae:50:69:ea:3d:11:30:
                    ba:f8:a0:8c:b2:a3:6b:a0:b2:ca:66:d2:3f:82:cd:
                    8e:35:5b:96:47:63:2b:68:d7:ea:5f:fc:04:e9:84:
                    5f:f6:92:f4:32:e7:5e:2b:57:e7:29:0e:70:ce:8d:
                    b0:02:c2:3a:71:01:80:77:9e:c7:92:d5:18:dd:e8:
                    7f:9c:ac:7d:ff:8d:3a:95:7d:84:d5:1b:b6:c6:b0:
                    0f:4a:6c:7f:a3:1a:3e:cb:2f:c1:cc:73:58:75:15:
                    75:03:3c:ac:31:ed:ad:09:e8:cb:78:a6:bf:50:3a:
                    e7:6e:d8:bb:97:cd:0e:9b:c1:3d:ba:f6:dc:d5:98:
                    f0:fd:b1:27:d3:98:b0:0b:72:5b:4a:b5:4c:30:23:
                    84:05:74:c5:a1:33:04:74:56:b2:5a:26:a8:36:43:
                    58:6e:91:fb:b0:64:5c:f2:c5:4d:fd:91:d6:24:d0:
                    02:5d:37:65:57:db:58:b8:51:64:07:49:36:74:ed:
                    99:7d:a7:0b:f0:d3:c7:0e:05:11:6f:66:40:f9:71:
                    c6:0c:db:0d:8d:d8:97:2d:84:e4:66:c1:5f:dd:fa:
                    53:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:50:DF:92:39:CD:0E:86:F8:61:55:A2:92:01:03:5F:8B:8C:1A:18
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/500a3cf1-3f40-4339-812a-4cafda9ec993.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5539::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:b5:c2:4e:e3:4c:33:7a:c2:66:4d:b0:63:12:51:64:72:32:
         eb:75:79:01:76:86:01:23:a2:62:bb:29:06:92:f1:49:c5:1e:
         c6:8b:fc:8c:4d:1d:72:67:91:35:f5:ab:2a:39:2f:27:d7:e1:
         99:f7:04:1e:1f:c7:48:fd:dc:b1:25:68:e2:80:66:4f:5e:52:
         6f:79:cb:11:8a:d0:2b:b6:77:46:3c:8a:ca:90:74:d2:0f:bb:
         8a:a5:48:07:78:33:3f:ec:81:15:70:3e:fb:62:be:6a:a4:c0:
         74:d2:b4:ea:98:da:00:a0:b4:b1:27:f6:c3:40:17:d5:1d:c9:
         ac:7d:07:29:bd:bc:5b:d1:bf:63:9c:45:0a:c4:4f:f6:ed:03:
         4e:63:2f:5e:fa:10:0a:9e:fd:c6:68:55:1d:07:2b:90:d5:75:
         1c:ce:36:10:b4:ee:e9:49:53:3e:e6:59:ce:08:ad:5f:2b:b2:
         66:61:80:f2:d2:de:1d:58:bc:7b:78:8e:e9:8d:fc:7a:5e:37:
         72:06:8c:ab:cd:99:3b:37:0e:9c:bd:e5:e9:25:12:b7:2d:57:
         e0:7e:4c:51:92:cc:09:a9:b1:28:16:2c:3b:01:96:9c:45:bd:
         65:2b:fd:e6:5c:d6:2a:85:f0:ed:2f:10:7b:59:89:e9:27:74:
         6f:18:cb:d2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUEVZa5Kr7hp+22U5pRY324El1GIEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDEwZTVkMzZlZGI3NTc5Y2RlMjM5Y2I1NDYxMWRkZDEz
OGM5Y2M3ZTc2ZjFiMTVkMDA4ODExZTU5YjgzZWNiMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZP19PvtiJ+KKRprL+khKncZl71kGmY3rzVaavsuxxVVPG
oMqxrlBp6j0RMLr4oIyyo2ugsspm0j+CzY41W5ZHYyto1+pf/ATphF/2kvQy514r
V+cpDnDOjbACwjpxAYB3nseS1Rjd6H+crH3/jTqVfYTVG7bGsA9KbH+jGj7LL8HM
c1h1FXUDPKwx7a0J6Mt4pr9QOudu2LuXzQ6bwT269tzVmPD9sSfTmLALcltKtUww
I4QFdMWhMwR0VrJaJqg2Q1hukfuwZFzyxU39kdYk0AJdN2VX21i4UWQHSTZ07Zl9
pwvw08cOBRFvZkD5ccYM2w2N2JcthORmwV/d+lPNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUBVDfkjnNDob4YVWikgEDX4uMGhgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzUwMGEzY2YxLTNmNDAtNDMzOS04MTJhLTRjYWZkYTllYzk5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVTkwDQYJKoZIhvcNAQELBQADggEBAA61wk7jTDN6wmZNsGMSUWRy
Mut1eQF2hgEjomK7KQaS8UnFHsaL/IxNHXJnkTX1qyo5LyfX4Zn3BB4fx0j93LEl
aOKAZk9eUm95yxGK0Cu2d0Y8isqQdNIPu4qlSAd4Mz/sgRVwPvtivmqkwHTStOqY
2gCgtLEn9sNAF9Udyax9Bym9vFvRv2OcRQrET/btA05jL176EAqe/cZoVR0HK5DV
dRzONhC07ulJUz7mWc4IrV8rsmZhgPLS3h1YvHt4jumN/HpeN3IGjKvNmTs3Dpy9
5eklErctV+B+TFGSzAmpsSgWLDsBlpxFvWUr/eZc1iqF8O0vEHtZiekndG8Yy9I=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org