Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5059f3ed-2137-407e-8f00-caf6cd702df3.roa
File: 5059f3ed-2137-407e-8f00-caf6cd702df3.roa (raw, json)
Hash identifier: kH1BZ06SAtS8rwPTim/3USD8CshlJoeBtLZH42kO9KM=
Subject key identifier: 22:1A:4E:C1:3E:B6:4D:AF:A0:EB:63:4E:54:A5:1B:AC:67:E0:6B:D1
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 65A3589797F1644709D400908BDFA587F8678F87
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5059f3ed-2137-407e-8f00-caf6cd702df3.roa
Signing time: Fri 03 Jan 2025 00:00:00 +0000
ROA not before: Fri 03 Jan 2025 00:00:00 +0000
ROA not after: Fri 07 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2600:f0fb:e800::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 23:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:a3:58:97:97:f1:64:47:09:d4:00:90:8b:df:a5:87:f8:67:8f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Jan 3 00:00:00 2025 GMT
Not After : Feb 7 23:59:59 2025 GMT
Subject: serialNumber=5cc490e5979f37d763044625220e227b71c8de98d58f6abb9392b7f2c8996f31, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:66:b5:62:9e:29:3c:c8:44:ff:8d:2d:77:e2:
b0:86:5b:d9:56:c4:2b:d5:e0:ad:ce:42:bd:50:3b:
54:b5:1b:49:e5:4c:df:c0:66:4a:56:14:90:67:4e:
52:60:06:6d:c6:6e:8b:9c:06:57:cc:fd:ee:a7:1f:
d6:f2:86:d3:1f:45:e0:e7:13:c0:89:16:a3:56:56:
68:51:42:8b:86:25:37:a6:31:ca:b0:a7:7a:93:8d:
07:48:4e:80:70:74:19:ad:2c:e9:c4:d0:99:e7:d5:
da:56:cb:5d:ea:c4:fe:21:58:75:1a:1d:86:e2:44:
5f:d8:f3:97:14:02:14:b0:73:5f:06:7e:fe:96:33:
64:b8:e5:b8:07:45:08:5f:6a:bc:7d:11:24:4d:71:
c9:1f:8b:37:36:08:79:ba:2b:69:f5:ec:1d:a2:05:
8d:3b:03:6e:81:66:66:71:89:27:01:3b:31:d2:80:
21:94:7c:1b:4c:ba:91:d7:c7:72:b6:6f:98:cb:60:
d0:71:6b:78:55:b1:b7:9d:30:0f:df:3b:45:fd:8b:
f8:11:a8:e4:83:1f:f7:e9:42:23:ec:bc:26:6b:44:
5e:f0:ff:e6:51:42:f6:5a:1d:2d:bc:d6:72:69:ce:
fc:68:16:4b:94:f8:95:7a:c8:7b:6f:ac:b1:25:5d:
b4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:1A:4E:C1:3E:B6:4D:AF:A0:EB:63:4E:54:A5:1B:AC:67:E0:6B:D1
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5059f3ed-2137-407e-8f00-caf6cd702df3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0fb:e800::/40
Signature Algorithm: sha256WithRSAEncryption
1d:18:b1:37:88:e5:aa:fe:64:d4:23:67:62:6f:4d:97:ff:66:
fb:69:d8:58:7d:f7:21:7f:e7:4b:a6:bf:da:3c:6d:d8:b1:4b:
b7:5e:70:3d:dc:01:b8:87:97:05:a2:37:ff:bd:c0:1e:2e:26:
d5:b6:3d:6e:e0:0e:53:9d:e3:58:20:52:c4:9d:12:1e:ad:9b:
38:18:69:b6:92:c2:99:db:9d:0e:92:09:1f:93:c7:0f:c6:2b:
d7:37:69:f1:a9:45:01:13:68:d8:a1:42:1f:66:58:c6:5e:8e:
44:93:a1:45:74:fe:0c:37:86:82:aa:cc:4c:f7:8d:95:63:ad:
03:ae:f7:53:d0:d6:23:0f:15:57:82:0a:4c:6e:d3:f1:4b:fd:
45:0f:fa:d3:5d:98:5d:94:cf:41:29:8a:26:7a:15:b6:4e:7b:
f2:fb:9c:9f:50:04:02:c3:56:33:09:26:bd:be:f2:3c:bf:de:
6d:1c:8d:9c:0d:3f:d6:7e:c7:60:70:e4:0b:c3:f2:94:74:d6:
bd:5f:15:d8:57:2f:33:d0:8c:0a:09:fc:ba:c6:79:91:b7:d7:
19:b4:8e:c8:a2:b2:04:53:49:77:e8:0b:00:f3:c5:a2:10:26:
ae:9f:be:de:08:81:60:33:b2:fd:43:c3:bb:a8:b0:c9:3b:c3:
3d:cc:69:e7
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUZaNYl5fxZEcJ1ACQi9+lh/hnj4cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1Y2M0OTBlNTk3OWYzN2Q3NjMwNDQ2MjUyMjBlMjI3Yjcx
YzhkZTk4ZDU4ZjZhYmI5MzkyYjdmMmM4OTk2ZjMxMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1ZrVinik8yET/jS134rCGW9lWxCvV4K3OQr1QO1S1G0nl
TN/AZkpWFJBnTlJgBm3GboucBlfM/e6nH9byhtMfReDnE8CJFqNWVmhRQouGJTem
Mcqwp3qTjQdIToBwdBmtLOnE0Jnn1dpWy13qxP4hWHUaHYbiRF/Y85cUAhSwc18G
fv6WM2S45bgHRQhfarx9ESRNcckfizc2CHm6K2n17B2iBY07A26BZmZxiScBOzHS
gCGUfBtMupHXx3K2b5jLYNBxa3hVsbedMA/fO0X9i/gRqOSDH/fpQiPsvCZrRF7w
/+ZRQvZaHS281nJpzvxoFkuU+JV6yHtvrLElXbS7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUIhpOwT62Ta+g62NOVKUbrGfga9EwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzUwNTlmM2VkLTIxMzctNDA3ZS04ZjAwLWNhZjZjZDcwMmRmMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD76DANBgkqhkiG9w0BAQsFAAOCAQEAHRixN4jlqv5k1CNnYm9Nl/9m
+2nYWH33IX/nS6a/2jxt2LFLt15wPdwBuIeXBaI3/73AHi4m1bY9buAOU53jWCBS
xJ0SHq2bOBhptpLCmdudDpIJH5PHD8Yr1zdp8alFARNo2KFCH2ZYxl6ORJOhRXT+
DDeGgqrMTPeNlWOtA673U9DWIw8VV4IKTG7T8Uv9RQ/6012YXZTPQSmKJnoVtk57
8vucn1AEAsNWMwkmvb7yPL/ebRyNnA0/1n7HYHDkC8PylHTWvV8V2FcvM9CMCgn8
usZ5kbfXGbSOyKKyBFNJd+gLAPPFohAmrp++3giBYDOy/UPDu6iwyTvDPcxp5w==
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org