Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b629644c-c7c8-45fa-926f-42871932416b.roa
File:                     b629644c-c7c8-45fa-926f-42871932416b.roa (raw, json)
Hash identifier:          UsP15du7CDnNl/5H1u9O4MjO8KCa7apiDyp8EYu0bPA=
Subject key identifier:   CA:35:62:FB:40:AC:68:C8:56:AE:37:16:6D:9B:36:29:39:A0:52:93
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3956A88EE0C7D89E970883553B242556FCF18D65
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b629644c-c7c8-45fa-926f-42871932416b.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:553b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:22:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:56:a8:8e:e0:c7:d8:9e:97:08:83:55:3b:24:25:56:fc:f1:8d:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=a9f4dc81e470dccc5ffdbcb1182529c1f2fdb213b35df56469098ca29586e370, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:4c:93:36:55:de:2c:0f:0d:a2:9f:ea:29:30:
                    f5:3b:ae:17:c7:5a:b2:0a:77:e3:5f:51:a5:98:4b:
                    c5:f0:9f:83:93:74:72:ad:bb:7d:4d:89:79:09:9d:
                    c9:5c:46:d6:f0:a8:02:85:62:f7:ae:67:15:24:89:
                    8b:c4:d1:05:98:90:ea:f6:b7:11:81:19:ba:30:14:
                    1d:21:2a:cf:3e:68:ff:1f:7d:34:c9:d0:33:75:a1:
                    28:27:a0:5b:6e:b9:15:c7:4e:54:4e:95:b7:21:e3:
                    aa:fb:5a:77:29:24:82:b7:ed:23:dd:42:ad:b4:6e:
                    99:5c:e3:3a:12:bb:70:25:bc:6c:dc:1a:54:59:22:
                    7e:17:41:0f:31:eb:3e:90:9f:19:0a:91:79:fc:32:
                    9f:72:06:ff:1e:29:d0:f1:9f:20:2a:87:7b:64:99:
                    62:f9:8c:b4:69:2b:e9:13:41:56:06:07:61:1a:df:
                    4d:26:12:60:67:00:25:25:dc:26:c1:a8:40:fb:e0:
                    2c:e1:07:1c:c0:ff:45:34:4b:09:1f:4c:b6:5d:21:
                    e9:a7:6b:da:06:ea:4d:ef:eb:4a:78:53:f7:80:58:
                    54:cf:71:f6:e2:38:36:f2:85:e3:eb:e9:a8:d0:0e:
                    8e:be:26:38:65:42:29:4e:b2:19:7e:82:bb:df:3c:
                    90:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:35:62:FB:40:AC:68:C8:56:AE:37:16:6D:9B:36:29:39:A0:52:93
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b629644c-c7c8-45fa-926f-42871932416b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:553b::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:de:eb:ef:ff:59:64:cb:41:ab:cf:a4:e3:25:09:0a:95:99:
         6a:f6:3a:db:5f:01:2a:1e:66:66:0a:08:c8:90:4f:a6:cb:ce:
         93:00:01:aa:b3:e0:b2:63:5f:b5:06:35:a6:03:6d:22:98:0a:
         af:92:f9:e9:55:d4:7a:47:f3:96:c4:6b:fe:52:c7:55:61:43:
         c3:13:cc:8b:9d:83:74:e1:a9:db:cc:47:3e:e3:00:ae:11:aa:
         1c:88:2e:c8:05:c3:21:d6:ce:84:61:d3:07:35:63:c8:6e:a4:
         bf:af:87:04:92:47:12:59:3f:6c:2b:e3:74:21:b8:00:b5:bc:
         f5:d1:e2:28:49:df:e4:98:d7:28:ed:d6:9a:1e:c2:cc:fa:67:
         ea:f3:64:1f:98:55:6f:66:9a:4f:e8:b7:18:8c:fe:16:c3:63:
         ea:70:07:ef:26:13:dc:2a:2f:32:05:fa:c6:7b:f4:60:1e:0a:
         8d:77:92:2e:61:b2:61:e8:46:78:bf:2c:52:e1:a5:99:e0:68:
         c9:5d:e4:33:b4:74:9e:be:2e:15:da:72:f7:52:2a:ad:8f:38:
         a8:77:3e:c3:c5:08:78:b1:7d:66:e1:2e:bd:21:47:33:06:ae:
         b2:13:3f:53:91:5e:2d:ff:66:14:97:37:10:74:31:48:8c:ef:
         20:68:51:eb
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUOVaojuDH2J6XCINVOyQlVvzxjWUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhOWY0ZGM4MWU0NzBkY2NjNWZmZGJjYjExODI1MjljMWYy
ZmRiMjEzYjM1ZGY1NjQ2OTA5OGNhMjk1ODZlMzcwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2TJM2Vd4sDw2in+opMPU7rhfHWrIKd+NfUaWYS8Xwn4OT
dHKtu31NiXkJnclcRtbwqAKFYveuZxUkiYvE0QWYkOr2txGBGbowFB0hKs8+aP8f
fTTJ0DN1oSgnoFtuuRXHTlROlbch46r7WncpJIK37SPdQq20bplc4zoSu3AlvGzc
GlRZIn4XQQ8x6z6QnxkKkXn8Mp9yBv8eKdDxnyAqh3tkmWL5jLRpK+kTQVYGB2Ea
300mEmBnACUl3CbBqED74CzhBxzA/0U0SwkfTLZdIemna9oG6k3v60p4U/eAWFTP
cfbiODbyhePr6ajQDo6+JjhlQilOshl+grvfPJCnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUyjVi+0CsaMhWrjcWbZs2KTmgUpMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I2Mjk2NDRjLWM3YzgtNDVmYS05MjZmLTQyODcxOTMyNDE2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVTswDQYJKoZIhvcNAQELBQADggEBAKXe6+//WWTLQavPpOMlCQqV
mWr2OttfASoeZmYKCMiQT6bLzpMAAaqz4LJjX7UGNaYDbSKYCq+S+elV1HpH85bE
a/5Sx1VhQ8MTzIudg3ThqdvMRz7jAK4RqhyILsgFwyHWzoRh0wc1Y8hupL+vhwSS
RxJZP2wr43QhuAC1vPXR4ihJ3+SY1yjt1poewsz6Z+rzZB+YVW9mmk/otxiM/hbD
Y+pwB+8mE9wqLzIF+sZ79GAeCo13ki5hsmHoRni/LFLhpZngaMld5DO0dJ6+LhXa
cvdSKq2POKh3PsPFCHixfWbhLr0hRzMGrrITP1ORXi3/ZhSXNxB0MUiM7yBoUes=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org