Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf499b3b-258f-46c9-b076-fac6613c9227.roa
File:                     bf499b3b-258f-46c9-b076-fac6613c9227.roa (raw, json)
Hash identifier:          BFtTSTPfsydoQnO/wI3jcT4rJmhqtPcRbJ/GAuLjgB4=
Subject key identifier:   B6:1D:94:C6:A3:0D:ED:BC:81:2F:C9:92:EE:5E:26:5A:1B:59:70:D9
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1267653C00840544A94A1B76103518711D52D00E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf499b3b-258f-46c9-b076-fac6613c9227.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f3:ce40::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 17 Jan 2025 18:37:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:67:65:3c:00:84:05:44:a9:4a:1b:76:10:35:18:71:1d:52:d0:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=bcf8e502c667cf09e703b2722f8a269462dc2feebc960a1cbd8d39af1fbbe54a, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2d:a8:47:72:3c:92:d4:6c:ea:a8:cc:01:d7:
                    ab:4a:bf:30:dc:d4:d9:33:6b:c6:23:d2:cb:de:e1:
                    56:3b:4d:1b:42:80:17:cb:ec:c7:e3:95:42:2b:d0:
                    cb:f5:7a:35:1c:ef:4c:bf:8f:cc:4c:c6:7a:3f:c0:
                    d9:f9:8b:9e:06:da:3b:10:8a:15:4e:ad:f4:32:bf:
                    1f:b4:5e:5f:9a:94:67:de:6c:78:c6:99:3a:91:d2:
                    27:b3:1c:d6:13:b0:b2:39:87:27:20:f4:88:21:57:
                    0d:5a:bc:bb:08:bf:d3:41:10:f8:28:36:fb:b2:ff:
                    db:e8:ab:8b:5a:93:07:5a:5c:00:15:a4:5c:0d:5f:
                    2b:80:c7:e4:ec:b2:f7:38:ea:d6:7d:6d:95:e6:69:
                    39:d8:60:2c:c9:b0:2a:b4:20:97:1e:16:fd:c3:08:
                    00:30:b0:3c:5c:95:65:d9:9a:31:91:48:7c:4b:07:
                    97:75:87:ec:55:2f:3d:8f:dc:81:15:63:6f:c4:63:
                    e0:d6:1d:b9:e7:57:f7:a9:1e:75:11:26:99:68:a8:
                    96:de:47:7c:17:d3:7d:19:65:8f:d9:8c:2b:73:66:
                    37:03:24:69:84:37:73:e3:9c:fb:92:74:6b:fc:3f:
                    50:f5:fe:d9:29:f0:1e:6c:66:e1:a2:c8:98:53:19:
                    11:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:1D:94:C6:A3:0D:ED:BC:81:2F:C9:92:EE:5E:26:5A:1B:59:70:D9
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf499b3b-258f-46c9-b076-fac6613c9227.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f3:ce40::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:65:32:4b:6b:cc:00:10:9b:e0:57:b0:98:63:75:6f:d6:6b:
         1c:aa:c0:5b:87:08:fb:0e:29:ef:a0:dd:28:a6:eb:98:e3:35:
         3e:b8:ed:5c:d7:ba:9b:1b:f1:1c:0a:20:ee:1a:02:3b:dd:48:
         47:a2:bb:ac:74:4f:56:f5:a9:99:38:e1:5f:60:59:28:e5:9d:
         d1:f5:fc:27:f7:e4:5d:3d:89:b5:c8:d2:06:93:a8:62:4b:eb:
         19:ae:58:c2:4e:b2:56:83:a5:2a:e5:54:92:b4:b3:5d:e1:bc:
         03:6d:dd:77:5d:b5:f8:3f:5c:01:5c:82:25:ec:4d:9a:fc:d3:
         2d:66:6c:1b:00:f1:ba:10:bb:ca:a6:06:00:40:2b:5d:a0:1c:
         d1:11:71:f1:a9:31:ea:ee:ea:3f:de:fb:77:3e:e5:7b:0e:a8:
         a0:bb:61:d1:f1:76:4f:40:c2:7f:c3:81:a0:ca:4f:c1:b4:06:
         80:da:ae:c4:52:70:a1:1f:04:5c:f0:3f:b2:30:b9:c4:50:4e:
         70:46:af:01:48:76:b4:6e:03:84:c8:63:72:0b:6a:40:82:7f:
         71:f8:ab:a3:e7:d9:4e:30:bd:bd:ec:6e:d4:43:48:53:ff:40:
         79:41:fa:2e:b8:6e:71:32:10:20:7a:c6:81:f6:70:58:d6:d6:
         00:2a:e0:60
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUEmdlPACEBUSpSht2EDUYcR1S0A4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiY2Y4ZTUwMmM2NjdjZjA5ZTcwM2IyNzIyZjhhMjY5NDYy
ZGMyZmVlYmM5NjBhMWNiZDhkMzlhZjFmYmJlNTRhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8LahHcjyS1GzqqMwB16tKvzDc1Nkza8Yj0sve4VY7TRtC
gBfL7MfjlUIr0Mv1ejUc70y/j8xMxno/wNn5i54G2jsQihVOrfQyvx+0Xl+alGfe
bHjGmTqR0iezHNYTsLI5hycg9IghVw1avLsIv9NBEPgoNvuy/9voq4takwdaXAAV
pFwNXyuAx+Tssvc46tZ9bZXmaTnYYCzJsCq0IJceFv3DCAAwsDxclWXZmjGRSHxL
B5d1h+xVLz2P3IEVY2/EY+DWHbnnV/epHnURJploqJbeR3wX030ZZY/ZjCtzZjcD
JGmEN3PjnPuSdGv8P1D1/tkp8B5sZuGiyJhTGRFLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUth2UxqMN7byBL8mS7l4mWhtZcNkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2JmNDk5YjNiLTI1OGYtNDZjOS1iMDc2LWZhYzY2MTNjOTIyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDzzkAwDQYJKoZIhvcNAQELBQADggEBACBlMktrzAAQm+BXsJhjdW/W
axyqwFuHCPsOKe+g3Sim65jjNT647VzXupsb8RwKIO4aAjvdSEeiu6x0T1b1qZk4
4V9gWSjlndH1/Cf35F09ibXI0gaTqGJL6xmuWMJOslaDpSrlVJK0s13hvANt3Xdd
tfg/XAFcgiXsTZr80y1mbBsA8boQu8qmBgBAK12gHNERcfGpMeru6j/e+3c+5XsO
qKC7YdHxdk9Awn/DgaDKT8G0BoDarsRScKEfBFzwP7IwucRQTnBGrwFIdrRuA4TI
Y3ILakCCf3H4q6Pn2U4wvb3sbtRDSFP/QHlB+i64bnEyECB6xoH2cFjW1gAq4GA=
-----END CERTIFICATE-----
Generated at Fri Jan 17 21:35:14 2025 by rpki-client on console-fra.rpki-client.org