Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cb273ecc-4c0a-4a93-8128-c3cdc38ff4b3.roa
File: cb273ecc-4c0a-4a93-8128-c3cdc38ff4b3.roa (raw, json)
Hash identifier: QGc5Ag9viH3R+7pw4L+zTaoBCvn9iyFO2QlwwEIwW9E=
Subject key identifier: E4:FF:25:06:55:5A:02:C3:46:6D:02:09:58:2B:97:12:43:95:69:26
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 23A67DE5D87B365975EF3E2B47C3E17B867B398C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cb273ecc-4c0a-4a93-8128-c3cdc38ff4b3.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0f0:731::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 23:22:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:a6:7d:e5:d8:7b:36:59:75:ef:3e:2b:47:c3:e1:7b:86:7b:39:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=5c20bb8b2455500965192d384119f63e44d063b085f7aa7ab3f65f8a0edb0e9a, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:97:d0:ca:49:01:ae:24:e1:51:4e:49:5f:1b:
f7:f8:87:5a:6d:46:97:03:62:cd:2b:0d:24:09:87:
1f:a5:a9:74:d3:85:e9:b0:4c:d7:d7:70:d7:ad:38:
f1:fe:36:97:31:3c:fd:8e:77:ab:98:50:f8:7c:3b:
6d:2d:12:44:61:9e:bc:be:8c:1a:86:e4:be:24:74:
42:25:60:fc:c8:c1:08:e2:b2:d1:dd:83:fc:d2:e8:
00:73:c0:20:7a:ec:c5:89:a0:38:3c:45:f9:c0:87:
66:44:0e:1b:62:42:82:ea:fc:f1:57:c7:4a:66:32:
a6:82:40:e8:9e:47:f9:dd:28:b5:f4:d2:55:76:f5:
57:7d:b4:8e:8c:42:94:d1:c5:04:2e:72:4b:5c:bd:
54:5f:a4:34:c8:3c:3d:ab:cd:af:a2:37:9c:2b:f8:
7e:77:10:4c:34:0d:cd:d2:04:52:db:dc:8e:2a:03:
4a:fb:3d:ad:d8:d6:b7:be:3f:41:9a:e1:81:29:83:
1c:81:78:a2:d7:9e:12:d8:3e:b2:c2:20:6e:d8:84:
00:01:0e:26:54:0f:a1:b1:47:2f:14:ca:c0:d7:e3:
7c:64:ec:6f:d0:a7:ce:37:78:a6:b3:02:5b:b3:76:
20:a4:63:f7:d9:6c:8b:1b:bc:76:0b:5d:9a:08:a7:
09:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:FF:25:06:55:5A:02:C3:46:6D:02:09:58:2B:97:12:43:95:69:26
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cb273ecc-4c0a-4a93-8128-c3cdc38ff4b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0f0:731::/48
Signature Algorithm: sha256WithRSAEncryption
8a:46:ba:77:11:f9:bb:a9:be:d5:90:87:64:97:45:92:62:d5:
0f:80:7c:36:b9:3f:c6:ef:37:26:36:63:38:3d:d3:a4:9e:0d:
6c:27:32:d8:1f:2a:fc:c4:e4:03:67:46:53:b0:10:78:79:d2:
3c:3f:59:2c:b8:7b:7e:8a:cd:12:14:ac:4c:0e:8f:3d:cb:54:
c2:57:8e:5d:86:e0:9a:49:1f:be:fc:18:70:2e:e1:d3:2b:48:
16:74:09:34:90:7a:9f:56:26:a4:52:df:7c:35:41:23:24:b0:
54:69:6c:1a:5a:ce:4f:56:58:e8:e4:2b:cf:47:56:f2:c9:bd:
a8:86:87:85:dd:f0:68:0d:62:3a:34:c8:30:14:bf:a5:40:ca:
0b:9c:8c:1f:72:b5:3f:8d:7c:bd:d8:8d:49:53:65:5f:ba:27:
76:e8:57:90:38:7d:ba:cd:d6:ae:21:15:ea:11:e5:f7:2f:55:
2b:ba:4a:ad:34:6e:5e:79:dd:0f:95:d3:10:44:c3:01:64:2c:
26:7d:71:ad:db:14:11:e0:b6:45:73:66:d9:0d:20:f8:ff:ea:
d7:bc:04:57:dd:dc:5b:4d:a2:5a:12:e3:b6:aa:e3:a2:08:1f:
fb:82:5a:1d:8d:3e:89:71:7b:a1:dd:f4:fc:56:3c:77:be:41:
93:63:80:86
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUI6Z95dh7Nll17z4rR8Phe4Z7OYwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YzIwYmI4YjI0NTU1MDA5NjUxOTJkMzg0MTE5ZjYzZTQ0
ZDA2M2IwODVmN2FhN2FiM2Y2NWY4YTBlZGIwZTlhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCl9DKSQGuJOFRTklfG/f4h1ptRpcDYs0rDSQJhx+lqXTT
hemwTNfXcNetOPH+NpcxPP2Od6uYUPh8O20tEkRhnry+jBqG5L4kdEIlYPzIwQji
stHdg/zS6ABzwCB67MWJoDg8RfnAh2ZEDhtiQoLq/PFXx0pmMqaCQOieR/ndKLX0
0lV29Vd9tI6MQpTRxQQucktcvVRfpDTIPD2rza+iN5wr+H53EEw0Dc3SBFLb3I4q
A0r7Pa3Y1re+P0Ga4YEpgxyBeKLXnhLYPrLCIG7YhAABDiZUD6GxRy8UysDX43xk
7G/Qp843eKazAluzdiCkY/fZbIsbvHYLXZoIpwnTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU5P8lBlVaAsNGbQIJWCuXEkOVaSYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2NiMjczZWNjLTRjMGEtNGE5My04MTI4LWMzY2RjMzhmZjRiMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwBzEwDQYJKoZIhvcNAQELBQADggEBAIpGuncR+bupvtWQh2SXRZJi
1Q+AfDa5P8bvNyY2Yzg906SeDWwnMtgfKvzE5ANnRlOwEHh50jw/WSy4e36KzRIU
rEwOjz3LVMJXjl2G4JpJH778GHAu4dMrSBZ0CTSQep9WJqRS33w1QSMksFRpbBpa
zk9WWOjkK89HVvLJvaiGh4Xd8GgNYjo0yDAUv6VAygucjB9ytT+NfL3YjUlTZV+6
J3boV5A4fbrN1q4hFeoR5fcvVSu6Sq00bl553Q+V0xBEwwFkLCZ9ca3bFBHgtkVz
ZtkNIPj/6te8BFfd3FtNoloS47aq46IIH/uCWh2NPolxe6Hd9PxWPHe+QZNjgIY=
-----END CERTIFICATE-----
Generated at Tue Jan 7 02:45:23 2025 by rpki-client on console-ams.rpki-client.org