Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbcc547e-b103-4291-99b0-fb6ecff6531d.roa
File:                     cbcc547e-b103-4291-99b0-fb6ecff6531d.roa (raw, json)
Hash identifier:          +7CROjSntCSREgSDTCWJM6I33FCHf6wyw6Px8N8dbno=
Subject key identifier:   73:1F:D4:D1:46:40:FB:B8:1F:28:44:26:8F:8E:1E:94:9F:02:94:F8
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6360655A36269C39B62990162DA3A8548ED07BCA
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbcc547e-b103-4291-99b0-fb6ecff6531d.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5526::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:21:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:60:65:5a:36:26:9c:39:b6:29:90:16:2d:a3:a8:54:8e:d0:7b:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=d5728c120e34316cee58ddc372ae93aec15842e7f57f6eb17fc68729bc12a02e, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f8:b8:3d:07:1d:22:1f:d2:39:ec:a4:0a:63:
                    33:60:cf:41:23:fd:b3:44:c9:04:59:5f:84:d3:0d:
                    de:fa:4a:dc:de:65:77:0c:15:dd:6a:f0:47:01:ba:
                    81:7e:3c:73:7d:33:07:92:c4:1a:fe:55:8a:dc:b0:
                    5e:fd:eb:da:4e:1d:70:69:6b:cd:99:29:f0:d2:0d:
                    6b:c3:1b:fc:d1:f7:42:7d:b0:9f:b7:50:bc:6e:21:
                    5e:20:67:53:0d:29:1f:c9:06:69:4e:d9:fb:17:d0:
                    80:7a:01:ec:d7:f9:a0:89:f3:df:7d:2d:3b:6e:74:
                    ca:9c:2a:49:78:3d:69:40:d7:d6:eb:6e:10:7e:03:
                    6e:4b:17:b7:c5:e1:92:31:33:b8:4a:88:c1:56:54:
                    de:fd:ab:e4:31:d4:7c:d2:96:dc:f9:a2:0c:05:c9:
                    77:dc:80:51:15:39:a2:ac:13:4a:90:23:76:e4:97:
                    56:ee:86:a1:b9:a4:57:19:99:03:95:27:70:9f:75:
                    72:68:7c:c7:2e:69:b8:be:db:88:fb:08:12:da:6b:
                    02:6b:7c:21:fb:f5:05:51:2a:7c:f4:33:28:c5:e0:
                    34:a6:ef:7b:e5:d7:b2:37:b6:8f:8b:ca:96:52:b2:
                    5b:9a:8b:56:87:39:ad:ea:a6:da:4c:ba:30:72:69:
                    3f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:1F:D4:D1:46:40:FB:B8:1F:28:44:26:8F:8E:1E:94:9F:02:94:F8
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbcc547e-b103-4291-99b0-fb6ecff6531d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5526::/48

    Signature Algorithm: sha256WithRSAEncryption
         3c:b4:9d:58:13:ee:95:37:d0:b7:29:eb:45:26:f7:5c:dc:a7:
         51:da:40:5e:fc:fc:fb:19:cc:bb:34:00:02:8b:1b:27:eb:ce:
         76:67:43:1e:aa:7f:64:69:dc:d7:6a:1b:c1:d9:4e:b8:a2:6e:
         6a:c4:af:5e:a6:d6:12:b8:d3:6d:fe:b9:35:3e:4b:ca:54:16:
         4e:e2:51:9e:59:91:07:cc:b0:d5:54:68:55:6b:8f:78:a3:24:
         39:00:6e:ee:5c:50:b6:bd:42:2d:bb:6a:af:b4:6b:3b:e2:f1:
         bd:a3:fa:0d:e0:25:e5:f6:54:b6:31:c1:59:7a:a8:88:06:82:
         42:9e:df:17:94:37:40:32:3d:c8:be:9b:45:d9:d5:2f:df:cd:
         a0:65:a1:77:73:c1:ec:3a:03:d1:05:54:96:c2:bb:f0:66:0e:
         2c:cb:ef:41:33:99:5a:af:2d:1d:25:50:79:18:f6:f1:e5:c3:
         83:2d:c0:1f:38:0c:67:e7:5d:1a:d0:7e:4b:bf:91:b7:45:96:
         73:ac:ce:8b:45:44:fb:58:2d:83:de:6c:02:98:cf:42:fe:e3:
         0d:78:95:0f:3e:65:be:7b:29:01:a2:24:f0:35:0b:e8:c0:42:
         38:4b:0d:a2:57:bb:8f:02:13:e2:e0:bf:54:a3:ed:fc:0a:3e:
         dc:b1:a4:31
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUY2BlWjYmnDm2KZAWLaOoVI7Qe8owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNTcyOGMxMjBlMzQzMTZjZWU1OGRkYzM3MmFlOTNhZWMx
NTg0MmU3ZjU3ZjZlYjE3ZmM2ODcyOWJjMTJhMDJlMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq+Lg9Bx0iH9I57KQKYzNgz0Ej/bNEyQRZX4TTDd76Stze
ZXcMFd1q8EcBuoF+PHN9MweSxBr+VYrcsF7969pOHXBpa82ZKfDSDWvDG/zR90J9
sJ+3ULxuIV4gZ1MNKR/JBmlO2fsX0IB6AezX+aCJ8999LTtudMqcKkl4PWlA19br
bhB+A25LF7fF4ZIxM7hKiMFWVN79q+Qx1HzSltz5ogwFyXfcgFEVOaKsE0qQI3bk
l1buhqG5pFcZmQOVJ3CfdXJofMcuabi+24j7CBLaawJrfCH79QVRKnz0MyjF4DSm
73vl17I3to+LypZSsluai1aHOa3qptpMujByaT8xAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUcx/U0UZA+7gfKEQmj44elJ8ClPgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2NiY2M1NDdlLWIxMDMtNDI5MS05OWIwLWZiNmVjZmY2NTMxZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVSYwDQYJKoZIhvcNAQELBQADggEBADy0nVgT7pU30Lcp60Um91zc
p1HaQF78/PsZzLs0AAKLGyfrznZnQx6qf2Rp3NdqG8HZTriibmrEr16m1hK4023+
uTU+S8pUFk7iUZ5ZkQfMsNVUaFVrj3ijJDkAbu5cULa9Qi27aq+0azvi8b2j+g3g
JeX2VLYxwVl6qIgGgkKe3xeUN0AyPci+m0XZ1S/fzaBloXdzwew6A9EFVJbCu/Bm
DizL70EzmVqvLR0lUHkY9vHlw4MtwB84DGfnXRrQfku/kbdFlnOszotFRPtYLYPe
bAKYz0L+4w14lQ8+Zb57KQGiJPA1C+jAQjhLDaJXu48CE+Lgv1Sj7fwKPtyxpDE=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org