Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d8ee725b-c50e-4bc5-97e5-faca8c27f30e.roa
File:                     d8ee725b-c50e-4bc5-97e5-faca8c27f30e.roa (raw, json)
Hash identifier:          +F11Pq4cCScPJrWYJ8v/LROSPaBQhV1SMt1giqF2jIY=
Subject key identifier:   C0:A7:76:8D:B3:52:04:17:E2:CB:2C:8B:7C:EF:59:ED:51:50:F1:22
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       291CB457A7BB46118AEDC9D2FA50D857F1C8D657
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d8ee725b-c50e-4bc5-97e5-faca8c27f30e.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f004::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:38:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:1c:b4:57:a7:bb:46:11:8a:ed:c9:d2:fa:50:d8:57:f1:c8:d6:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=402c73c5d65353b5f083f339f1fbe10f2b84839edc89217c67a8e05a6700be7e, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0e:fd:ab:fa:92:b3:4e:cc:1d:08:df:07:9f:
                    42:00:65:57:79:20:02:1e:a1:d2:ea:42:57:1c:b0:
                    56:b0:e4:18:99:2c:e6:e7:2e:6f:04:22:b5:f7:b0:
                    56:12:60:7c:d3:47:64:8b:02:ac:3e:9d:74:41:6d:
                    dd:bb:26:42:de:b7:8b:aa:79:5c:a3:aa:45:97:da:
                    a0:09:31:7b:c6:68:ea:fb:f1:69:a5:cc:c0:9d:41:
                    76:a4:27:a6:93:e6:73:c7:81:1b:b8:1a:ee:bd:78:
                    8e:1f:4e:19:58:2d:3d:7f:be:a8:4e:72:f4:83:21:
                    7a:10:d8:a7:b9:90:c2:75:64:e4:a9:fb:ee:f9:a5:
                    b0:0b:54:7d:91:1c:df:3d:38:8e:a2:b8:30:24:f8:
                    b4:6b:cc:56:05:48:b2:8a:9c:a6:69:53:80:cd:d5:
                    4a:be:47:2c:7c:97:4d:ef:c6:d3:85:b0:16:af:82:
                    f7:67:7c:6f:6a:c9:57:95:0b:c3:09:48:b8:d9:01:
                    a5:76:48:21:4b:23:12:97:52:c7:9d:5e:85:bf:43:
                    54:bb:58:46:eb:5d:64:bc:2a:a0:08:ea:83:9d:89:
                    9c:6f:f4:b1:ad:4b:1c:e9:c5:6a:48:38:ee:d0:a3:
                    c9:39:6f:c9:4c:90:b2:15:a5:ad:75:4d:5b:f3:97:
                    13:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:A7:76:8D:B3:52:04:17:E2:CB:2C:8B:7C:EF:59:ED:51:50:F1:22
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d8ee725b-c50e-4bc5-97e5-faca8c27f30e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f004::/40

    Signature Algorithm: sha256WithRSAEncryption
         1b:b4:40:5b:22:31:39:3e:61:c8:a9:18:52:87:54:0d:9d:6e:
         8c:03:25:96:d0:07:a5:66:14:2f:08:95:ea:57:f4:95:b7:d6:
         7e:4c:32:10:e5:06:3b:f1:3b:3e:5a:70:e7:b2:45:fe:1c:51:
         95:c1:39:a3:7c:c9:1c:1a:d3:0e:62:d1:10:93:e8:6e:bf:7f:
         24:48:37:37:0c:b8:3c:dd:ad:e4:6d:c7:5b:db:67:6d:36:97:
         16:b2:14:9d:b2:3b:6a:f4:e3:46:fe:2f:42:10:b5:e3:09:8b:
         d1:35:b2:c3:bc:d1:6c:5e:8f:3a:c5:a2:c7:de:67:8d:1d:57:
         9f:fa:c8:59:35:18:ee:a3:7f:1b:0f:01:0e:2c:1a:2c:c1:bc:
         aa:87:47:20:79:54:45:e8:b5:1a:39:47:d2:69:2a:4a:7e:6f:
         0c:12:78:41:0b:a5:f9:cc:21:0a:60:9e:b1:06:c1:c5:8b:7c:
         15:ec:22:8f:6c:75:62:4b:ad:80:17:77:69:7f:bd:ed:38:10:
         2f:6f:68:57:29:b8:a3:22:00:c9:19:5b:c8:13:8e:38:73:e3:
         9e:d9:5c:eb:d8:aa:73:ea:ac:2f:df:f2:86:3d:3b:91:39:05:
         fc:9a:11:ce:ac:ca:9e:80:66:bf:d6:3f:9c:f4:38:c8:dc:a7:
         d7:31:e1:58
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUKRy0V6e7RhGK7cnS+lDYV/HI1lcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MDJjNzNjNWQ2NTM1M2I1ZjA4M2YzMzlmMWZiZTEwZjJi
ODQ4MzllZGM4OTIxN2M2N2E4ZTA1YTY3MDBiZTdlMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3Dv2r+pKzTswdCN8Hn0IAZVd5IAIeodLqQlccsFaw5BiZ
LObnLm8EIrX3sFYSYHzTR2SLAqw+nXRBbd27JkLet4uqeVyjqkWX2qAJMXvGaOr7
8WmlzMCdQXakJ6aT5nPHgRu4Gu69eI4fThlYLT1/vqhOcvSDIXoQ2Ke5kMJ1ZOSp
++75pbALVH2RHN89OI6iuDAk+LRrzFYFSLKKnKZpU4DN1Uq+Ryx8l03vxtOFsBav
gvdnfG9qyVeVC8MJSLjZAaV2SCFLIxKXUsedXoW/Q1S7WEbrXWS8KqAI6oOdiZxv
9LGtSxzpxWpIOO7Qo8k5b8lMkLIVpa11TVvzlxObAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUwKd2jbNSBBfiyyyLfO9Z7VFQ8SIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2Q4ZWU3MjViLWM1MGUtNGJjNS05N2U1LWZhY2E4YzI3ZjMwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPAEADANBgkqhkiG9w0BAQsFAAOCAQEAG7RAWyIxOT5hyKkYUodUDZ1u
jAMlltAHpWYULwiV6lf0lbfWfkwyEOUGO/E7Plpw57JF/hxRlcE5o3zJHBrTDmLR
EJPobr9/JEg3Nwy4PN2t5G3HW9tnbTaXFrIUnbI7avTjRv4vQhC14wmL0TWyw7zR
bF6POsWix95njR1Xn/rIWTUY7qN/Gw8BDiwaLMG8qodHIHlURei1GjlH0mkqSn5v
DBJ4QQul+cwhCmCesQbBxYt8Fewij2x1YkutgBd3aX+97TgQL29oVym4oyIAyRlb
yBOOOHPjntlc69iqc+qsL9/yhj07kTkF/JoRzqzKnoBmv9Y/nPQ4yNyn1zHhWA==
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org