Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/eac45c3f-5113-4e7b-9fe9-d61320788526.roa
File:                     eac45c3f-5113-4e7b-9fe9-d61320788526.roa (raw, json)
Hash identifier:          7OdqV3ihg0D0kLWOPRpLGPOOwijTQWLADrwdhdxRIyI=
Subject key identifier:   A0:15:B3:D4:16:9F:98:ED:88:46:0C:1A:84:42:D1:B9:C7:61:6B:61
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       22ADC0E1516C318BCB9FE3F8F0EFCB0FA7946647
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/eac45c3f-5113-4e7b-9fe9-d61320788526.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f3:ce80::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 17 Jan 2025 18:37:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:ad:c0:e1:51:6c:31:8b:cb:9f:e3:f8:f0:ef:cb:0f:a7:94:66:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=61b660d44f75bdb555d6c90123d21926695414edfe6ea3a77464711e0d0303bf, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:4d:37:2b:23:08:74:36:19:e7:08:08:ca:0f:
                    0a:69:28:a6:2c:8a:d3:fe:87:19:ce:f4:42:c7:82:
                    9d:2b:ca:c0:d6:dd:0e:a9:ec:a4:ad:b0:ed:a0:90:
                    b0:ea:d4:7b:7f:dd:e5:fa:c5:68:50:9f:6d:01:5a:
                    a2:48:41:76:43:24:b8:88:38:07:12:fa:7b:0f:49:
                    57:34:bf:2f:20:33:9c:ee:38:0b:b1:84:81:b0:a7:
                    ba:6a:b1:7f:ba:0f:02:63:99:86:82:d6:05:ad:8b:
                    83:2b:29:b3:90:a1:df:13:a6:d4:15:dd:cc:d7:e9:
                    8d:30:e3:a6:eb:77:42:dc:f5:ea:c9:a1:06:57:11:
                    36:c7:0d:b5:2f:a0:6c:e9:a9:a9:91:e8:0b:7d:04:
                    16:7b:cd:59:2b:a6:de:a1:83:dd:66:a3:9c:2b:98:
                    8b:b3:20:1b:69:ab:2e:7c:8b:f8:e9:fe:44:81:06:
                    79:16:2f:e2:dc:fb:b2:fd:e2:c1:0f:b7:04:00:21:
                    9d:1f:31:5b:ba:51:b2:63:10:54:97:0e:d5:4b:65:
                    11:f7:55:51:95:0d:71:56:6a:82:13:c0:6e:52:07:
                    de:d5:79:5d:ed:94:6e:4a:8f:ec:f0:2a:5c:7b:d2:
                    66:04:9e:6d:5d:8c:7b:f0:24:a2:c9:fc:a3:37:42:
                    40:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:15:B3:D4:16:9F:98:ED:88:46:0C:1A:84:42:D1:B9:C7:61:6B:61
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/eac45c3f-5113-4e7b-9fe9-d61320788526.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f3:ce80::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:ff:50:2a:ff:b8:c1:d3:c9:0f:78:9c:f2:35:85:b9:21:2d:
         99:19:05:6f:2a:2a:03:3b:0f:6c:51:e1:00:82:af:b1:30:61:
         81:a2:7d:8a:67:2b:0b:77:87:93:66:99:de:19:bd:02:0e:30:
         ac:e8:b5:42:e1:00:df:33:0c:09:d6:7b:83:4e:d0:05:98:64:
         b8:3d:f2:c2:c2:4b:66:c0:1f:e5:0f:07:8b:0a:ca:1d:85:53:
         45:61:bd:e6:f8:e4:e8:d7:ce:88:71:4d:58:2d:34:13:e0:36:
         5b:83:09:87:e5:df:bb:99:80:3b:b9:79:eb:10:0a:38:02:ac:
         c2:f5:b9:06:b6:e0:f9:9a:40:d3:de:e6:f8:a2:11:a8:17:a6:
         49:df:15:f9:c5:97:47:7b:fa:0e:10:ae:0b:50:69:fa:50:54:
         0b:9d:4f:47:0b:4d:27:91:0f:f6:fa:bf:48:7d:af:f9:cc:a6:
         7c:df:12:c4:13:8e:71:b9:67:dd:25:94:a2:53:4a:c1:c1:94:
         97:38:a4:59:e8:e6:ce:1a:50:ba:c7:69:88:d5:82:59:c1:99:
         28:b0:4c:e1:31:05:09:82:82:4b:6b:90:57:e8:fa:96:4e:1f:
         1d:d3:c8:55:cc:44:7a:03:8b:59:1d:57:a0:f8:54:f3:12:b9:
         11:1c:12:bd
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUIq3A4VFsMYvLn+P48O/LD6eUZkcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MWI2NjBkNDRmNzViZGI1NTVkNmM5MDEyM2QyMTkyNjY5
NTQxNGVkZmU2ZWEzYTc3NDY0NzExZTBkMDMwM2JmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7TTcrIwh0NhnnCAjKDwppKKYsitP+hxnO9ELHgp0rysDW
3Q6p7KStsO2gkLDq1Ht/3eX6xWhQn20BWqJIQXZDJLiIOAcS+nsPSVc0vy8gM5zu
OAuxhIGwp7pqsX+6DwJjmYaC1gWti4MrKbOQod8TptQV3czX6Y0w46brd0Lc9erJ
oQZXETbHDbUvoGzpqamR6At9BBZ7zVkrpt6hg91mo5wrmIuzIBtpqy58i/jp/kSB
BnkWL+Lc+7L94sEPtwQAIZ0fMVu6UbJjEFSXDtVLZRH3VVGVDXFWaoITwG5SB97V
eV3tlG5Kj+zwKlx70mYEnm1djHvwJKLJ/KM3QkBTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUoBWz1BafmO2IRgwahELRucdha2EwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2VhYzQ1YzNmLTUxMTMtNGU3Yi05ZmU5LWQ2MTMyMDc4ODUyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDzzoAwDQYJKoZIhvcNAQELBQADggEBAKL/UCr/uMHTyQ94nPI1hbkh
LZkZBW8qKgM7D2xR4QCCr7EwYYGifYpnKwt3h5Nmmd4ZvQIOMKzotULhAN8zDAnW
e4NO0AWYZLg98sLCS2bAH+UPB4sKyh2FU0Vhveb45OjXzohxTVgtNBPgNluDCYfl
37uZgDu5eesQCjgCrML1uQa24PmaQNPe5viiEagXpknfFfnFl0d7+g4QrgtQafpQ
VAudT0cLTSeRD/b6v0h9r/nMpnzfEsQTjnG5Z90llKJTSsHBlJc4pFno5s4aULrH
aYjVglnBmSiwTOExBQmCgktrkFfo+pZOHx3TyFXMRHoDi1kdV6D4VPMSuREcEr0=
-----END CERTIFICATE-----
Generated at Fri Jan 17 21:35:14 2025 by rpki-client on console-fra.rpki-client.org