Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2ebc63-9aa8-4435-8e64-d40af8bb4f69.roa
File:                     ee2ebc63-9aa8-4435-8e64-d40af8bb4f69.roa (raw, json)
Hash identifier:          NUZ7r/FwOBELUseYgE2/62gSYA57L3ZgPMNj80R+P2A=
Subject key identifier:   91:EE:D2:7F:B8:80:EC:21:40:D3:CF:CD:13:B0:E9:B7:C5:FD:36:38
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       66070F3FDE4CC478954D623D91073AD4CB53513A
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2ebc63-9aa8-4435-8e64-d40af8bb4f69.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e900::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:40:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:07:0f:3f:de:4c:c4:78:95:4d:62:3d:91:07:3a:d4:cb:53:51:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=d0a898aec5c661a3907770ad8890b8c680cb84622c66d9a0c7d2f8bff403a968, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:67:26:73:ba:67:2e:e9:56:c7:18:ab:b5:ec:
                    91:89:1b:90:b2:85:fc:fa:ce:70:cf:ea:72:5e:a6:
                    3a:b9:a3:b0:6e:3d:a9:11:21:96:40:fc:71:cc:dd:
                    ee:a2:d0:ab:fb:f7:d3:2b:84:65:23:e1:87:47:78:
                    ee:64:ef:b4:68:d2:4c:6e:0e:ea:9f:a6:ec:a4:c3:
                    26:20:b8:3b:db:c4:c5:85:75:ac:7c:7d:2b:9a:5f:
                    9b:92:a1:39:cd:ba:28:3e:73:2e:03:8c:71:b0:5c:
                    f3:17:66:62:ef:52:8c:28:51:3f:3e:84:98:26:38:
                    1a:8d:75:46:bd:7d:94:75:87:31:4f:70:90:da:82:
                    76:ca:ec:f5:96:7f:37:3b:ca:db:3b:55:78:6a:a5:
                    e3:22:65:8f:a5:5f:51:5c:e4:4a:0a:ee:02:9a:35:
                    8b:5c:1f:eb:85:f8:59:88:40:a0:06:5c:73:c0:a3:
                    fc:76:19:76:84:78:27:8b:3a:26:84:88:d1:cc:14:
                    5f:f2:92:dc:25:50:ef:26:f4:55:83:14:78:ba:2f:
                    32:c2:d2:9d:fd:82:dc:91:d8:7d:87:ef:3a:95:d9:
                    01:95:7a:68:64:62:34:e8:b9:10:fc:6a:97:01:a3:
                    8a:70:e4:52:a0:ba:f4:8c:f4:bb:29:7e:5b:ac:51:
                    df:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:EE:D2:7F:B8:80:EC:21:40:D3:CF:CD:13:B0:E9:B7:C5:FD:36:38
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2ebc63-9aa8-4435-8e64-d40af8bb4f69.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e900::/40

    Signature Algorithm: sha256WithRSAEncryption
         1c:fe:78:26:24:a4:23:2a:f5:dd:68:8f:ef:6b:da:20:d6:81:
         6b:ef:70:d5:2b:4d:25:a3:5e:8c:70:ef:28:32:fe:51:9e:77:
         3e:75:23:cb:c4:aa:1a:b9:a0:98:c3:4e:eb:68:10:8b:08:47:
         ad:d6:42:62:23:0e:79:59:42:c6:34:ae:08:cd:12:55:85:06:
         62:4c:2f:1b:f0:cd:1b:d5:f7:b0:70:f7:fa:e4:9d:d0:ba:1a:
         f4:56:1b:27:de:f5:1c:1a:b0:5e:bb:41:6f:64:d5:f1:54:04:
         12:0f:f8:d7:16:02:d2:4e:8d:6b:20:7c:5b:18:92:1f:aa:4a:
         78:8d:46:8a:bf:3d:a5:06:11:39:d8:2a:ca:05:bd:14:d6:c1:
         a5:b2:53:33:6a:07:67:a4:4f:69:fe:e8:35:71:a1:80:43:a9:
         cc:3f:42:63:ac:2b:94:ea:76:47:bc:5e:fc:ec:cb:31:de:ae:
         2c:a4:b8:34:6d:fb:9b:e4:06:1f:39:34:24:b3:ea:9b:33:5c:
         c2:b2:c3:a1:db:76:1d:78:0b:ee:a0:3e:00:4c:bf:5d:ef:c5:
         a3:60:b5:89:fb:04:cf:c8:43:b0:90:17:d8:b8:d2:e4:bc:33:
         7f:78:96:e7:a2:97:9b:3d:36:ec:9c:e3:35:84:92:1d:26:cd:
         de:1f:13:1d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUZgcPP95MxHiVTWI9kQc61MtTUTowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMGE4OThhZWM1YzY2MWEzOTA3NzcwYWQ4ODkwYjhjNjgw
Y2I4NDYyMmM2NmQ5YTBjN2QyZjhiZmY0MDNhOTY4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLZyZzumcu6VbHGKu17JGJG5Cyhfz6znDP6nJepjq5o7Bu
PakRIZZA/HHM3e6i0Kv799MrhGUj4YdHeO5k77Ro0kxuDuqfpuykwyYguDvbxMWF
dax8fSuaX5uSoTnNuig+cy4DjHGwXPMXZmLvUowoUT8+hJgmOBqNdUa9fZR1hzFP
cJDagnbK7PWWfzc7yts7VXhqpeMiZY+lX1Fc5EoK7gKaNYtcH+uF+FmIQKAGXHPA
o/x2GXaEeCeLOiaEiNHMFF/yktwlUO8m9FWDFHi6LzLC0p39gtyR2H2H7zqV2QGV
emhkYjTouRD8apcBo4pw5FKguvSM9LspflusUd8nAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUke7Sf7iA7CFA08/NE7Dpt8X9NjgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2VlMmViYzYzLTlhYTgtNDQzNS04ZTY0LWQ0MGFmOGJiNGY2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD76TANBgkqhkiG9w0BAQsFAAOCAQEAHP54JiSkIyr13WiP72vaINaB
a+9w1StNJaNejHDvKDL+UZ53PnUjy8SqGrmgmMNO62gQiwhHrdZCYiMOeVlCxjSu
CM0SVYUGYkwvG/DNG9X3sHD3+uSd0Loa9FYbJ971HBqwXrtBb2TV8VQEEg/41xYC
0k6NayB8WxiSH6pKeI1Gir89pQYROdgqygW9FNbBpbJTM2oHZ6RPaf7oNXGhgEOp
zD9CY6wrlOp2R7xe/OzLMd6uLKS4NG37m+QGHzk0JLPqmzNcwrLDodt2HXgL7qA+
AEy/Xe/Fo2C1ifsEz8hDsJAX2LjS5Lwzf3iW56KXmz027JzjNYSSHSbN3h8THQ==
-----END CERTIFICATE-----
Generated at Tue Jan 7 02:45:23 2025 by rpki-client on console-ams.rpki-client.org