Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/fbfb4db3-3d0c-4420-b30d-ffe7941c87f5.roa
File:                     fbfb4db3-3d0c-4420-b30d-ffe7941c87f5.roa (raw, json)
Hash identifier:          U7jAfijKVS0HhF5wipMN2PVfWCkaQYaVtR1YH7FjOUc=
Subject key identifier:   30:18:22:7C:CA:33:7A:03:B9:FF:2A:46:59:D1:3E:3E:1C:B6:6A:E8
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6A5447013C67D8BAE405F78A34AD668C6F89A9BA
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/fbfb4db3-3d0c-4420-b30d-ffe7941c87f5.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e000::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:38:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:54:47:01:3c:67:d8:ba:e4:05:f7:8a:34:ad:66:8c:6f:89:a9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=afcac3ff858bf2138cc65565ff5bdfa9a5374aa50e58614849e223f44bc0df8c, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2d:03:c4:24:9b:5d:f9:97:f2:f6:d6:bd:0c:
                    dd:2b:f1:03:57:48:d9:28:e9:b1:74:a9:3e:e5:b3:
                    86:d6:2f:0b:af:85:c8:48:af:28:c6:45:a7:92:60:
                    09:b3:3f:be:5a:5b:63:40:ca:8e:16:0e:4c:b7:01:
                    e7:0c:36:f7:7c:65:d8:69:13:ac:90:42:87:a7:c1:
                    66:37:ae:6c:c7:d8:3c:c2:f2:3d:d7:a4:45:4e:bb:
                    fe:b5:a7:c5:97:3d:81:4e:3e:35:c0:30:02:1c:a6:
                    31:ee:7b:a7:1d:af:ee:20:8b:94:3c:2f:d6:21:cf:
                    39:e0:83:7c:33:ae:39:18:b7:38:b5:e1:69:c5:8d:
                    83:b3:6e:59:36:04:53:ff:6e:11:29:7c:58:e6:30:
                    d8:d8:31:3a:f1:53:1e:c4:ff:6d:ae:da:fd:96:b5:
                    ce:00:49:18:6e:44:ff:19:64:2f:f9:14:72:9f:49:
                    e3:1d:66:a1:dc:61:c5:b7:06:bc:59:fe:71:67:b4:
                    ba:29:ef:c7:16:b7:8d:11:95:fc:06:16:9d:a6:38:
                    0c:7d:bf:5b:4d:75:78:92:a6:b8:5d:d2:ac:4d:6b:
                    f4:bc:ab:8a:42:f3:0b:9d:4b:fe:f4:89:99:93:e6:
                    f9:59:e7:c8:f1:d8:ae:b1:b4:3a:cc:7e:99:3d:bc:
                    f6:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:18:22:7C:CA:33:7A:03:B9:FF:2A:46:59:D1:3E:3E:1C:B6:6A:E8
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/fbfb4db3-3d0c-4420-b30d-ffe7941c87f5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         4e:46:9a:d7:36:9e:42:e1:4b:ec:a9:df:02:12:ff:16:8f:23:
         a1:d7:d7:ca:4e:b5:cb:db:d1:10:11:7d:b7:06:fc:aa:ea:0f:
         d6:5c:6f:15:11:12:a0:3f:3d:ca:7a:a3:5c:cf:73:04:93:37:
         f2:1a:ea:62:7c:cc:6a:cb:f7:1c:93:44:c5:95:4a:64:b6:f4:
         3d:b8:12:e5:99:66:ee:aa:28:60:54:d3:4a:03:4b:9b:72:ac:
         21:63:1d:fb:f5:8a:68:dc:cb:e3:15:f1:dc:6e:00:96:c9:45:
         e9:d3:ee:52:d7:5c:c1:50:0b:1f:a6:59:76:53:2d:20:57:25:
         36:3d:87:a1:55:3a:53:95:57:33:3a:c2:90:fe:6c:a9:6d:0c:
         0d:f4:38:18:fc:b1:6c:ef:6c:90:05:13:38:d4:c3:36:da:05:
         29:96:e0:5a:03:cc:21:92:8e:c8:17:f6:ac:0a:29:1d:6c:13:
         e3:69:40:b4:69:30:4f:d3:0a:26:f1:f4:ea:d8:a8:2c:6d:29:
         99:c5:33:03:83:02:78:10:89:d2:38:fe:61:15:ed:7e:c9:bf:
         f2:77:b4:1d:33:45:ce:5e:28:6b:88:2b:a0:1a:2f:49:e1:d9:
         da:7f:2d:20:e3:65:25:90:39:d1:9c:13:22:3d:6a:1c:9a:e4:
         d3:61:fc:4f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUalRHATxn2LrkBfeKNK1mjG+JqbowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZmNhYzNmZjg1OGJmMjEzOGNjNjU1NjVmZjViZGZhOWE1
Mzc0YWE1MGU1ODYxNDg0OWUyMjNmNDRiYzBkZjhjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnLQPEJJtd+Zfy9ta9DN0r8QNXSNko6bF0qT7ls4bWLwuv
hchIryjGRaeSYAmzP75aW2NAyo4WDky3AecMNvd8ZdhpE6yQQoenwWY3rmzH2DzC
8j3XpEVOu/61p8WXPYFOPjXAMAIcpjHue6cdr+4gi5Q8L9Yhzzngg3wzrjkYtzi1
4WnFjYOzblk2BFP/bhEpfFjmMNjYMTrxUx7E/22u2v2Wtc4ASRhuRP8ZZC/5FHKf
SeMdZqHcYcW3BrxZ/nFntLop78cWt40RlfwGFp2mOAx9v1tNdXiSprhd0qxNa/S8
q4pC8wudS/70iZmT5vlZ58jx2K6xtDrMfpk9vPadAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUMBgifMozegO5/ypGWdE+Phy2augwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2ZiZmI0ZGIzLTNkMGMtNDQyMC1iMzBkLWZmZTc5NDFjODdmNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD74DANBgkqhkiG9w0BAQsFAAOCAQEATkaa1zaeQuFL7KnfAhL/Fo8j
odfXyk61y9vREBF9twb8quoP1lxvFRESoD89ynqjXM9zBJM38hrqYnzMasv3HJNE
xZVKZLb0PbgS5Zlm7qooYFTTSgNLm3KsIWMd+/WKaNzL4xXx3G4AlslF6dPuUtdc
wVALH6ZZdlMtIFclNj2HoVU6U5VXMzrCkP5sqW0MDfQ4GPyxbO9skAUTONTDNtoF
KZbgWgPMIZKOyBf2rAopHWwT42lAtGkwT9MKJvH06tioLG0pmcUzA4MCeBCJ0jj+
YRXtfsm/8ne0HTNFzl4oa4groBovSeHZ2n8tIONlJZA50ZwTIj1qHJrk02H8Tw==
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org