Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/fe78b365-133c-42ac-b323-7fb469bea007.roa
File:                     fe78b365-133c-42ac-b323-7fb469bea007.roa (raw, json)
Hash identifier:          FL/mTs9us3CZ+5CX0CANTks8jYfgnk5ePDOq5Z2s/q4=
Subject key identifier:   15:71:4C:89:E3:83:78:36:75:2A:DE:B3:E8:85:4E:0B:FF:8D:F0:36
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       754262F9EC2BD38F7FEB469319301A31307A28CD
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/fe78b365-133c-42ac-b323-7fb469bea007.roa
Signing time:             Fri 03 Jan 2025 00:00:00 +0000
ROA not before:           Fri 03 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:e100::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Jan 2025 23:38:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:42:62:f9:ec:2b:d3:8f:7f:eb:46:93:19:30:1a:31:30:7a:28:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  3 00:00:00 2025 GMT
            Not After : Feb  7 23:59:59 2025 GMT
        Subject: serialNumber=aaa6c61647e9598a6b4bab3781999f97e07315843128c60d925b98c7b7efc752, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e6:c1:85:65:ba:5b:0b:3d:fd:3e:0d:7f:a5:
                    39:a8:3d:b4:ef:1e:ab:58:40:d6:8e:3a:ba:d6:f1:
                    d0:37:25:3c:1f:69:c6:03:5a:6a:4b:91:c2:3c:c9:
                    c6:ac:6c:43:43:3e:c0:59:03:c3:d3:55:ae:1e:1b:
                    ae:66:f6:a1:11:5b:4e:c8:dc:bc:bb:ea:3d:6e:b7:
                    4e:a6:b9:5e:3c:ca:f2:8c:d4:c1:86:ae:a6:fa:b5:
                    d5:03:ff:96:9c:dd:03:5e:1b:db:1d:3d:1a:2c:c4:
                    d0:e9:fb:3d:7e:13:e5:f0:16:50:77:a6:a5:8e:65:
                    4d:ec:ba:e2:7a:27:88:1f:98:f2:fd:4e:59:e9:73:
                    ba:8b:73:a8:b9:40:e5:2d:a0:82:ce:27:f2:3e:88:
                    72:1d:fb:64:dc:85:10:b3:62:0a:c2:00:9c:6d:05:
                    78:1a:04:8b:3c:c4:ac:03:13:8b:f0:db:19:83:2c:
                    22:f5:06:9d:e7:ab:73:c5:f9:88:d7:9e:91:54:95:
                    10:f8:c9:74:62:3e:e2:fe:49:4f:09:e4:0f:8a:7a:
                    57:e1:f2:8a:cc:95:2c:50:bb:03:4b:36:5e:2a:b5:
                    42:74:48:a8:b5:fa:6a:03:56:70:ba:f0:51:3a:56:
                    df:07:c6:b2:72:e9:ae:bc:32:cd:d9:0a:d2:f6:64:
                    07:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:71:4C:89:E3:83:78:36:75:2A:DE:B3:E8:85:4E:0B:FF:8D:F0:36
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/fe78b365-133c-42ac-b323-7fb469bea007.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e100::/40

    Signature Algorithm: sha256WithRSAEncryption
         6b:01:bb:76:ae:59:35:73:52:e5:08:fc:4f:dd:e0:c9:97:30:
         15:13:bc:37:41:40:56:d0:98:11:99:28:70:19:1a:c0:8f:12:
         a7:90:0a:a8:b9:67:6f:eb:de:74:40:de:5a:df:a8:e3:b9:34:
         9f:f2:e5:73:63:58:ad:9c:28:a1:f3:d4:11:71:dc:af:0c:69:
         8f:85:68:84:e4:04:bd:97:7a:1b:ba:b4:78:f4:b7:bd:a7:c9:
         cd:d3:82:a3:57:56:60:73:21:88:0b:9b:52:14:b6:eb:ab:72:
         76:d5:26:a2:c2:9b:26:87:b9:c5:1a:8a:10:d2:dd:e5:fb:09:
         cd:75:25:52:1b:45:9f:6f:0b:c5:b5:ab:08:94:a0:98:07:e4:
         8f:6f:5f:70:12:ad:c3:a7:5f:fb:06:0b:91:a1:0c:47:04:78:
         58:27:d2:90:23:2b:f7:c0:e9:f7:f0:5e:a2:0b:f5:3b:e2:3e:
         cd:5e:67:88:87:2d:48:5a:03:70:34:1b:d0:3c:1e:27:1f:1d:
         e9:89:05:d7:b9:ea:81:7b:53:3d:f4:5c:f8:8a:fc:33:f7:ea:
         d9:71:7f:52:25:01:af:67:ef:86:ef:de:4e:52:af:ec:d9:a4:
         de:a4:1a:08:da:a7:b8:1f:7f:fb:f5:4d:31:cc:70:97:01:1b:
         be:3e:cc:7e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUdUJi+ewr049/60aTGTAaMTB6KM0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTAzMDAwMDAwWhcNMjUwMjA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYWE2YzYxNjQ3ZTk1OThhNmI0YmFiMzc4MTk5OWY5N2Uw
NzMxNTg0MzEyOGM2MGQ5MjViOThjN2I3ZWZjNzUyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA5sGFZbpbCz39Pg1/pTmoPbTvHqtYQNaOOrrW8dA3JTwf
acYDWmpLkcI8ycasbENDPsBZA8PTVa4eG65m9qERW07I3Ly76j1ut06muV48yvKM
1MGGrqb6tdUD/5ac3QNeG9sdPRosxNDp+z1+E+XwFlB3pqWOZU3suuJ6J4gfmPL9
Tlnpc7qLc6i5QOUtoILOJ/I+iHId+2TchRCzYgrCAJxtBXgaBIs8xKwDE4vw2xmD
LCL1Bp3nq3PF+YjXnpFUlRD4yXRiPuL+SU8J5A+Kelfh8orMlSxQuwNLNl4qtUJ0
SKi1+moDVnC68FE6Vt8HxrJy6a68Ms3ZCtL2ZAfPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUFXFMieODeDZ1Kt6z6IVOC/+N8DYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2ZlNzhiMzY1LTEzM2MtNDJhYy1iMzIzLTdmYjQ2OWJlYTAwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD74TANBgkqhkiG9w0BAQsFAAOCAQEAawG7dq5ZNXNS5Qj8T93gyZcw
FRO8N0FAVtCYEZkocBkawI8Sp5AKqLlnb+vedEDeWt+o47k0n/Llc2NYrZwoofPU
EXHcrwxpj4VohOQEvZd6G7q0ePS3vafJzdOCo1dWYHMhiAubUhS266tydtUmosKb
Joe5xRqKENLd5fsJzXUlUhtFn28LxbWrCJSgmAfkj29fcBKtw6df+wYLkaEMRwR4
WCfSkCMr98Dp9/Beogv1O+I+zV5niIctSFoDcDQb0DweJx8d6YkF17nqgXtTPfRc
+Ir8M/fq2XF/UiUBr2fvhu/eTlKv7Nmk3qQaCNqnuB9/+/VNMcxwlwEbvj7Mfg==
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org