Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2be93598-84c2-4afd-8a20-6350ccace00e.roa
File:                     2be93598-84c2-4afd-8a20-6350ccace00e.roa (raw, json)
Hash identifier:          Yi4EsH/pfv65WNgJX5vfnnbrNhio8YuORB8wqRsDYlU=
Subject key identifier:   65:DB:F0:76:3F:7F:35:F5:BB:51:FE:C6:B3:F1:9F:2B:4D:4A:CC:E4
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       2D703D942AE91BC8506281C836799CB2D28CCAA6
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2be93598-84c2-4afd-8a20-6350ccace00e.roa
Signing time:             Thu 12 Mar 2026 20:10:47 +0000
ROA not before:           Thu 12 Mar 2026 20:10:47 +0000
ROA not after:            Wed 10 Jun 2026 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:d00::/40 maxlen: 48
Validation:               Failed, certificate revoked on Thu 12 Mar 2026 21:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:70:3d:94:2a:e9:1b:c8:50:62:81:c8:36:79:9c:b2:d2:8c:ca:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar 12 20:10:47 2026 GMT
            Not After : Jun 10 23:59:59 2026 GMT
        Subject: serialNumber=0e659a5f8b6a616dd0e678cb0b9a2605923a501b4762b7bd5dd2ee67e1430a68, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:50:0d:7b:c2:83:a5:7b:0a:4d:4e:23:00:da:
                    de:41:d9:74:a9:4b:4e:3c:12:79:ed:d4:0b:9e:f3:
                    d6:a4:26:81:aa:82:e6:d0:9e:32:4e:2b:43:ef:19:
                    d0:e1:65:47:32:30:7b:44:ab:36:16:e8:b7:ac:cb:
                    67:6e:c3:81:6b:da:25:f6:e0:16:a7:73:3c:d0:62:
                    8c:36:c5:58:32:3e:dd:51:9a:be:2a:38:29:d1:24:
                    35:12:cb:e1:98:d3:2d:8b:42:71:0d:9d:1c:d8:63:
                    66:b1:7a:a3:16:dc:85:85:4a:16:92:e2:fd:7c:5e:
                    60:67:16:42:55:75:fc:58:b6:7e:64:68:90:22:98:
                    7c:74:66:24:a1:42:a7:49:24:27:43:77:17:e0:13:
                    8e:f7:aa:60:1f:34:a4:ad:42:72:be:69:3f:c4:17:
                    1a:e8:79:fb:9e:6b:6b:2f:f3:5a:41:bb:93:bd:17:
                    5c:20:a4:d6:68:7a:5c:b5:08:36:44:f9:94:58:38:
                    88:2b:34:88:83:f9:fc:df:78:49:16:5e:b0:25:1d:
                    1c:26:b0:4f:67:be:1b:ab:ff:1a:88:4a:4c:ba:96:
                    a9:88:47:70:04:18:59:9a:c7:36:cb:a0:9f:09:b9:
                    f9:96:00:82:d8:2a:d4:2e:45:44:fb:a7:41:fd:40:
                    ca:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:DB:F0:76:3F:7F:35:F5:BB:51:FE:C6:B3:F1:9F:2B:4D:4A:CC:E4
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2be93598-84c2-4afd-8a20-6350ccace00e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         26:78:58:e4:4e:bc:01:95:d1:cd:83:a6:94:9f:5a:40:55:bd:
         b8:79:4e:2b:1b:c2:9c:45:8a:a9:28:73:04:d6:06:b9:9b:1e:
         aa:8c:bb:4f:bf:25:91:fb:bf:37:51:65:53:11:55:30:64:11:
         44:04:35:53:cb:90:db:7e:d0:d4:2b:a4:b2:25:5f:fa:9f:dd:
         7f:f5:57:11:c7:79:0d:3c:35:c2:bb:03:70:2c:eb:ee:e6:4b:
         5c:79:54:9c:51:60:50:7a:ae:60:3d:90:6c:e0:4d:58:a2:72:
         26:c2:ad:08:05:a1:f4:1b:ec:48:e8:a2:38:a6:b3:9e:f1:1d:
         40:24:10:8a:32:df:19:2f:26:f6:01:48:01:ee:50:5d:06:94:
         02:20:d4:14:56:ca:35:ce:f4:c3:50:5b:e4:88:47:07:dc:85:
         c4:92:fc:6a:14:ca:48:74:8d:bf:fb:c4:00:32:80:6c:73:0b:
         98:4c:ab:16:0f:a3:d3:9f:e9:52:bc:45:c0:40:a4:1e:33:fb:
         70:df:84:44:20:14:4e:f5:cc:e3:39:ce:46:f8:64:c2:54:bd:
         9a:86:66:22:2d:8a:09:3c:23:94:a6:7f:62:aa:3e:9e:68:62:
         0d:ae:c2:91:53:1c:b6:d2:77:b7:2b:df:32:9c:58:13:86:38:
         60:b8:ea:ef
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULXA9lCrpG8hQYoHINnmcstKMyqYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjYwMzEyMjAxMDQ3WhcNMjYwNjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTY1OWE1ZjhiNmE2MTZkZDBlNjc4Y2IwYjlhMjYwNTky
M2E1MDFiNDc2MmI3YmQ1ZGQyZWU2N2UxNDMwYTY4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNUA17woOlewpNTiMA2t5B2XSpS048Ennt1Aue89akJoGq
gubQnjJOK0PvGdDhZUcyMHtEqzYW6Lesy2duw4Fr2iX24BanczzQYow2xVgyPt1R
mr4qOCnRJDUSy+GY0y2LQnENnRzYY2axeqMW3IWFShaS4v18XmBnFkJVdfxYtn5k
aJAimHx0ZiShQqdJJCdDdxfgE473qmAfNKStQnK+aT/EFxroefuea2sv81pBu5O9
F1wgpNZoely1CDZE+ZRYOIgrNIiD+fzfeEkWXrAlHRwmsE9nvhur/xqISky6lqmI
R3AEGFmaxzbLoJ8JufmWAILYKtQuRUT7p0H9QMr7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUZdvwdj9/NfW7Uf7Gs/GfK01KzOQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzJiZTkzNTk4LTg0YzItNGFmZC04YTIwLTYzNTBjY2FjZTAwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBZzADTANBgkqhkiG9w0BAQsFAAOCAQEAJnhY5E68AZXRzYOmlJ9aQFW9
uHlOKxvCnEWKqShzBNYGuZseqoy7T78lkfu/N1FlUxFVMGQRRAQ1U8uQ237Q1Cuk
siVf+p/df/VXEcd5DTw1wrsDcCzr7uZLXHlUnFFgUHquYD2QbOBNWKJyJsKtCAWh
9BvsSOiiOKaznvEdQCQQijLfGS8m9gFIAe5QXQaUAiDUFFbKNc70w1Bb5IhHB9yF
xJL8ahTKSHSNv/vEADKAbHMLmEyrFg+j05/pUrxFwECkHjP7cN+ERCAUTvXM4znO
RvhkwlS9moZmIi2KCTwjlKZ/Yqo+nmhiDa7CkVMcttJ3tyvfMpxYE4Y4YLjq7w==
-----END CERTIFICATE-----