Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/6ddca7b2-6c32-4d5a-a54f-4d9f22e25bed.roa
File:                     6ddca7b2-6c32-4d5a-a54f-4d9f22e25bed.roa (raw, json)
Hash identifier:          4fptymgW8lyQ9V/IAyESG6paWj+Bqf08IaK0eWBkq3k=
Subject key identifier:   1F:4E:CA:D5:F5:FE:96:50:20:A0:AE:DB:74:74:AF:09:0C:66:6C:B8
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       2D225FD74C44FF028982A085F04E3C650E873B64
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/6ddca7b2-6c32-4d5a-a54f-4d9f22e25bed.roa
Signing time:             Sun 03 May 2026 11:10:44 +0000
ROA not before:           Sun 03 May 2026 11:10:44 +0000
ROA not after:            Sat 01 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:d00::/40 maxlen: 48
Validation:               Failed, certificate revoked on Sun 03 May 2026 12:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:22:5f:d7:4c:44:ff:02:89:82:a0:85:f0:4e:3c:65:0e:87:3b:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: May  3 11:10:44 2026 GMT
            Not After : Aug  1 23:59:59 2026 GMT
        Subject: serialNumber=b3d5bbcbf8d33fe29308f0b670711d428bb020bc0f40b5d082060dda582bd255, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:33:3f:4c:e0:36:ab:7f:e5:3c:28:6b:ee:08:
                    2f:bb:bd:f2:52:9d:98:1f:78:c8:f8:be:f1:b0:82:
                    6e:31:7c:17:f4:46:7f:7f:21:9f:4a:45:cc:7a:19:
                    87:c8:43:53:7f:79:7c:76:bd:20:0f:15:1a:16:8b:
                    8c:07:28:42:06:af:9e:e9:04:05:09:9a:3d:3a:6e:
                    73:32:e6:4c:72:19:27:19:38:e4:89:41:ad:15:2d:
                    83:b1:76:ed:c8:91:63:de:57:09:70:80:af:c0:53:
                    47:52:a0:4d:66:a3:e5:ae:ee:c9:2d:e1:c6:8e:d6:
                    33:87:f7:1a:47:cb:0c:d1:5c:e9:a6:4c:e0:54:fd:
                    15:df:98:e5:ab:cb:c5:18:22:11:d2:e7:09:7a:21:
                    db:9e:97:7f:08:2f:74:cf:c7:7e:7a:8f:8f:fa:8c:
                    f4:37:91:27:57:97:b6:5d:25:3f:76:5d:18:72:10:
                    cc:4e:7f:c3:72:b0:cf:b6:fd:ee:19:24:4d:04:7a:
                    10:ec:3e:20:49:c0:04:e5:ee:cf:6d:07:c6:83:66:
                    2f:fd:2d:68:b1:cb:d8:6d:63:9d:42:49:4d:7b:e9:
                    c9:98:28:87:e4:f4:be:c2:f4:a0:66:81:88:3e:02:
                    cd:1b:86:29:b4:3f:fc:21:ca:f9:5e:0e:e0:e7:b0:
                    85:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:4E:CA:D5:F5:FE:96:50:20:A0:AE:DB:74:74:AF:09:0C:66:6C:B8
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/6ddca7b2-6c32-4d5a-a54f-4d9f22e25bed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         4d:3e:ad:8d:1a:45:6b:c0:61:7b:42:39:22:3c:0b:33:ee:2c:
         65:62:ae:e7:7b:36:8f:1a:50:cd:46:1b:80:17:87:7f:96:9a:
         35:f4:ea:1b:49:1b:1c:e7:56:d7:8e:15:04:f9:1e:59:be:17:
         e3:4b:ba:18:88:af:8c:41:14:11:6b:d2:9f:75:33:50:10:1b:
         74:41:24:d6:4f:15:49:10:ea:9c:c4:ea:87:7c:3b:b8:22:82:
         3e:8a:f0:66:af:50:18:f7:a5:a4:80:32:d7:15:6d:e9:1e:78:
         bc:e9:f6:19:f3:1a:d4:68:4f:4d:e7:b5:90:6c:a0:05:88:b2:
         8a:72:74:45:5c:80:74:6c:3c:a6:07:52:c6:cb:a8:d2:ad:f6:
         18:a3:6b:1e:88:db:ec:94:32:dd:17:d5:4a:ca:fb:02:4d:50:
         4a:50:f1:41:ca:63:cc:b4:f4:63:5c:9a:a0:06:ee:55:9e:6a:
         f2:71:ba:27:51:a9:4a:20:ef:44:ba:38:77:e6:c5:e8:7c:2e:
         1c:c1:ab:d9:eb:ad:20:64:ff:62:62:6f:40:92:2f:b6:39:e9:
         d0:aa:69:89:23:82:ec:43:f4:1d:fb:82:db:c2:27:bc:10:b1:
         a9:46:1a:ab:15:6b:fb:6e:0c:6c:26:1e:4a:d4:8f:76:ca:70:
         7b:b2:52:20
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULSJf10xE/wKJgqCF8E48ZQ6HO2QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjYwNTAzMTExMDQ0WhcNMjYwODAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiM2Q1YmJjYmY4ZDMzZmUyOTMwOGYwYjY3MDcxMWQ0Mjhi
YjAyMGJjMGY0MGI1ZDA4MjA2MGRkYTU4MmJkMjU1MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGMz9M4Darf+U8KGvuCC+7vfJSnZgfeMj4vvGwgm4xfBf0
Rn9/IZ9KRcx6GYfIQ1N/eXx2vSAPFRoWi4wHKEIGr57pBAUJmj06bnMy5kxyGScZ
OOSJQa0VLYOxdu3IkWPeVwlwgK/AU0dSoE1mo+Wu7skt4caO1jOH9xpHywzRXOmm
TOBU/RXfmOWry8UYIhHS5wl6Iduel38IL3TPx356j4/6jPQ3kSdXl7ZdJT92XRhy
EMxOf8NysM+2/e4ZJE0EehDsPiBJwATl7s9tB8aDZi/9LWixy9htY51CSU176cmY
KIfk9L7C9KBmgYg+As0bhim0P/whyvleDuDnsIWRAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUH07K1fX+llAgoK7bdHSvCQxmbLgwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzZkZGNhN2IyLTZjMzItNGQ1YS1hNTRmLTRkOWYyMmUyNWJlZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBZzADTANBgkqhkiG9w0BAQsFAAOCAQEATT6tjRpFa8Bhe0I5IjwLM+4s
ZWKu53s2jxpQzUYbgBeHf5aaNfTqG0kbHOdW144VBPkeWb4X40u6GIivjEEUEWvS
n3UzUBAbdEEk1k8VSRDqnMTqh3w7uCKCPorwZq9QGPelpIAy1xVt6R54vOn2GfMa
1GhPTee1kGygBYiyinJ0RVyAdGw8pgdSxsuo0q32GKNrHojb7JQy3RfVSsr7Ak1Q
SlDxQcpjzLT0Y1yaoAbuVZ5q8nG6J1GpSiDvRLo4d+bF6HwuHMGr2eutIGT/YmJv
QJIvtjnp0KppiSOC7EP0HfuC28InvBCxqUYaqxVr+24MbCYeStSPdspwe7JSIA==
-----END CERTIFICATE-----