Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ae06691a-dadf-4e79-a4e2-d9f01f49dbe8.roa
File:                     ae06691a-dadf-4e79-a4e2-d9f01f49dbe8.roa (raw, json)
Hash identifier:          3DNmCJQXduiZP9lcCZZn+ygfpAXBFJAVka4niPMgnpU=
Subject key identifier:   9E:84:36:64:4C:9F:96:EB:BE:20:47:D5:21:5E:9B:16:92:08:AA:FA
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       48C0A7B07E52511EC89170E6B0963BDB2C954518
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ae06691a-dadf-4e79-a4e2-d9f01f49dbe8.roa
Signing time:             Fri 19 Apr 2024 00:00:00 +0000
ROA not before:           Fri 19 Apr 2024 00:00:00 +0000
ROA not after:            Fri 24 May 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:f00f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 15:41:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:c0:a7:b0:7e:52:51:1e:c8:91:70:e6:b0:96:3b:db:2c:95:45:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Apr 19 00:00:00 2024 GMT
            Not After : May 24 23:59:59 2024 GMT
        Subject: serialNumber=0d232fec00135fb244a5dc14c12780352709c21baee3c6a15cd9747d9790307f, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:df:22:b3:77:f7:71:63:ad:a5:04:1b:17:7b:
                    45:30:54:ba:7a:3d:48:55:fd:a5:42:ee:2e:4b:34:
                    94:c4:09:df:7d:1a:31:2f:31:55:54:86:d0:84:12:
                    30:19:cf:11:d0:84:54:2d:60:10:a7:ed:56:a4:5c:
                    ff:e4:81:52:d9:f2:81:3e:db:ce:c7:88:c4:d3:55:
                    fc:22:55:66:b0:f5:65:bb:0d:d0:1e:b9:c6:23:ae:
                    15:c5:7a:93:1b:86:16:d2:05:40:05:ee:1b:33:3e:
                    8a:eb:d7:32:d8:5e:4b:94:fb:66:5e:23:0d:e3:3b:
                    76:a6:50:24:af:38:b9:65:ed:5e:18:33:e7:a2:95:
                    7a:23:4c:ac:53:36:0a:d9:38:78:2f:48:52:0b:29:
                    22:8c:a2:4c:d3:26:34:64:25:ab:22:27:70:93:c2:
                    11:3e:09:83:0e:fe:3f:fb:89:26:f7:8e:82:58:a8:
                    13:2a:ca:5e:64:42:0a:4b:a3:b7:35:18:c4:ea:7e:
                    8b:d1:40:0f:c7:ee:35:b6:83:f7:75:14:63:80:1b:
                    5d:b9:8d:7e:f1:d0:0f:a6:61:fa:d9:ff:50:6a:13:
                    01:25:4a:30:9c:2a:86:a3:48:ad:b1:ba:e6:0d:dd:
                    67:0e:ed:8f:b2:c6:24:ac:8a:ae:a4:70:d7:12:db:
                    be:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:84:36:64:4C:9F:96:EB:BE:20:47:D5:21:5E:9B:16:92:08:AA:FA
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ae06691a-dadf-4e79-a4e2-d9f01f49dbe8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f00f::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:6f:5f:36:83:2f:8c:9c:b3:f9:46:4d:c7:f2:c6:47:dc:7a:
         6b:09:db:4f:66:9d:b8:11:94:2f:13:67:e0:60:a5:c8:04:8f:
         2c:36:96:22:aa:6a:bd:9f:91:2c:83:5e:6f:39:d9:81:fb:b4:
         1e:66:f1:8a:10:1c:39:7c:97:49:4e:59:16:7f:f5:c0:8e:c7:
         cf:5d:47:ae:ce:45:80:0c:b5:c7:ab:b5:f3:b1:55:7e:67:5f:
         70:ff:ae:54:8b:6c:f6:6d:d2:49:4f:29:ab:9f:15:2f:5f:c0:
         bb:05:ec:cc:da:44:b4:af:a3:43:a5:a3:b6:6f:51:7c:8b:57:
         ca:6c:67:8a:a9:97:e7:f5:ae:b9:02:bd:4a:59:82:b4:8a:85:
         7b:78:c6:04:53:50:cd:ef:25:5c:d0:14:fe:14:aa:8c:76:95:
         82:60:91:1d:39:96:8a:cb:51:c0:14:6c:51:e6:2d:cc:f2:b2:
         31:32:93:47:92:78:3f:e5:9f:15:5d:90:6e:e2:e5:19:33:ae:
         9b:27:14:8f:cc:e3:e8:dc:41:0c:73:27:d4:f4:83:a3:16:f6:
         e8:41:36:34:d2:f0:1c:28:e9:f6:96:5e:f9:2f:d0:3e:af:27:
         0f:78:b8:9c:c9:c2:d8:f6:c6:86:ff:db:eb:68:37:5f:96:26:
         74:ff:0c:4e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSMCnsH5SUR7IkXDmsJY72yyVRRgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNDE5MDAwMDAwWhcNMjQwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZDIzMmZlYzAwMTM1ZmIyNDRhNWRjMTRjMTI3ODAzNTI3
MDljMjFiYWVlM2M2YTE1Y2Q5NzQ3ZDk3OTAzMDdmMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDi3yKzd/dxY62lBBsXe0UwVLp6PUhV/aVC7i5LNJTECd99
GjEvMVVUhtCEEjAZzxHQhFQtYBCn7VakXP/kgVLZ8oE+287HiMTTVfwiVWaw9WW7
DdAeucYjrhXFepMbhhbSBUAF7hszPorr1zLYXkuU+2ZeIw3jO3amUCSvOLll7V4Y
M+eilXojTKxTNgrZOHgvSFILKSKMokzTJjRkJasiJ3CTwhE+CYMO/j/7iSb3joJY
qBMqyl5kQgpLo7c1GMTqfovRQA/H7jW2g/d1FGOAG125jX7x0A+mYfrZ/1BqEwEl
SjCcKoajSK2xuuYN3WcO7Y+yxiSsiq6kcNcS275DAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUnoQ2ZEyfluu+IEfVIV6bFpIIqvowHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2FlMDY2OTFhLWRhZGYtNGU3OS1hNGUyLWQ5ZjAxZjQ5ZGJlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8A8wDQYJKoZIhvcNAQELBQADggEBAGJvXzaDL4ycs/lGTcfyxkfc
emsJ209mnbgRlC8TZ+BgpcgEjyw2liKqar2fkSyDXm852YH7tB5m8YoQHDl8l0lO
WRZ/9cCOx89dR67ORYAMtcertfOxVX5nX3D/rlSLbPZt0klPKaufFS9fwLsF7Mza
RLSvo0Olo7ZvUXyLV8psZ4qpl+f1rrkCvUpZgrSKhXt4xgRTUM3vJVzQFP4Uqox2
lYJgkR05lorLUcAUbFHmLczysjEyk0eSeD/lnxVdkG7i5RkzrpsnFI/M4+jcQQxz
J9T0g6MW9uhBNjTS8Bwo6faWXvkv0D6vJw94uJzJwtj2xob/2+toN1+WJnT/DE4=
-----END CERTIFICATE-----