Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/efd4fa36-271f-4e0d-be63-a3b34f8949ae.roa
File:                     efd4fa36-271f-4e0d-be63-a3b34f8949ae.roa (raw, json)
Hash identifier:          5lhWkToUoLDDalycTqQb0+xgqUpSrwrqySR3D9ktZT8=
Subject key identifier:   6F:1B:ED:0D:AC:DD:E1:B1:04:65:97:93:07:22:68:8C:31:E4:A6:B4
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7E0A4504069341A690151CAC6303D12B38EF8C74
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/efd4fa36-271f-4e0d-be63-a3b34f8949ae.roa
Signing time:             Sun 01 Jun 2025 02:11:04 +0000
ROA not before:           Sun 01 Jun 2025 02:11:04 +0000
ROA not after:            Sun 06 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:d00::/40 maxlen: 48
Validation:               Failed, certificate revoked on Sun 01 Jun 2025 03:02:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:0a:45:04:06:93:41:a6:90:15:1c:ac:63:03:d1:2b:38:ef:8c:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  1 02:11:04 2025 GMT
            Not After : Jul  6 23:59:59 2025 GMT
        Subject: serialNumber=a06f16c2860ab49c6e9eab075d5ed6df44eb756eedca8b668fbe3666b13c252e, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:cc:e2:03:07:55:84:d2:b4:55:83:da:9c:a7:
                    b0:e7:15:a0:24:8d:3c:03:bc:56:39:0b:6c:35:91:
                    6a:77:f4:f2:3e:cc:ba:9f:f6:6a:a0:2b:5a:6d:9c:
                    48:46:26:ab:b2:f7:96:b4:8d:58:89:88:41:36:f8:
                    f8:ff:33:fd:8a:35:f4:f6:14:04:88:2a:86:ae:66:
                    61:fa:20:93:0f:b0:8f:d5:ea:dd:a5:06:69:0a:ee:
                    21:5d:83:7e:fe:f3:69:bf:59:74:8f:fa:3a:a5:5d:
                    0c:3f:fb:a6:ef:66:94:ec:6c:ff:8b:5e:a7:91:75:
                    91:b6:3f:7f:34:ae:62:40:d2:86:df:63:a6:ec:9b:
                    05:7e:18:7e:92:a5:3a:ec:5b:40:98:ac:0f:d9:88:
                    fe:45:49:b8:04:d0:78:1a:a6:7e:e9:94:ea:e4:aa:
                    56:68:6f:9d:b6:dc:06:dc:9b:7c:52:15:96:b8:6e:
                    9b:81:e5:9f:86:a6:0d:73:c8:b0:a7:e9:e1:87:e1:
                    c6:4e:69:fd:ab:05:14:e7:a8:41:4a:4b:dc:7b:54:
                    92:3b:06:42:6b:00:ee:2a:08:b8:33:10:bc:e8:74:
                    80:de:5a:25:27:d9:e4:22:29:72:c2:9d:4c:80:4c:
                    c4:67:27:38:94:e1:96:80:9a:a5:26:0d:78:b3:3f:
                    66:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:1B:ED:0D:AC:DD:E1:B1:04:65:97:93:07:22:68:8C:31:E4:A6:B4
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/efd4fa36-271f-4e0d-be63-a3b34f8949ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         ac:ac:c1:c6:74:04:9e:54:ea:1a:19:4d:52:a1:b0:a2:44:c9:
         3d:07:5e:19:2f:49:55:39:2d:79:c6:b1:9b:6f:75:8c:61:39:
         34:be:e6:54:87:1b:e6:ba:72:22:3c:f8:b2:d1:09:c4:a6:bc:
         8f:2b:5f:26:52:05:d8:c0:3c:89:80:ce:03:64:7b:26:1f:06:
         bf:77:a5:37:55:be:b9:28:cf:b7:02:8c:27:f9:57:c0:a1:de:
         04:2c:42:a5:67:5b:5d:19:63:1f:2d:1a:65:f7:be:89:0e:67:
         9e:c7:c6:ea:6f:8c:32:7f:55:ae:05:71:01:97:57:61:c7:38:
         e5:3e:f6:41:f4:ea:d8:76:91:31:ea:75:91:4b:01:a2:13:31:
         b9:27:67:a7:88:ec:37:45:02:43:c3:b7:d9:ba:3f:f6:87:8e:
         b2:0d:d0:7a:9e:39:e4:c8:09:e3:5d:66:b2:ac:fb:44:ad:ec:
         60:49:1a:dd:50:86:f7:91:99:dc:25:22:32:4a:f7:a1:61:c8:
         d6:6a:d0:69:0e:32:2f:0d:aa:1f:64:63:56:9a:2c:d4:27:09:
         6f:ae:f9:6e:0a:6a:c6:d7:8c:b5:e4:73:f2:e7:89:33:2e:7e:
         a6:2b:f7:6e:4b:2a:7f:f1:5a:9f:ec:df:29:fb:4d:4b:3f:8b:
         a9:08:c6:f3
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUfgpFBAaTQaaQFRysYwPRKzjvjHQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNjAxMDIxMTA0WhcNMjUwNzA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMDZmMTZjMjg2MGFiNDljNmU5ZWFiMDc1ZDVlZDZkZjQ0
ZWI3NTZlZWRjYThiNjY4ZmJlMzY2NmIxM2MyNTJlMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwzOIDB1WE0rRVg9qcp7DnFaAkjTwDvFY5C2w1kWp39PI+
zLqf9mqgK1ptnEhGJquy95a0jViJiEE2+Pj/M/2KNfT2FASIKoauZmH6IJMPsI/V
6t2lBmkK7iFdg37+82m/WXSP+jqlXQw/+6bvZpTsbP+LXqeRdZG2P380rmJA0obf
Y6bsmwV+GH6SpTrsW0CYrA/ZiP5FSbgE0Hgapn7plOrkqlZob5223Abcm3xSFZa4
bpuB5Z+Gpg1zyLCn6eGH4cZOaf2rBRTnqEFKS9x7VJI7BkJrAO4qCLgzELzodIDe
WiUn2eQiKXLCnUyATMRnJziU4ZaAmqUmDXizP2YJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUbxvtDazd4bEEZZeTByJojDHkprQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2VmZDRmYTM2LTI3MWYtNGUwZC1iZTYzLWEzYjM0Zjg5NDlhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBZzADTANBgkqhkiG9w0BAQsFAAOCAQEArKzBxnQEnlTqGhlNUqGwokTJ
PQdeGS9JVTktecaxm291jGE5NL7mVIcb5rpyIjz4stEJxKa8jytfJlIF2MA8iYDO
A2R7Jh8Gv3elN1W+uSjPtwKMJ/lXwKHeBCxCpWdbXRljHy0aZfe+iQ5nnsfG6m+M
Mn9VrgVxAZdXYcc45T72QfTq2HaRMep1kUsBohMxuSdnp4jsN0UCQ8O32bo/9oeO
sg3Qep455MgJ411msqz7RK3sYEka3VCG95GZ3CUiMkr3oWHI1mrQaQ4yLw2qH2Rj
Vpos1CcJb675bgpqxteMteRz8ueJMy5+piv3bksqf/Fan+zfKftNSz+LqQjG8w==
-----END CERTIFICATE-----