Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
File:                     0f648163-e886-4951-999f-6a050d9c305f.roa (raw, json)
Hash identifier:          MDeAUEdkuq8LBlPsr7M8pb/fNWrr2cAzO8jLjb5GyrQ=
Subject key identifier:   67:37:EB:ED:BA:FA:CC:87:E2:ED:1A:DF:8B:94:0D:C7:29:93:FD:D9
Certificate issuer:       /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial:       3F6663240BF91224467F115E128EAEC55A3A966E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
Signing time:             Fri 27 Sep 2024 00:00:00 +0000
ROA not before:           Fri 27 Sep 2024 00:00:00 +0000
ROA not after:            Fri 01 Nov 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        51.0.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Oct 2024 20:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:66:63:24:0b:f9:12:24:46:7f:11:5e:12:8e:ae:c5:5a:3a:96:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
        Validity
            Not Before: Sep 27 00:00:00 2024 GMT
            Not After : Nov  1 23:59:59 2024 GMT
        Subject: serialNumber=10f21f1e313beacdf07101b4bf703af7df90f8ce9d1483a2bbfe9f31b1e1a52f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0a:1c:bd:ff:a5:48:80:7f:e8:d6:d9:dd:ae:
                    4a:59:d1:ac:29:04:d1:57:47:7c:6d:e5:4d:19:c7:
                    6d:1f:44:82:03:6c:37:5b:f9:fc:74:4b:6d:a1:dc:
                    16:18:4c:52:ce:1e:b2:7e:ce:88:78:d0:59:12:5f:
                    02:c2:31:55:5d:b4:47:84:4a:95:fe:fc:c7:80:eb:
                    72:45:fb:ad:ac:58:15:58:27:12:28:09:fd:2d:9c:
                    c7:90:d2:e5:6f:25:61:bb:0e:ca:15:77:ee:aa:00:
                    2e:9d:e6:4f:cb:42:26:84:72:4d:b3:df:82:08:dc:
                    6b:ce:6e:c0:77:34:c4:ba:7d:83:17:bb:8c:62:01:
                    43:93:02:2c:e3:7e:fe:4f:8c:76:6e:c8:5b:cc:fb:
                    14:3b:37:45:c9:f8:a1:43:41:13:f5:09:0f:25:80:
                    f1:a6:6d:05:2c:ba:75:24:2e:2b:19:74:4f:cb:91:
                    fc:77:e7:f8:3e:e6:86:39:99:0d:33:c4:84:09:cf:
                    f4:24:d6:93:c3:90:25:47:8d:23:7c:df:1d:5d:32:
                    06:da:e2:d8:73:d6:b0:56:9a:04:a2:af:49:c7:5d:
                    ee:4d:87:6f:a7:7b:b0:43:56:4c:8e:5e:f8:9b:a9:
                    65:13:f9:2d:75:64:ab:1b:9a:e4:4a:eb:a9:13:5f:
                    c9:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:37:EB:ED:BA:FA:CC:87:E2:ED:1A:DF:8B:94:0D:C7:29:93:FD:D9
            X509v3 Authority Key Identifier:
                keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  51.0.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9f:e3:a8:8a:d0:ab:50:38:6d:63:6d:74:2d:23:57:b6:97:81:
         3f:55:b6:15:99:2c:ff:cf:b5:1e:55:84:ce:a6:9f:04:e3:c9:
         b6:aa:eb:40:d1:6f:e1:00:65:54:87:2e:f3:aa:c6:69:f8:db:
         db:e7:5f:33:4c:99:1c:6e:ee:32:7c:f5:b8:28:4f:13:e5:ea:
         b0:c4:d5:a1:60:22:af:9d:86:c3:ef:dd:93:47:c2:f8:d0:d5:
         be:95:1a:87:11:f7:19:b0:9a:89:c5:79:33:a8:e0:d7:7f:d8:
         64:9e:f7:c6:05:18:a0:9d:2d:2d:f4:30:f8:5f:35:19:c6:19:
         e1:ca:a0:4b:20:c5:fb:de:3d:81:d7:3d:84:20:c7:8a:29:a0:
         31:15:28:23:9d:67:48:8e:27:af:77:f0:e7:2f:00:73:1e:00:
         0d:57:2b:b5:33:2c:ff:8d:1b:2b:ae:51:2c:61:a1:84:15:fb:
         9f:b0:2e:1c:a9:e4:e5:3d:23:a9:4d:b8:60:ed:b8:87:cc:22:
         34:e9:eb:52:da:47:05:f1:54:e5:ca:49:8d:42:70:a8:bc:b7:
         9e:b1:96:f5:e4:89:72:90:8c:77:0b:b5:1d:5d:c6:83:4b:b7:
         10:94:43:48:62:a8:04:cb:ad:69:b4:6d:7a:8e:24:fe:37:fd:
         35:16:2b:7a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP2ZjJAv5EiRGfxFeEo6uxVo6lm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwZjIxZjFlMzEzYmVhY2RmMDcxMDFiNGJmNzAzYWY3ZGY5MGY4Y2U5ZDE0
ODNhMmJiZmU5ZjMxYjFlMWE1MmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEKHL3/pUiAf+jW2d2uSlnRrCkE0VdHfG3lTRnHbR9EggNsN1v5/HRLbaHc
FhhMUs4esn7OiHjQWRJfAsIxVV20R4RKlf78x4DrckX7raxYFVgnEigJ/S2cx5DS
5W8lYbsOyhV37qoALp3mT8tCJoRyTbPfggjca85uwHc0xLp9gxe7jGIBQ5MCLON+
/k+Mdm7IW8z7FDs3Rcn4oUNBE/UJDyWA8aZtBSy6dSQuKxl0T8uR/Hfn+D7mhjmZ
DTPEhAnP9CTWk8OQJUeNI3zfHV0yBtri2HPWsFaaBKKvScdd7k2Hb6d7sENWTI5e
+JupZRP5LXVkqxua5ErrqRNfyXMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRnN+vt
uvrMh+LtGt+LlA3HKZP92TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGY2NDgxNjMtZTg4Ni00OTUxLTk5OWYtNmEwNTBkOWMzMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMAMA0G
CSqGSIb3DQEBCwUAA4IBAQCf46iK0KtQOG1jbXQtI1e2l4E/VbYVmSz/z7UeVYTO
pp8E48m2qutA0W/hAGVUhy7zqsZp+Nvb518zTJkcbu4yfPW4KE8T5eqwxNWhYCKv
nYbD792TR8L40NW+lRqHEfcZsJqJxXkzqODXf9hknvfGBRignS0t9DD4XzUZxhnh
yqBLIMX73j2B1z2EIMeKKaAxFSgjnWdIjievd/DnLwBzHgANVyu1Myz/jRsrrlEs
YaGEFfufsC4cqeTlPSOpTbhg7biHzCI06etS2kcF8VTlykmNQnCovLeesZb15Ily
kIx3C7UdXcaDS7cQlENIYqgEy61ptG16jiT+N/01Fit6
-----END CERTIFICATE-----
Generated at Thu Oct 10 22:45:50 2024 by rpki-client on console-ams.rpki-client.org