Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/6b887677-949d-4ecd-ac4c-4c232d2394bc.roa
File:                     6b887677-949d-4ecd-ac4c-4c232d2394bc.roa (raw, json)
Hash identifier:          gCq1719mQu7zr+9dlWxApG0cDyOmWG3wS70NThuzUE0=
Subject key identifier:   BE:89:E9:0D:F1:39:28:5E:69:5D:7F:AB:E2:4B:D7:3B:05:53:82:3B
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       7A270C5AD51B5DEAD96605C489D881366F2C06B6
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/6b887677-949d-4ecd-ac4c-4c232d2394bc.roa
Signing time:             Fri 29 Mar 2024 00:00:00 +0000
ROA not before:           Fri 29 Mar 2024 00:00:00 +0000
ROA not after:            Fri 03 May 2024 23:59:59 +0000
asID:                     62785
IP address blocks:        2605:b140::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Apr 2024 19:55:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:27:0c:5a:d5:1b:5d:ea:d9:66:05:c4:89:d8:81:36:6f:2c:06:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Mar 29 00:00:00 2024 GMT
            Not After : May  3 23:59:59 2024 GMT
        Subject: serialNumber=e0667df9d84d2336c204eb55dfd4cc7b8b1b60cddda54fe40d30520c5863a7cc, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:df:ad:30:ba:fa:14:50:a1:ad:eb:1f:2e:26:
                    f9:b7:b7:56:48:87:68:0e:49:46:b1:6e:89:88:73:
                    e6:b3:9c:06:2f:6f:b6:9f:49:60:10:81:73:6c:ae:
                    3c:38:8a:5c:6b:eb:e9:40:b4:f3:74:61:27:72:ef:
                    58:83:8f:3f:14:c9:b7:fc:bc:15:32:cf:22:4f:0d:
                    e9:54:06:09:4b:8f:37:8b:35:55:eb:d6:26:5a:44:
                    26:29:0b:e0:2f:b7:4b:23:76:fe:55:ab:ce:59:23:
                    6b:48:75:af:44:a5:4e:53:44:a2:1f:52:54:a2:c9:
                    4e:d8:7f:58:30:2b:4c:df:58:78:32:dc:bd:fc:df:
                    34:18:1a:a2:5a:32:61:3f:b9:31:59:37:82:55:40:
                    c1:8c:d5:fd:26:cb:c8:bf:9d:9d:e8:4a:95:9f:c9:
                    1b:26:2f:91:83:09:ec:ee:f1:18:95:b7:4e:40:15:
                    1c:a2:87:13:2b:0d:a6:7e:8e:46:e2:87:1a:52:37:
                    2a:74:23:ce:7c:90:de:c0:41:c0:d5:3a:87:bf:ee:
                    1c:f9:b1:8b:49:a5:68:c9:ed:85:2e:b3:7d:80:72:
                    82:2a:1d:ec:6d:4d:0f:74:3a:28:d1:d6:4b:09:72:
                    a3:d1:92:32:40:ea:03:92:e6:44:62:ae:0c:ad:4e:
                    b0:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:89:E9:0D:F1:39:28:5E:69:5D:7F:AB:E2:4B:D7:3B:05:53:82:3B
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/6b887677-949d-4ecd-ac4c-4c232d2394bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:b140::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:5b:5a:11:4e:02:cc:c3:a6:be:35:c9:8b:38:b3:df:07:21:
         cc:2e:81:d3:92:b6:69:4b:ad:43:a0:38:0a:03:9a:5f:b0:f5:
         79:3f:20:0d:51:d4:2d:64:52:c7:31:b9:c6:ec:5a:32:00:0e:
         a9:87:fd:63:4a:49:87:2f:d2:a9:6c:ca:30:ad:17:78:ad:da:
         45:c6:a4:4e:73:d8:f3:e0:c9:5d:16:c3:b1:47:1a:57:90:e5:
         41:63:ff:59:6d:d3:61:9d:cc:56:8a:04:9e:65:27:52:78:cb:
         28:1c:ee:1f:7d:c7:a8:89:9e:03:ab:23:8d:1a:25:dd:45:29:
         65:06:3c:54:1d:51:a9:b5:70:e9:77:f4:41:70:6f:9f:9a:ed:
         13:28:68:81:3a:ee:05:72:90:4f:85:14:1d:1e:db:34:66:f1:
         cf:e2:07:d4:2d:f7:86:10:d5:a8:81:dc:ff:8e:90:23:0e:36:
         f1:de:61:d8:c3:34:eb:c2:33:83:b0:3b:9c:d5:f0:9e:24:c5:
         dd:cc:1a:b3:e7:f1:91:39:6b:10:fc:69:a8:e1:2f:41:b3:b1:
         b4:86:e1:36:65:f4:92:b6:63:a7:46:f3:e9:f5:aa:b1:c5:db:
         ba:a8:65:83:87:c7:6b:dd:ac:eb:c4:3a:5c:99:26:f3:86:25:
         f1:0d:7b:6e
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUeicMWtUbXerZZgXEidiBNm8sBrYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjQwMzI5MDAwMDAwWhcNMjQwNTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMDY2N2RmOWQ4NGQyMzM2YzIwNGViNTVkZmQ0Y2M3Yjhi
MWI2MGNkZGRhNTRmZTQwZDMwNTIwYzU4NjNhN2NjMS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz360wuvoUUKGt6x8uJvm3t1ZIh2gOSUaxbomIc+aznAYv
b7afSWAQgXNsrjw4ilxr6+lAtPN0YSdy71iDjz8Uybf8vBUyzyJPDelUBglLjzeL
NVXr1iZaRCYpC+Avt0sjdv5Vq85ZI2tIda9EpU5TRKIfUlSiyU7Yf1gwK0zfWHgy
3L383zQYGqJaMmE/uTFZN4JVQMGM1f0my8i/nZ3oSpWfyRsmL5GDCezu8RiVt05A
FRyihxMrDaZ+jkbihxpSNyp0I858kN7AQcDVOoe/7hz5sYtJpWjJ7YUus32AcoIq
HextTQ90OijR1ksJcqPRkjJA6gOS5kRirgytTrApAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUvonpDfE5KF5pXX+r4kvXOwVTgjswHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzZiODg3Njc3LTk0OWQtNGVjZC1hYzRjLTRjMjMyZDIzOTRiYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBbFAMA0GCSqGSIb3DQEBCwUAA4IBAQA6W1oRTgLMw6a+NcmLOLPfByHM
LoHTkrZpS61DoDgKA5pfsPV5PyANUdQtZFLHMbnG7FoyAA6ph/1jSkmHL9KpbMow
rRd4rdpFxqROc9jz4MldFsOxRxpXkOVBY/9ZbdNhncxWigSeZSdSeMsoHO4ffceo
iZ4DqyONGiXdRSllBjxUHVGptXDpd/RBcG+fmu0TKGiBOu4FcpBPhRQdHts0ZvHP
4gfULfeGENWogdz/jpAjDjbx3mHYwzTrwjODsDuc1fCeJMXdzBqz5/GROWsQ/Gmo
4S9Bs7G0huE2ZfSStmOnRvPp9aqxxdu6qGWDh8dr3azrxDpcmSbzhiXxDXtu
-----END CERTIFICATE-----