Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/54078f76-da74-47d8-b8f2-1e0969f9955a.roa
File:                     54078f76-da74-47d8-b8f2-1e0969f9955a.roa (raw, json)
Hash identifier:          qv96fnqa7ndwOYsrr881VAtfOa/qlqeFEs8Q75xXPs0=
Subject key identifier:   FD:6E:3D:49:7D:93:11:92:F9:EB:86:E0:B1:5D:2C:11:1B:5B:76:A3
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       2306AB89BFF925C2AD81250EE256FB72C9C09E34
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/54078f76-da74-47d8-b8f2-1e0969f9955a.roa
Signing time:             Mon 24 Jun 2024 00:00:00 +0000
ROA not before:           Mon 24 Jun 2024 00:00:00 +0000
ROA not after:            Mon 29 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:7b40::/32 maxlen: 48

Validation:               Failed, certificate revoked on Thu 18 Jul 2024 17:50:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:06:ab:89:bf:f9:25:c2:ad:81:25:0e:e2:56:fb:72:c9:c0:9e:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Jun 24 00:00:00 2024 GMT
            Not After : Jul 29 23:59:59 2024 GMT
        Subject: serialNumber=98eda22cab574fc0824d7facf80a0752c8c9e04ef16fd3c2628fa965aa708336, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:63:c1:a4:bb:a2:82:31:e8:f1:d1:40:c4:6d:
                    79:91:56:43:40:eb:29:6d:ba:32:95:2d:aa:a0:a4:
                    d2:3b:15:04:12:41:3c:f6:ed:20:e6:51:03:b3:4a:
                    a7:17:98:b1:80:20:57:55:8d:00:82:58:64:f2:14:
                    80:3d:de:ad:46:a6:49:fa:fc:c8:ea:35:51:3c:a9:
                    e6:3b:d2:17:24:93:c8:db:39:dc:55:50:ae:44:e7:
                    6f:1f:b3:b7:07:da:d9:99:b6:15:7a:b4:11:80:8e:
                    fd:8c:ca:4c:2c:4b:e9:34:5d:4f:d2:d5:da:42:4b:
                    79:e1:fb:f5:a2:40:54:be:59:53:1e:08:a2:f2:c4:
                    94:8c:c6:5a:87:86:dd:29:9f:ba:32:8c:07:07:3d:
                    d6:40:4a:60:f1:b8:02:ec:e4:72:61:1b:cc:08:f2:
                    f1:52:99:0a:6f:f8:c5:69:eb:fc:a3:bd:27:25:7e:
                    4c:07:ce:48:26:2c:23:ce:69:06:33:61:66:f3:1c:
                    6b:7e:9f:4c:24:93:af:f0:6e:39:1d:5a:35:8b:f2:
                    e3:f6:2f:1b:35:40:1a:e2:2a:ed:fd:41:5b:be:8c:
                    fb:e0:db:75:70:15:b3:a6:da:d9:44:08:ff:fd:cd:
                    e9:b2:64:5f:ba:dd:cb:c4:68:f3:9e:c7:38:fc:69:
                    44:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:6E:3D:49:7D:93:11:92:F9:EB:86:E0:B1:5D:2C:11:1B:5B:76:A3
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/54078f76-da74-47d8-b8f2-1e0969f9955a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:7b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         32:0b:f0:6a:20:65:0d:eb:2f:57:ff:db:85:d4:7b:f5:6c:6e:
         8f:13:0f:ab:59:bd:f2:ea:a5:7f:45:8f:1e:1e:d8:d5:0e:3e:
         0f:b2:ea:9e:26:e7:bf:53:57:1d:14:65:e2:65:01:5f:31:60:
         e5:78:d6:68:7b:ba:89:a8:6e:e7:2d:b6:bd:b3:17:8f:a9:b7:
         14:29:7e:89:57:37:d4:11:8d:b2:ed:82:89:0c:92:cd:4c:47:
         65:c8:e7:6c:0c:85:fb:5c:1a:e5:51:a2:cd:c2:79:18:27:f0:
         4c:a9:94:34:bd:6d:38:df:8b:de:55:c2:04:65:27:f2:96:33:
         a8:ff:83:ed:dc:63:a3:1f:d0:6a:85:30:92:53:94:be:bb:70:
         e6:fe:13:0b:72:87:ad:c9:4f:dd:e9:43:41:07:f4:0e:f0:6d:
         ee:55:2f:72:c0:1f:a7:61:24:79:d5:db:fc:ac:72:65:3b:5e:
         3c:8b:f7:73:e0:a8:71:d7:dd:28:b3:78:fd:53:97:67:40:d3:
         c7:3f:70:5e:52:af:44:74:fd:ed:fc:44:6e:43:1a:46:46:26:
         f6:d0:51:67:8e:34:1d:9c:63:ca:3c:4b:e0:3d:66:34:f9:38:
         5b:71:c4:70:c9:9f:7a:c8:9c:17:19:7f:32:32:2c:ec:6e:4f:
         b0:00:06:1b
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUIwarib/5JcKtgSUO4lb7csnAnjQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjQwNjI0MDAwMDAwWhcNMjQwNzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5OGVkYTIyY2FiNTc0ZmMwODI0ZDdmYWNmODBhMDc1MmM4
YzllMDRlZjE2ZmQzYzI2MjhmYTk2NWFhNzA4MzM2MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUY8Gku6KCMejx0UDEbXmRVkNA6yltujKVLaqgpNI7FQQS
QTz27SDmUQOzSqcXmLGAIFdVjQCCWGTyFIA93q1Gpkn6/MjqNVE8qeY70hckk8jb
OdxVUK5E528fs7cH2tmZthV6tBGAjv2MykwsS+k0XU/S1dpCS3nh+/WiQFS+WVMe
CKLyxJSMxlqHht0pn7oyjAcHPdZASmDxuALs5HJhG8wI8vFSmQpv+MVp6/yjvScl
fkwHzkgmLCPOaQYzYWbzHGt+n0wkk6/wbjkdWjWL8uP2Lxs1QBriKu39QVu+jPvg
23VwFbOm2tlECP/9zemyZF+63cvEaPOexzj8aUSNAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQU/W49SX2TEZL564bgsV0sERtbdqMwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzU0MDc4Zjc2LWRhNzQtNDdkOC1iOGYyLTFlMDk2OWY5OTU1YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBntAMA0GCSqGSIb3DQEBCwUAA4IBAQAyC/BqIGUN6y9X/9uF1Hv1bG6P
Ew+rWb3y6qV/RY8eHtjVDj4PsuqeJue/U1cdFGXiZQFfMWDleNZoe7qJqG7nLba9
sxePqbcUKX6JVzfUEY2y7YKJDJLNTEdlyOdsDIX7XBrlUaLNwnkYJ/BMqZQ0vW04
34veVcIEZSfyljOo/4Pt3GOjH9BqhTCSU5S+u3Dm/hMLcoetyU/d6UNBB/QO8G3u
VS9ywB+nYSR51dv8rHJlO148i/dz4Khx190os3j9U5dnQNPHP3BeUq9EdP3t/ERu
QxpGRib20FFnjjQdnGPKPEvgPWY0+ThbccRwyZ96yJwXGX8yMizsbk+wAAYb
-----END CERTIFICATE-----