Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/76df0f41-06e4-4221-a069-1b6cbd3c106f.roa
File:                     76df0f41-06e4-4221-a069-1b6cbd3c106f.roa (raw, json)
Hash identifier:          Xhdx7ELVS4bvK2L048yUV5YJw3JfFkCUsIp8/liAQNw=
Subject key identifier:   87:40:13:8A:E9:ED:CD:F8:96:34:9B:EA:BA:9A:F2:27:BF:7C:AC:75
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       20EAEA006DC37855A3E0420865CCB954186AEE62
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/76df0f41-06e4-4221-a069-1b6cbd3c106f.roa
Signing time:             Tue 20 May 2025 17:50:28 +0000
ROA not before:           Tue 20 May 2025 17:50:28 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.32.0/20 maxlen: 20
Validation:               Failed, certificate revoked on Wed 04 Jun 2025 22:38:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:ea:ea:00:6d:c3:78:55:a3:e0:42:08:65:cc:b9:54:18:6a:ee:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: May 20 17:50:28 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=da67c7477a14f12b02bce86ff11566b5b2c776d39c6a9b7f55ca2c8f1c194201, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e5:42:2a:58:e2:64:3d:1f:5d:45:cd:35:4c:
                    7f:c5:9a:38:57:55:c1:08:ed:cf:c1:1f:75:ec:38:
                    77:26:64:03:36:2d:f7:61:70:fa:b5:1f:42:82:bf:
                    14:28:f0:d1:b0:50:71:c1:c9:01:f9:29:d6:76:30:
                    a9:83:e9:f1:e1:1f:ba:07:fd:ed:73:90:9a:8c:c7:
                    a1:85:5a:32:5e:98:89:e2:5c:43:4b:af:c7:a2:58:
                    f9:c7:83:fd:05:d1:e0:da:ee:1d:dd:ea:5f:dc:86:
                    06:e1:97:fc:50:8a:b4:eb:7d:73:25:ef:24:6d:95:
                    50:89:cf:62:e7:4c:c7:6d:37:9d:1b:2d:99:db:9b:
                    d4:68:e9:58:31:b3:de:4d:9b:ab:d6:15:1b:eb:ff:
                    88:e4:41:35:8a:51:25:04:01:4a:30:35:96:b1:7c:
                    a9:67:97:95:57:cb:a2:32:ab:5c:47:a7:65:aa:7b:
                    6e:82:7d:c3:86:e9:5d:68:8b:8b:b3:23:80:80:91:
                    23:d5:68:81:89:28:fe:12:ae:54:f7:23:b5:59:24:
                    e8:07:d9:8a:19:a6:20:68:23:8a:8f:5a:17:89:d4:
                    d1:23:f9:85:40:41:c6:bc:8e:d6:9c:8b:0d:70:5d:
                    8f:16:f2:ba:a7:ab:dc:17:2f:51:a2:ed:04:e1:1f:
                    a2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:40:13:8A:E9:ED:CD:F8:96:34:9B:EA:BA:9A:F2:27:BF:7C:AC:75
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/76df0f41-06e4-4221-a069-1b6cbd3c106f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         32:9d:e8:10:2f:03:df:ac:62:51:3b:d2:1d:04:22:37:ae:8b:
         be:61:26:91:ba:fe:d4:67:53:37:76:e0:71:e5:ea:b4:42:60:
         4d:a4:fb:46:94:64:51:49:05:83:47:cf:92:84:62:b2:e6:79:
         c7:05:ae:a6:5a:2f:9c:fc:d3:90:a6:fb:98:b9:a8:16:71:27:
         ef:34:7c:7d:3a:eb:b7:f9:cb:df:cb:94:d1:b0:11:dc:ba:85:
         5b:b0:0d:a1:ac:82:38:12:bb:61:33:68:2b:5e:92:ee:f9:21:
         6c:e8:84:af:6a:86:55:0f:db:01:ef:18:ac:86:34:2a:e2:63:
         0d:01:91:bb:15:5b:8f:95:b3:19:b5:c5:38:6d:d4:f0:e4:24:
         22:67:98:f3:05:6a:64:12:9f:95:c1:20:aa:4b:69:29:d7:3e:
         80:b4:1a:ac:36:a0:a7:59:c5:b9:5f:5f:d1:e6:c9:f1:48:fb:
         2b:8f:be:5b:65:06:a0:08:0b:cc:3a:f0:54:a9:a7:1c:35:ec:
         82:d7:a3:55:56:68:f2:04:93:1f:91:cf:28:cd:03:1d:94:35:
         3d:88:88:90:d7:6b:e4:32:45:16:bc:33:6b:0d:4e:2d:ef:49:
         0b:e5:b0:ab:03:c2:f2:ad:49:20:a6:f3:d4:4f:d7:21:46:fc:
         cc:85:6c:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIOrqAG3DeFWj4EIIZcy5VBhq7mIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNTIwMTc1MDI4WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTY3Yzc0NzdhMTRmMTJiMDJiY2U4NmZmMTE1NjZiNWIy
Yzc3NmQzOWM2YTliN2Y1NWNhMmM4ZjFjMTk0MjAxMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCp5UIqWOJkPR9dRc01TH/FmjhXVcEI7c/BH3XsOHcmZAM2
LfdhcPq1H0KCvxQo8NGwUHHByQH5KdZ2MKmD6fHhH7oH/e1zkJqMx6GFWjJemIni
XENLr8eiWPnHg/0F0eDa7h3d6l/chgbhl/xQirTrfXMl7yRtlVCJz2LnTMdtN50b
LZnbm9Ro6Vgxs95Nm6vWFRvr/4jkQTWKUSUEAUowNZaxfKlnl5VXy6Iyq1xHp2Wq
e26CfcOG6V1oi4uzI4CAkSPVaIGJKP4SrlT3I7VZJOgH2YoZpiBoI4qPWheJ1NEj
+YVAQca8jtaciw1wXY8W8rqnq9wXL1Gi7QThH6IvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh0ATiuntzfiWNJvqupryJ798rHUwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzc2ZGYwZjQxLTA2ZTQtNDIyMS1hMDY5LTFiNmNiZDNjMTA2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQjYCAwDQYJKoZIhvcNAQELBQADggEBADKd6BAvA9+sYlE70h0EIjeui75h
JpG6/tRnUzd24HHl6rRCYE2k+0aUZFFJBYNHz5KEYrLmeccFrqZaL5z805Cm+5i5
qBZxJ+80fH0667f5y9/LlNGwEdy6hVuwDaGsgjgSu2EzaCteku75IWzohK9qhlUP
2wHvGKyGNCriYw0BkbsVW4+Vsxm1xTht1PDkJCJnmPMFamQSn5XBIKpLaSnXPoC0
Gqw2oKdZxblfX9HmyfFI+yuPvltlBqAIC8w68FSppxw17ILXo1VWaPIEkx+RzyjN
Ax2UNT2IiJDXa+QyRRa8M2sNTi3vSQvlsKsDwvKtSSCm89RP1yFG/MyFbKQ=
-----END CERTIFICATE-----