Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/f9d93dd4-7932-480e-863d-a381046ca839.roa
File:                     f9d93dd4-7932-480e-863d-a381046ca839.roa (raw, json)
Hash identifier:          CLdIn9iOhiUWHy/ntXtZLANXFf4Rnm4WtPt5xW47XX8=
Subject key identifier:   D4:7C:A4:30:B8:5E:1E:F6:8F:CF:6B:EF:CD:37:68:1B:1E:36:C7:19
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       20D03C94A66B8F08D9ACDE33E45208DB4FD2A737
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/f9d93dd4-7932-480e-863d-a381046ca839.roa
Signing time:             Tue 20 May 2025 17:50:26 +0000
ROA not before:           Tue 20 May 2025 17:50:26 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.32.0/22 maxlen: 22
Validation:               Failed, certificate revoked on Wed 04 Jun 2025 00:22:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:d0:3c:94:a6:6b:8f:08:d9:ac:de:33:e4:52:08:db:4f:d2:a7:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: May 20 17:50:26 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=240913cd79c0cbd9966a6635f129a929fceceda97cee6fa86cd7f620bfb5860e, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:b5:bb:83:05:1b:bc:2d:a0:09:09:c6:2c:50:
                    0d:70:8e:07:90:06:d7:e2:37:90:a7:52:c3:25:69:
                    5c:ad:c8:4b:20:6f:86:e2:57:29:79:98:e7:3f:ed:
                    46:29:40:4f:f2:44:b8:08:f2:36:6d:cd:6f:06:c5:
                    5e:5c:bb:1d:5e:f9:2d:60:1a:97:a9:cc:89:ea:53:
                    34:30:dc:0a:85:98:97:dd:b9:9f:c5:a2:30:4f:83:
                    63:dd:b0:71:af:90:d7:50:f0:54:24:16:54:2b:9e:
                    91:24:9f:dd:f2:8c:b4:90:7c:76:d5:a3:43:c8:c7:
                    fd:2b:78:2a:b2:82:d2:6c:fd:dd:8f:b1:ec:1a:fd:
                    7e:9a:5d:42:2f:c4:23:37:61:9e:4a:d4:4f:1e:17:
                    26:ca:4b:36:f7:85:0e:50:18:ab:3e:11:13:63:49:
                    81:4b:b3:1c:6f:c2:2d:9f:97:c1:ad:84:a4:04:f4:
                    5d:0a:b4:67:42:61:7b:ee:06:1e:b3:c4:9b:25:3e:
                    bb:c7:d7:c8:68:4c:6a:bb:70:c7:eb:36:40:2c:a2:
                    62:e1:df:36:5d:26:db:0d:55:4b:93:0f:80:21:3b:
                    10:2b:ce:6e:66:ef:54:ba:12:be:75:dc:48:dc:c7:
                    84:6c:03:b6:1a:8d:06:85:f9:30:8d:0c:b5:a4:35:
                    4d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:7C:A4:30:B8:5E:1E:F6:8F:CF:6B:EF:CD:37:68:1B:1E:36:C7:19
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/f9d93dd4-7932-480e-863d-a381046ca839.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:83:fe:83:e1:33:85:fa:fb:fe:a3:2a:d2:9b:1c:57:40:b0:
         ac:1c:a0:2a:af:c1:10:ad:2c:13:74:11:d1:b4:f9:db:fb:ea:
         90:4e:00:e4:fc:9c:e8:00:a2:97:9a:2a:a9:d6:5e:00:de:30:
         23:05:09:b6:99:62:29:0a:2f:f9:d3:db:4d:df:43:59:39:b3:
         f7:31:e9:84:ee:1f:0f:1a:41:92:0e:d6:83:f8:90:b8:2b:2c:
         2c:df:e8:7d:f4:55:1b:80:03:7f:81:4d:e7:2d:8f:eb:d9:3f:
         be:54:d7:9f:4c:bc:09:d4:bf:21:59:c5:db:b9:0f:e8:c3:a2:
         95:81:18:eb:f3:12:03:9a:ca:c6:04:1c:b0:db:40:9f:83:aa:
         eb:f0:21:3f:7d:99:39:ff:35:e1:09:b4:52:ba:36:31:93:44:
         7d:34:b3:30:7e:61:ba:03:13:7f:40:2d:22:0a:07:c1:1c:47:
         4c:3c:fd:3b:3b:bd:1d:5c:dc:9e:2c:ed:db:be:04:d6:cd:d7:
         8a:ae:72:a2:10:5b:e3:f7:ee:40:7a:65:29:4c:ad:f3:63:43:
         70:e6:f3:8a:76:8c:14:cb:e6:cb:60:9a:b4:4a:da:02:cd:18:
         1b:90:d2:85:cf:11:93:43:83:f3:bb:80:25:e4:6b:eb:f3:ee:
         bf:2a:a1:82
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUINA8lKZrjwjZrN4z5FII20/SpzcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNTIwMTc1MDI2WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDA5MTNjZDc5YzBjYmQ5OTY2YTY2MzVmMTI5YTkyOWZj
ZWNlZGE5N2NlZTZmYTg2Y2Q3ZjYyMGJmYjU4NjBlMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD3tbuDBRu8LaAJCcYsUA1wjgeQBtfiN5CnUsMlaVytyEsg
b4biVyl5mOc/7UYpQE/yRLgI8jZtzW8GxV5cux1e+S1gGpepzInqUzQw3AqFmJfd
uZ/FojBPg2PdsHGvkNdQ8FQkFlQrnpEkn93yjLSQfHbVo0PIx/0reCqygtJs/d2P
sewa/X6aXUIvxCM3YZ5K1E8eFybKSzb3hQ5QGKs+ERNjSYFLsxxvwi2fl8GthKQE
9F0KtGdCYXvuBh6zxJslPrvH18hoTGq7cMfrNkAsomLh3zZdJtsNVUuTD4AhOxAr
zm5m71S6Er513Ejcx4RsA7YajQaF+TCNDLWkNU31AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1HykMLheHvaPz2vvzTdoGx42xxkwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2Y5ZDkzZGQ0LTc5MzItNDgwZS04NjNkLWEzODEwNDZjYTgzOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIjYCAwDQYJKoZIhvcNAQELBQADggEBAAmD/oPhM4X6+/6jKtKbHFdAsKwc
oCqvwRCtLBN0EdG0+dv76pBOAOT8nOgAopeaKqnWXgDeMCMFCbaZYikKL/nT203f
Q1k5s/cx6YTuHw8aQZIO1oP4kLgrLCzf6H30VRuAA3+BTectj+vZP75U159MvAnU
vyFZxdu5D+jDopWBGOvzEgOaysYEHLDbQJ+DquvwIT99mTn/NeEJtFK6NjGTRH00
szB+YboDE39ALSIKB8EcR0w8/Ts7vR1c3J4s7du+BNbN14qucqIQW+P37kB6ZSlM
rfNjQ3Dm84p2jBTL5stgmrRK2gLNGBuQ0oXPEZNDg/O7gCXka+vz7r8qoYI=
-----END CERTIFICATE-----