Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4bc13f89-b24a-4dee-8517-d86fd571b2cd.roa
File:                     4bc13f89-b24a-4dee-8517-d86fd571b2cd.roa (raw, json)
Hash identifier:          mBKbjIak9rg+/Dv60DuyehA1VUkZ25IxZsMm9Gd0DKI=
Subject key identifier:   DC:DD:41:81:54:33:26:5E:08:9C:8E:2D:2E:9D:62:A7:C9:5D:DC:2F
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       6E29C5A4FDCD5166B8108449518A1BE2AEE207F0
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4bc13f89-b24a-4dee-8517-d86fd571b2cd.roa
Signing time:             Wed 28 May 2025 13:38:31 +0000
ROA not before:           Wed 28 May 2025 13:38:31 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:520a::/48 maxlen: 48
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 18:37:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:29:c5:a4:fd:cd:51:66:b8:10:84:49:51:8a:1b:e2:ae:e2:07:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: May 28 13:38:31 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=753022a07faed6f52e2836ebdfdd6359698e1970a6e3e72b473a9e9d13c425d2, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:9e:dc:15:d7:e9:b4:a4:77:e9:20:24:6e:c3:
                    89:dc:36:9f:cd:45:e9:51:09:20:63:49:5e:4d:a0:
                    2b:65:be:68:28:72:54:fb:05:8c:b9:c2:c7:39:64:
                    0e:9e:e7:f6:82:95:3d:1f:84:f1:2f:54:0e:41:94:
                    97:95:3f:c4:0e:04:e4:6f:82:18:41:77:8a:33:8c:
                    ce:11:ad:c0:46:d4:b2:bf:a1:64:06:9a:9b:87:a3:
                    f2:4c:c6:56:72:47:16:37:e2:4a:d0:36:33:b6:38:
                    73:7f:9b:d2:45:5c:cd:6a:84:36:79:cf:76:5b:9f:
                    fc:31:b0:ec:31:e2:b0:6c:30:e6:11:b2:59:96:5f:
                    79:1c:bf:2f:8b:79:9e:2d:6e:c2:86:d7:0d:3b:17:
                    8c:d7:2e:b5:1d:c5:f0:c1:af:e5:d1:68:3f:56:1d:
                    b8:2a:7c:14:cc:ae:59:35:98:12:08:ec:72:93:6f:
                    a9:44:36:4e:61:c9:5c:51:ad:46:6c:c4:80:81:f6:
                    8f:2f:0a:75:64:7a:37:1b:b4:1f:9c:6b:33:4d:be:
                    7a:b5:ea:03:91:62:0a:dd:a9:3f:d4:a0:6a:82:c5:
                    6c:b6:17:4d:ff:4d:c5:fe:ec:dc:ae:38:41:e6:9e:
                    14:7d:5f:b3:3b:cb:00:df:43:82:a4:25:0b:d4:94:
                    50:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:DD:41:81:54:33:26:5E:08:9C:8E:2D:2E:9D:62:A7:C9:5D:DC:2F
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4bc13f89-b24a-4dee-8517-d86fd571b2cd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:520a::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:d2:89:6a:37:f6:dd:3e:3e:b5:1c:6c:21:36:94:84:99:32:
         25:d2:f1:17:86:b6:59:1e:15:61:f0:5d:d1:a4:27:40:2c:ce:
         fe:70:64:1a:6f:06:21:53:f7:64:41:80:7e:d0:d5:bd:f9:0d:
         7a:d2:a5:13:7e:fe:c6:c6:89:77:a2:e7:4b:0a:d6:fc:b5:2a:
         4e:fe:bb:e7:cc:34:44:7e:81:88:3a:5f:40:f2:ee:fd:a8:08:
         09:a8:f8:15:46:7a:15:8c:a8:4d:ab:98:a4:0e:9e:e2:bf:1b:
         01:6c:08:d8:2e:62:9c:ce:71:ce:d3:fe:a1:76:bb:19:68:42:
         9d:2e:60:02:31:95:09:90:3b:07:5f:ff:88:ff:fc:af:b2:cd:
         d6:aa:28:74:33:05:8a:67:8e:02:0a:f1:ca:aa:11:6c:71:7c:
         ef:27:cd:59:da:22:b4:75:76:89:30:1d:aa:ce:49:04:67:c4:
         17:71:bd:bc:82:7a:6c:52:8d:91:67:01:34:10:47:1e:74:cf:
         49:8d:8b:8a:9a:10:cd:1b:1a:de:0a:01:74:40:45:0e:aa:0a:
         89:e3:d2:5a:59:26:85:43:1e:d1:01:ce:8c:7d:b1:a9:91:84:
         4d:b6:61:a6:9a:5f:36:3b:db:8e:d7:37:0a:f5:75:d3:2b:8c:
         0c:42:15:62
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUbinFpP3NUWa4EIRJUYob4q7iB/AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwNTI4MTMzODMxWhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NTMwMjJhMDdmYWVkNmY1MmUyODM2ZWJkZmRkNjM1OTY5
OGUxOTcwYTZlM2U3MmI0NzNhOWU5ZDEzYzQyNWQyMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsntwV1+m0pHfpICRuw4ncNp/NRelRCSBjSV5NoCtlvmgo
clT7BYy5wsc5ZA6e5/aClT0fhPEvVA5BlJeVP8QOBORvghhBd4ozjM4RrcBG1LK/
oWQGmpuHo/JMxlZyRxY34krQNjO2OHN/m9JFXM1qhDZ5z3Zbn/wxsOwx4rBsMOYR
slmWX3kcvy+LeZ4tbsKG1w07F4zXLrUdxfDBr+XRaD9WHbgqfBTMrlk1mBII7HKT
b6lENk5hyVxRrUZsxICB9o8vCnVkejcbtB+cazNNvnq16gORYgrdqT/UoGqCxWy2
F03/TcX+7NyuOEHmnhR9X7M7ywDfQ4KkJQvUlFDNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3N1BgVQzJl4InI4tLp1ip8ld3C8wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzRiYzEzZjg5LWIyNGEtNGRlZS04NTE3LWQ4NmZkNTcxYjJjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAUgowDQYJKoZIhvcNAQELBQADggEBADLSiWo39t0+PrUcbCE2lISZ
MiXS8ReGtlkeFWHwXdGkJ0Aszv5wZBpvBiFT92RBgH7Q1b35DXrSpRN+/sbGiXei
50sK1vy1Kk7+u+fMNER+gYg6X0Dy7v2oCAmo+BVGehWMqE2rmKQOnuK/GwFsCNgu
YpzOcc7T/qF2uxloQp0uYAIxlQmQOwdf/4j//K+yzdaqKHQzBYpnjgIK8cqqEWxx
fO8nzVnaIrR1dokwHarOSQRnxBdxvbyCemxSjZFnATQQRx50z0mNi4qaEM0bGt4K
AXRARQ6qConj0lpZJoVDHtEBzox9samRhE22YaaaXzY7247XNwr1ddMrjAxCFWI=
-----END CERTIFICATE-----