Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/5c9e46ab-df0c-4722-9935-9b0d9b6a70dd.roa
File:                     5c9e46ab-df0c-4722-9935-9b0d9b6a70dd.roa (raw, json)
Hash identifier:          A9ehT3y/TQyLAtBdqYPb9FXablX1rLzIrLzNn00Z4JE=
Subject key identifier:   83:F8:21:FA:F2:E5:8F:67:BD:4E:40:CC:02:B8:D8:18:2D:51:20:B9
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       51B31E59E91A587B18CA2522C58CA82D4EA6609F
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/5c9e46ab-df0c-4722-9935-9b0d9b6a70dd.roa
Signing time:             Wed 28 May 2025 13:37:06 +0000
ROA not before:           Wed 28 May 2025 13:37:06 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:aa00::/40 maxlen: 48
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 18:38:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:b3:1e:59:e9:1a:58:7b:18:ca:25:22:c5:8c:a8:2d:4e:a6:60:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: May 28 13:37:06 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=72cdc653c6a229cc93e38df777f5259e9b619598eeea06f7ba2c650ea022516b, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:da:c9:91:aa:f3:33:30:38:bf:00:67:f3:3a:
                    f8:bd:a7:a5:13:88:12:57:e3:30:a2:83:f8:17:29:
                    4d:8e:14:c1:86:55:71:8d:c8:ac:74:13:b5:c1:6a:
                    5d:5f:5d:87:27:33:26:b9:b3:15:e9:c0:d1:f6:36:
                    0a:fb:9a:7d:05:21:72:31:a0:9d:48:c0:86:7e:9e:
                    1e:33:76:90:9d:24:47:e6:d2:2b:5d:ec:45:b6:2b:
                    f7:27:db:ed:2b:2f:b9:ba:2c:96:5c:67:81:67:2f:
                    24:65:88:8f:f9:23:ab:99:9b:56:7e:47:31:ba:ff:
                    a9:20:6a:ec:07:32:ad:41:bd:29:68:4e:14:83:54:
                    59:e1:05:e2:68:1e:78:56:fe:d4:0d:16:e6:44:08:
                    cc:7f:dd:a1:d1:92:7a:0e:95:12:68:29:de:10:0c:
                    1e:63:06:5b:eb:91:9d:ca:42:c4:9e:6f:bd:3b:a5:
                    c2:56:5e:76:29:d6:9a:56:4f:64:24:44:16:fb:ce:
                    86:83:2a:fb:ec:97:88:13:56:43:be:f2:70:e8:14:
                    cd:27:56:3d:b2:47:3e:00:6b:8f:cc:ec:5d:63:39:
                    50:c8:03:45:9a:65:6b:f8:dc:f8:cc:49:07:60:42:
                    2d:89:97:99:2b:9d:d3:a5:2c:13:a6:4a:10:7c:7e:
                    1e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:F8:21:FA:F2:E5:8F:67:BD:4E:40:CC:02:B8:D8:18:2D:51:20:B9
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/5c9e46ab-df0c-4722-9935-9b0d9b6a70dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:aa00::/40

    Signature Algorithm: sha256WithRSAEncryption
         18:fc:4d:6c:09:69:13:8d:b0:a4:bb:56:1b:7c:91:8e:6f:7d:
         2f:2a:04:26:cb:25:fc:f3:a9:dd:66:a0:87:8e:bf:35:5e:fd:
         0f:72:20:db:94:2c:52:ba:79:ca:61:86:68:6d:63:41:d7:77:
         e7:af:ee:65:1e:44:c6:b0:89:ce:ab:9b:c0:34:bc:4d:13:fa:
         75:73:73:46:a5:fc:f2:e0:8b:7a:5b:fc:f1:5b:da:26:4c:34:
         f9:11:ab:26:1b:06:aa:ec:87:89:ae:6d:d5:3c:b4:55:bb:8e:
         d8:a1:1b:8f:ad:62:95:9a:8a:b8:e1:9f:7a:4b:a4:cf:ee:80:
         90:23:aa:ba:09:0c:d3:d2:10:5f:0a:59:ca:4a:ba:35:3a:3f:
         23:6a:c8:1c:5c:a4:37:c5:73:91:86:e3:3c:d9:37:0b:27:2d:
         6c:01:fe:bd:e6:35:26:d7:91:9d:72:d1:7d:25:92:c8:01:bc:
         63:66:22:24:5f:8e:7d:81:a2:91:d5:98:dd:9b:4f:3b:67:b2:
         34:66:75:73:ef:3d:8d:35:3d:94:19:e6:ba:9d:9d:4b:50:a1:
         9c:cf:12:25:78:b7:ae:fa:c1:0e:36:dd:86:fd:32:e7:48:8c:
         62:21:35:b3:e4:c2:ac:22:fa:c7:f3:3e:f1:36:5f:af:85:3f:
         d4:ab:73:2b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUUbMeWekaWHsYyiUixYyoLU6mYJ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwNTI4MTMzNzA2WhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MmNkYzY1M2M2YTIyOWNjOTNlMzhkZjc3N2Y1MjU5ZTli
NjE5NTk4ZWVlYTA2ZjdiYTJjNjUwZWEwMjI1MTZiMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCX2smRqvMzMDi/AGfzOvi9p6UTiBJX4zCig/gXKU2OFMGG
VXGNyKx0E7XBal1fXYcnMya5sxXpwNH2Ngr7mn0FIXIxoJ1IwIZ+nh4zdpCdJEfm
0itd7EW2K/cn2+0rL7m6LJZcZ4FnLyRliI/5I6uZm1Z+RzG6/6kgauwHMq1BvSlo
ThSDVFnhBeJoHnhW/tQNFuZECMx/3aHRknoOlRJoKd4QDB5jBlvrkZ3KQsSeb707
pcJWXnYp1ppWT2QkRBb7zoaDKvvsl4gTVkO+8nDoFM0nVj2yRz4Aa4/M7F1jOVDI
A0WaZWv43PjMSQdgQi2Jl5krndOlLBOmShB8fh4PAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUg/gh+vLlj2e9TkDMArjYGC1RILkwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzVjOWU0NmFiLWRmMGMtNDcyMi05OTM1LTliMGQ5YjZhNzBkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAJAAqjANBgkqhkiG9w0BAQsFAAOCAQEAGPxNbAlpE42wpLtWG3yRjm99
LyoEJssl/POp3Wagh46/NV79D3Ig25QsUrp5ymGGaG1jQdd356/uZR5ExrCJzqub
wDS8TRP6dXNzRqX88uCLelv88VvaJkw0+RGrJhsGquyHia5t1Ty0VbuO2KEbj61i
lZqKuOGfekukz+6AkCOqugkM09IQXwpZykq6NTo/I2rIHFykN8VzkYbjPNk3Cyct
bAH+veY1JteRnXLRfSWSyAG8Y2YiJF+OfYGikdWY3ZtPO2eyNGZ1c+89jTU9lBnm
up2dS1ChnM8SJXi3rvrBDjbdhv0y50iMYiE1s+TCrCL6x/M+8TZfr4U/1KtzKw==
-----END CERTIFICATE-----