Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0758e6e7-91cd-444b-b616-9a6bb5d010f6.roa
File:                     0758e6e7-91cd-444b-b616-9a6bb5d010f6.roa (raw, json)
Hash identifier:          ytzpF07CzNsDrfXCwXM+CGuGuz4qm3kAyjfdwZAXm0Q=
Subject key identifier:   49:AA:B3:BF:F2:11:F6:46:01:4F:07:AA:97:62:CB:41:4D:AA:98:52
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       71FFE2C44874FBC6F524593A1FB0093AD0D4BC46
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0758e6e7-91cd-444b-b616-9a6bb5d010f6.roa
Signing time:             Fri 20 Dec 2024 00:00:00 +0000
ROA not before:           Fri 20 Dec 2024 00:00:00 +0000
ROA not after:            Fri 24 Jan 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        162.137.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Jan 2025 06:07:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:ff:e2:c4:48:74:fb:c6:f5:24:59:3a:1f:b0:09:3a:d0:d4:bc:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec 20 00:00:00 2024 GMT
            Not After : Jan 24 23:59:59 2025 GMT
        Subject: serialNumber=fbf1c3aead7167e868faf7bc3f3ea851c37f05a4469213912f80f08de3e92826, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:40:d6:b7:53:de:3d:21:e7:a6:de:23:39:c3:
                    1a:84:0c:61:66:9c:8c:2b:8b:99:87:c8:c7:d3:9b:
                    e1:d4:82:0d:cb:13:3a:2f:95:d1:e3:31:a9:3f:3a:
                    7d:92:dc:68:91:bd:5a:a5:56:a1:e8:fb:0f:66:45:
                    ef:0c:25:96:1d:b9:6f:8c:a6:1d:58:f2:c6:b6:d7:
                    19:73:e6:ac:12:34:09:9b:ec:99:21:a7:54:eb:a0:
                    d0:af:e0:bb:6e:f8:c0:80:03:7b:e9:1c:32:63:2d:
                    28:eb:8a:3d:80:ae:fb:be:82:fa:b8:86:30:f3:75:
                    ae:3d:be:76:3e:10:21:34:76:a6:4a:1f:c2:46:cd:
                    8c:bb:e8:2a:c3:d9:82:6c:65:7e:28:16:74:94:a8:
                    6c:72:43:00:79:a5:38:63:e7:cc:3c:cc:15:90:08:
                    3d:38:45:2d:97:bf:21:4d:68:95:37:f4:49:67:19:
                    68:9b:3c:1b:9f:09:b1:79:67:27:e2:ed:10:9e:0f:
                    cb:cb:6e:46:0d:c2:46:e1:e6:8b:a4:62:f1:22:c3:
                    1c:a9:8e:59:a4:df:78:da:13:6d:13:5a:70:07:cf:
                    60:d6:50:26:17:69:ac:a2:a9:67:ee:96:73:39:ae:
                    93:49:20:89:b6:12:00:c9:fe:0c:5e:eb:38:4f:d0:
                    0e:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:AA:B3:BF:F2:11:F6:46:01:4F:07:AA:97:62:CB:41:4D:AA:98:52
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0758e6e7-91cd-444b-b616-9a6bb5d010f6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.137.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4e:31:cd:bb:99:8f:20:8a:0c:a3:4a:b6:ed:c2:8b:22:25:ad:
         71:ba:4d:32:8b:83:fe:3d:76:9b:8d:9a:fe:ca:f6:2f:0c:c7:
         b0:f9:d0:a0:28:7a:ff:9c:da:01:39:44:88:e0:88:f5:7e:5a:
         8b:93:28:53:63:a7:05:b3:85:59:00:f4:71:a3:55:1a:a4:cc:
         e5:33:2a:ac:71:cd:4e:c6:47:06:47:d2:68:78:68:a5:98:6c:
         b5:f5:25:61:0d:c2:00:42:d2:02:70:0e:b5:03:7d:35:e5:93:
         24:cf:26:6a:02:94:cd:96:77:5f:87:b5:9d:83:78:ce:b8:9a:
         2e:dd:a3:b5:b2:1e:9b:6b:68:dd:2c:3e:9f:ef:a8:e3:04:67:
         ce:e4:5c:6f:b3:f5:51:a0:56:ff:3f:72:42:b0:0c:91:e9:8b:
         7a:02:99:c8:9c:28:81:94:2a:5b:9e:06:c4:c2:2a:94:f0:59:
         3b:47:cb:42:f1:2e:d7:93:86:44:b1:a5:22:62:16:3e:c7:4e:
         13:7f:09:f4:3e:86:a9:ba:07:6f:23:2e:66:b7:6c:e9:c9:bf:
         78:dc:c6:ed:c0:f9:0e:18:46:08:a4:ed:85:78:74:43:6d:14:
         0a:33:8f:08:4a:5c:1a:ab:bd:af:f5:f0:53:3e:c2:ae:4a:ef:
         47:62:cd:f4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcf/ixEh0+8b1JFk6H7AJOtDUvEYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQxMjIwMDAwMDAwWhcNMjUwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYmYxYzNhZWFkNzE2N2U4NjhmYWY3YmMzZjNlYTg1MWMz
N2YwNWE0NDY5MjEzOTEyZjgwZjA4ZGUzZTkyODI2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkQNa3U949Ieem3iM5wxqEDGFmnIwri5mHyMfTm+HUgg3L
EzovldHjMak/On2S3GiRvVqlVqHo+w9mRe8MJZYduW+Mph1Y8sa21xlz5qwSNAmb
7Jkhp1TroNCv4Ltu+MCAA3vpHDJjLSjrij2Arvu+gvq4hjDzda49vnY+ECE0dqZK
H8JGzYy76CrD2YJsZX4oFnSUqGxyQwB5pThj58w8zBWQCD04RS2XvyFNaJU39Eln
GWibPBufCbF5Zyfi7RCeD8vLbkYNwkbh5oukYvEiwxypjlmk33jaE20TWnAHz2DW
UCYXaayiqWfulnM5rpNJIIm2EgDJ/gxe6zhP0A5fAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUSaqzv/IR9kYBTweql2LLQU2qmFIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA3NThlNmU3LTkxY2QtNDQ0Yi1iNjE2LTlhNmJiNWQwMTBmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCiiTANBgkqhkiG9w0BAQsFAAOCAQEATjHNu5mPIIoMo0q27cKLIiWtcbpN
MouD/j12m42a/sr2LwzHsPnQoCh6/5zaATlEiOCI9X5ai5MoU2OnBbOFWQD0caNV
GqTM5TMqrHHNTsZHBkfSaHhopZhstfUlYQ3CAELSAnAOtQN9NeWTJM8magKUzZZ3
X4e1nYN4zriaLt2jtbIem2to3Sw+n++o4wRnzuRcb7P1UaBW/z9yQrAMkemLegKZ
yJwogZQqW54GxMIqlPBZO0fLQvEu15OGRLGlImIWPsdOE38J9D6GqboHbyMuZrds
6cm/eNzG7cD5DhhGCKTthXh0Q20UCjOPCEpcGqu9r/XwUz7CrkrvR2LN9A==
-----END CERTIFICATE-----
Generated at Tue Jan 14 08:27:17 2025 by rpki-client on console-fra.rpki-client.org