Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4a6e080c-9f9b-4799-8930-a573aee00d92.roa
File:                     4a6e080c-9f9b-4799-8930-a573aee00d92.roa (raw, json)
Hash identifier:          EK244CTifzfgd6jyN/dVn9aTWeerN/hMyJtKOEizUI0=
Subject key identifier:   77:72:3E:44:DD:34:C4:D7:7D:ED:DC:2D:49:2E:08:E6:CC:26:C3:59
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       156CEB83ED15658B312B7A49EDB6BCFC115FA8A9
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4a6e080c-9f9b-4799-8930-a573aee00d92.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.234.0.0/16 maxlen: 24
Validation:               Failed, certificate revoked on Tue 14 Jan 2025 18:39:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:6c:eb:83:ed:15:65:8b:31:2b:7a:49:ed:b6:bc:fc:11:5f:a8:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a3:68:5c:d0:9a:f7:f6:bc:a5:d7:3e:1d:9c:
                    92:e4:d0:6b:79:19:0e:4a:3d:26:8c:ba:11:c4:a7:
                    71:46:e8:5f:45:32:ef:97:01:ea:60:7e:7c:99:b1:
                    b2:e5:b0:74:dd:30:65:dd:a7:dd:3e:d1:a7:1b:8a:
                    9f:d8:ee:21:02:50:1b:23:b2:a8:85:78:c4:6e:02:
                    e1:b6:d4:33:1f:aa:a9:0e:82:39:08:3d:45:30:2a:
                    de:91:2d:91:7a:be:93:80:f4:4e:81:d0:4e:72:30:
                    ef:0f:c7:72:bf:ef:db:a2:43:e2:4e:23:e8:77:59:
                    ee:cd:21:09:c4:09:f8:2d:65:e7:ca:89:5a:36:6b:
                    cc:da:50:13:cc:5c:8e:e0:af:50:3b:fc:b1:f4:82:
                    a4:85:ff:68:14:c4:9a:b6:1b:e1:6a:c5:26:b4:69:
                    85:71:e4:54:57:a4:63:17:36:ef:64:37:b5:9d:f7:
                    0c:81:7f:45:f5:ab:41:6a:19:bf:b9:e4:df:43:b6:
                    83:18:85:31:19:92:b6:2c:41:ff:bc:22:58:43:0a:
                    ea:00:ba:9d:7b:9e:2f:21:84:16:71:ee:c5:df:1d:
                    63:1c:f8:c6:de:84:c7:08:b9:fe:02:65:4c:00:c8:
                    0f:28:83:dc:16:70:45:99:dd:cd:03:19:da:7c:f0:
                    04:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:72:3E:44:DD:34:C4:D7:7D:ED:DC:2D:49:2E:08:E6:CC:26:C3:59
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4a6e080c-9f9b-4799-8930-a573aee00d92.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.234.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5b:d5:90:6e:be:6b:90:60:e1:12:2f:34:1d:e1:09:95:d3:41:
         7e:fb:88:5a:38:4a:fa:89:9e:38:4e:3e:7b:2c:ec:f8:92:b9:
         c9:13:2c:a5:ba:51:46:00:b5:ed:0d:83:14:ad:c8:e4:46:ba:
         74:ee:ad:70:ba:e3:0f:91:4b:06:47:1e:bd:83:55:54:27:c5:
         7c:b0:07:c6:0b:a0:1c:f3:19:3f:40:c8:20:1a:6e:a5:33:b3:
         aa:54:32:58:ea:e4:31:42:a0:b2:ad:bd:5e:99:2b:72:ed:6b:
         7e:25:ca:59:7c:13:11:d6:0d:1e:a2:11:e9:42:87:d7:1f:b9:
         4e:6d:4e:66:7c:47:0c:8c:f7:c9:68:79:64:ef:ac:de:81:d0:
         e2:be:5d:5b:a2:6e:4a:5c:3d:51:fe:00:21:1b:0f:88:64:e7:
         10:0a:0c:8f:21:f0:c3:ca:7e:43:47:09:5e:59:a3:e7:13:32:
         ce:a4:28:6c:40:a6:c2:12:f4:11:65:fa:65:e6:e5:e8:75:95:
         de:7f:c8:49:43:47:7b:9c:e2:16:f8:4c:b1:59:c1:c3:c7:f3:
         54:98:cb:0e:db:dd:87:e5:1e:b7:18:46:7b:0a:d1:4f:b8:3c:
         cf:2f:d3:2e:28:a9:d9:a9:e1:b2:80:27:3e:b3:6d:7a:ed:f6:
         a3:d4:26:07
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFWzrg+0VZYsxK3pJ7ba8/BFfqKkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2Nzk2YTUyYmI0Mjk0OTNjODI1MmYwOWMxYTM0MmE3MGIy
ODhlMGRhMTdjOGUxMmZiMjdiNDgzMDRjNWFiOWJhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSo2hc0Jr39ryl1z4dnJLk0Gt5GQ5KPSaMuhHEp3FG6F9F
Mu+XAepgfnyZsbLlsHTdMGXdp90+0acbip/Y7iECUBsjsqiFeMRuAuG21DMfqqkO
gjkIPUUwKt6RLZF6vpOA9E6B0E5yMO8Px3K/79uiQ+JOI+h3We7NIQnECfgtZefK
iVo2a8zaUBPMXI7gr1A7/LH0gqSF/2gUxJq2G+FqxSa0aYVx5FRXpGMXNu9kN7Wd
9wyBf0X1q0FqGb+55N9DtoMYhTEZkrYsQf+8IlhDCuoAup17ni8hhBZx7sXfHWMc
+MbehMcIuf4CZUwAyA8og9wWcEWZ3c0DGdp88ARXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUd3I+RN00xNd97dwtSS4I5swmw1kwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzRhNmUwODBjLTlmOWItNDc5OS04OTMwLWE1NzNhZWUwMGQ5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAP6jANBgkqhkiG9w0BAQsFAAOCAQEAW9WQbr5rkGDhEi80HeEJldNBfvuI
WjhK+omeOE4+eyzs+JK5yRMspbpRRgC17Q2DFK3I5Ea6dO6tcLrjD5FLBkcevYNV
VCfFfLAHxgugHPMZP0DIIBpupTOzqlQyWOrkMUKgsq29Xpkrcu1rfiXKWXwTEdYN
HqIR6UKH1x+5Tm1OZnxHDIz3yWh5ZO+s3oHQ4r5dW6JuSlw9Uf4AIRsPiGTnEAoM
jyHww8p+Q0cJXlmj5xMyzqQobECmwhL0EWX6Zebl6HWV3n/ISUNHe5ziFvhMsVnB
w8fzVJjLDtvdh+UetxhGewrRT7g8zy/TLiip2anhsoAnPrNteu32o9QmBw==
-----END CERTIFICATE-----