Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8da41127-d21d-42ff-98a2-b48683b60c42.roa
File:                     8da41127-d21d-42ff-98a2-b48683b60c42.roa (raw, json)
Hash identifier:          bWResZllOlSexp1FkhDjhosxLw+/216dISoGcmCP/9M=
Subject key identifier:   AB:72:FC:8B:36:1F:EB:DD:CC:08:F4:08:0E:36:40:28:8F:8E:F1:2E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4F6EBF1D1C2B09DBBB989982BC5BC09521C02ECF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8da41127-d21d-42ff-98a2-b48683b60c42.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.46.180.0/22 maxlen: 22
Validation:               Failed, certificate revoked on Fri 31 Jan 2025 16:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:6e:bf:1d:1c:2b:09:db:bb:98:99:82:bc:5b:c0:95:21:c0:2e:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:90:6e:72:36:4e:f9:af:24:09:c0:e3:d9:04:
                    e6:26:51:88:73:53:d5:23:9a:2b:ef:72:ed:b8:d5:
                    fc:6a:5c:90:43:5a:c6:9b:c0:93:44:14:8b:20:c3:
                    d6:2e:44:30:7e:d5:05:10:d3:d1:5a:6b:91:5d:8f:
                    48:b1:54:95:a7:12:60:81:75:71:65:f4:32:36:ed:
                    52:76:14:60:52:61:d2:73:bb:d2:e3:5c:02:11:a4:
                    d2:2a:22:1d:e4:76:5b:e1:cf:60:9f:92:e6:c9:fd:
                    34:ab:2a:d6:a1:1a:23:52:d3:b5:17:2b:0f:a2:a4:
                    6a:c1:f1:59:93:d7:79:93:d2:44:63:80:48:59:fe:
                    3e:89:ef:08:63:78:08:b2:c7:20:5f:09:b6:b2:bf:
                    3b:73:9a:f8:c1:1c:a2:83:65:f8:5b:0e:49:7b:fb:
                    66:14:4c:4a:d6:85:02:d7:93:24:40:b9:13:f2:d6:
                    52:dd:7b:11:02:cc:76:1e:e6:65:6e:14:ca:97:95:
                    ec:1e:d2:1e:ef:67:52:78:11:2b:cf:88:73:3f:43:
                    f3:0c:f4:99:1e:50:fa:2d:ab:f8:ab:83:27:e8:78:
                    80:98:9f:37:9a:b3:6c:a3:27:73:08:c3:17:2c:ed:
                    20:01:2b:b8:b8:85:14:ec:8d:e7:f6:71:9f:68:64:
                    00:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:72:FC:8B:36:1F:EB:DD:CC:08:F4:08:0E:36:40:28:8F:8E:F1:2E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8da41127-d21d-42ff-98a2-b48683b60c42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:3e:a4:73:45:9b:b1:1e:48:a6:d8:f6:bb:ca:a6:2e:f3:4b:
         f2:d4:69:5d:1e:aa:66:03:cd:cc:80:eb:0c:c7:ce:19:6a:30:
         74:e4:6e:38:8e:ba:c9:45:43:df:dc:33:8b:c2:19:0b:f9:aa:
         bd:5e:06:64:e2:da:72:1d:6d:e4:f2:80:97:5a:1e:4f:21:d7:
         bf:c1:f1:b5:ab:38:cd:b5:9f:36:f9:d0:75:b8:af:84:b4:aa:
         d1:f8:6a:6a:8b:3c:7b:e0:97:23:d8:c8:57:5c:0a:74:86:00:
         67:da:b1:7a:39:a4:df:6e:80:cd:0e:0c:f2:07:49:0e:c8:df:
         93:29:24:ff:76:89:11:85:a8:80:36:2f:25:b1:b8:b2:80:00:
         19:76:4d:bf:eb:1a:ba:98:0c:50:df:40:d7:2e:4b:95:3e:af:
         50:dd:4e:8a:b7:91:5a:80:0c:a3:41:72:cf:76:2d:fd:b8:6e:
         d5:4a:89:5c:b9:05:01:be:03:c2:ba:90:0d:60:88:db:34:67:
         86:b8:55:5a:77:3b:54:ae:2e:40:b6:d3:36:db:2d:c7:9d:9a:
         93:8e:92:e9:07:28:d4:e1:c3:3f:7e:e1:be:b5:b2:39:83:3a:
         f9:cf:ec:5f:06:48:bd:68:7d:b0:5b:e2:6d:ee:14:0b:7a:74:
         a5:71:05:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT26/HRwrCdu7mJmCvFvAlSHALs8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOWRjMTE1NWNmN2UwZjI4NTUwYTc5ZjRlNzk4ZDExMGQ2
YTRkMGM1MGVlNzBhMzNlZWI4NWQyYjQ0ZjRmOTIyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClkG5yNk75ryQJwOPZBOYmUYhzU9Ujmivvcu241fxqXJBD
WsabwJNEFIsgw9YuRDB+1QUQ09Faa5Fdj0ixVJWnEmCBdXFl9DI27VJ2FGBSYdJz
u9LjXAIRpNIqIh3kdlvhz2CfkubJ/TSrKtahGiNS07UXKw+ipGrB8VmT13mT0kRj
gEhZ/j6J7whjeAiyxyBfCbayvztzmvjBHKKDZfhbDkl7+2YUTErWhQLXkyRAuRPy
1lLdexECzHYe5mVuFMqXlewe0h7vZ1J4ESvPiHM/Q/MM9JkeUPotq/irgyfoeICY
nzeas2yjJ3MIwxcs7SABK7i4hRTsjef2cZ9oZAABAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUq3L8izYf693MCPQIDjZAKI+O8S4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhkYTQxMTI3LWQyMWQtNDJmZi05OGEyLWI0ODY4M2I2MGM0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0LrQwDQYJKoZIhvcNAQELBQADggEBAGw+pHNFm7EeSKbY9rvKpi7zS/LU
aV0eqmYDzcyA6wzHzhlqMHTkbjiOuslFQ9/cM4vCGQv5qr1eBmTi2nIdbeTygJda
Hk8h17/B8bWrOM21nzb50HW4r4S0qtH4amqLPHvglyPYyFdcCnSGAGfasXo5pN9u
gM0ODPIHSQ7I35MpJP92iRGFqIA2LyWxuLKAABl2Tb/rGrqYDFDfQNcuS5U+r1Dd
Toq3kVqADKNBcs92Lf24btVKiVy5BQG+A8K6kA1giNs0Z4a4VVp3O1SuLkC20zbb
LcedmpOOkukHKNThwz9+4b61sjmDOvnP7F8GSL1ofbBb4m3uFAt6dKVxBRw=
-----END CERTIFICATE-----