Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e0b39767-6ac3-4c62-88d6-c3e7f91393c6.roa
File:                     e0b39767-6ac3-4c62-88d6-c3e7f91393c6.roa (raw, json)
Hash identifier:          /IBr7h9TraPrtPcMzaDxHBgN0VecznjXkVBvdMDCjLE=
Subject key identifier:   DD:C6:14:8F:C4:FF:0B:C7:FF:4C:BB:AE:07:90:B2:30:9A:52:93:8F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0EE005940C813C37B0D692A4E4BA9A5BF2087081
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e0b39767-6ac3-4c62-88d6-c3e7f91393c6.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.245.0.0/16 maxlen: 16
Validation:               Failed, certificate revoked on Fri 31 Jan 2025 22:40:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:e0:05:94:0c:81:3c:37:b0:d6:92:a4:e4:ba:9a:5b:f2:08:70:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:12:6b:85:a9:2b:2d:b5:32:9a:6a:ef:c9:7a:
                    c6:6e:58:45:a9:42:d4:36:d2:2a:a2:14:cc:8f:00:
                    69:2c:92:01:c4:11:11:13:7b:b1:e0:5d:28:87:fa:
                    66:85:f4:77:5a:33:48:0b:83:b1:a3:f2:00:1c:2e:
                    0c:d0:c9:65:57:09:3b:b4:65:b5:d6:51:41:f6:95:
                    2c:67:5f:ef:5d:44:04:fa:e6:cf:16:20:59:85:12:
                    5b:a5:b0:c3:e9:b7:c2:b2:a5:d0:fb:36:4d:88:a9:
                    77:1d:67:7e:68:2b:c0:85:e9:5b:bb:ed:79:f1:32:
                    b2:dc:10:5c:11:1c:66:39:75:3f:f7:94:91:91:71:
                    e6:aa:d1:d7:85:eb:26:32:fe:34:d9:2c:dd:48:0c:
                    5c:99:e6:8f:22:81:b7:70:de:84:64:71:8e:0a:c0:
                    92:8a:ca:85:0b:a6:f1:41:4d:a8:e6:f5:9c:fe:7f:
                    1f:43:ad:e9:e1:22:99:65:e6:3c:09:e7:1b:0a:03:
                    45:da:ce:b7:e0:15:03:4b:67:7b:1e:04:4e:81:71:
                    de:20:bb:0d:6e:c6:35:de:14:15:b0:fa:cc:97:a1:
                    28:cd:37:a8:81:dc:a4:f0:e6:ce:23:6b:c3:a0:07:
                    ed:c7:df:94:ce:7d:fc:65:56:b9:79:19:92:d7:ff:
                    ce:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C6:14:8F:C4:FF:0B:C7:FF:4C:BB:AE:07:90:B2:30:9A:52:93:8F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e0b39767-6ac3-4c62-88d6-c3e7f91393c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.245.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         34:f9:b3:e7:3d:1f:b5:42:6f:bf:95:3e:12:8b:4f:43:92:45:
         ae:8a:5d:30:b2:1a:29:4f:04:ea:51:be:a2:03:68:04:63:62:
         fc:2f:2c:09:5c:0d:aa:98:05:44:32:f5:52:b4:fd:19:42:bb:
         c0:67:4c:f8:9c:a3:30:d1:e7:c4:76:f1:0e:28:e2:6f:66:ac:
         21:b4:63:2f:d2:26:61:b8:fb:e7:c9:a8:51:bc:16:0f:34:fc:
         ca:d1:19:dd:f7:a5:35:fe:00:12:75:2c:c0:39:8f:b1:95:60:
         0b:2a:aa:db:16:99:dd:0a:ed:2d:8a:76:36:43:e6:e4:d3:f3:
         d1:1c:fa:2d:a5:aa:98:37:5f:54:f7:17:4e:02:ba:64:cd:fd:
         b0:cd:e5:e9:fa:10:fe:c5:21:97:68:38:19:01:f8:a7:97:a2:
         8f:7b:df:ad:18:61:07:6c:02:c6:c3:2f:aa:ad:ef:a5:ef:40:
         6c:25:b4:a5:16:2e:56:68:05:b0:c8:f7:b5:04:5b:0d:0c:2a:
         4f:58:bd:b1:43:73:7a:6e:64:18:31:0a:d6:e8:ee:36:e0:54:
         b1:d5:35:a7:7b:87:61:d7:19:33:bb:9c:b0:cb:70:9d:ce:f5:
         0a:a3:b1:df:a2:77:9a:4f:e3:20:94:5a:47:df:bc:06:c0:73:
         8c:1a:64:f5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDuAFlAyBPDew1pKk5LqaW/IIcIEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5M2U5YjM3YzRjYTA5N2E2OGMwYzU5YjU5ZDBlZjkzYmM0
ZTYyMjRmOTg3ZWEwZjZlN2VmZmYzZGU1ZDQ4NzNiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdEmuFqSsttTKaau/JesZuWEWpQtQ20iqiFMyPAGkskgHE
ERETe7HgXSiH+maF9HdaM0gLg7Gj8gAcLgzQyWVXCTu0ZbXWUUH2lSxnX+9dRAT6
5s8WIFmFElulsMPpt8KypdD7Nk2IqXcdZ35oK8CF6Vu77XnxMrLcEFwRHGY5dT/3
lJGRceaq0deF6yYy/jTZLN1IDFyZ5o8igbdw3oRkcY4KwJKKyoULpvFBTajm9Zz+
fx9DrenhIpll5jwJ5xsKA0XazrfgFQNLZ3seBE6Bcd4guw1uxjXeFBWw+syXoSjN
N6iB3KTw5s4ja8OgB+3H35TOffxlVrl5GZLX/87XAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3cYUj8T/C8f/TLuuB5CyMJpSk48wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UwYjM5NzY3LTZhYzMtNGM2Mi04OGQ2LWMzZTdmOTEzOTNjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA29TANBgkqhkiG9w0BAQsFAAOCAQEANPmz5z0ftUJvv5U+EotPQ5JFropd
MLIaKU8E6lG+ogNoBGNi/C8sCVwNqpgFRDL1UrT9GUK7wGdM+JyjMNHnxHbxDiji
b2asIbRjL9ImYbj758moUbwWDzT8ytEZ3felNf4AEnUswDmPsZVgCyqq2xaZ3Qrt
LYp2NkPm5NPz0Rz6LaWqmDdfVPcXTgK6ZM39sM3l6foQ/sUhl2g4GQH4p5eij3vf
rRhhB2wCxsMvqq3vpe9AbCW0pRYuVmgFsMj3tQRbDQwqT1i9sUNzem5kGDEK1uju
NuBUsdU1p3uHYdcZM7ucsMtwnc71CqOx36J3mk/jIJRaR9+8BsBzjBpk9Q==
-----END CERTIFICATE-----