Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/0dee0414-8d67-4374-bd72-56db7ffd9b1a.roa
File:                     0dee0414-8d67-4374-bd72-56db7ffd9b1a.roa (raw, json)
Hash identifier:          Mlst8Dv/oKzzDxhhia8wy/mzj8shzia1YgCaDAhDeGI=
Subject key identifier:   89:F5:A5:57:D3:B0:09:91:A4:61:1F:5C:8D:1E:CC:A1:17:39:E8:36
Certificate issuer:       /CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Certificate serial:       299566BE1BB96EC47BB664C8B302DF7E7156F9FD
Authority key identifier: 15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/0dee0414-8d67-4374-bd72-56db7ffd9b1a.roa
Signing time:             Mon 22 Apr 2024 00:00:00 +0000
ROA not before:           Mon 22 Apr 2024 00:00:00 +0000
ROA not after:            Mon 27 May 2024 23:59:59 +0000
asID:                     395681
IP address blocks:        173.82.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 16:11:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:95:66:be:1b:b9:6e:c4:7b:b6:64:c8:b3:02:df:7e:71:56:f9:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
        Validity
            Not Before: Apr 22 00:00:00 2024 GMT
            Not After : May 27 23:59:59 2024 GMT
        Subject: serialNumber=b73457ef1768e4d651c7fdce5ae13ea89fcc49a41c5aaa6fe63fea183a00d296, CN=35095e3e-84cb-4ad0-bda1-6c6f8da69f61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:db:eb:f4:2d:87:e2:7c:35:eb:8e:27:e9:fe:
                    a8:25:96:0e:fb:11:4d:03:63:63:ae:2f:5d:33:1f:
                    c0:4b:74:1b:af:76:ee:b4:b8:f9:f1:b0:42:e8:30:
                    37:02:2f:ee:fb:d5:fb:24:61:b0:d6:cb:e3:7f:75:
                    43:ca:99:63:43:f0:b3:df:ed:e3:aa:39:00:f1:3d:
                    ff:56:d2:42:33:3f:fc:36:69:ba:56:70:fe:3a:9c:
                    fb:92:2d:72:e3:64:53:76:c5:55:7c:69:4f:fd:a3:
                    da:c4:73:52:54:fb:9e:14:71:d9:b2:be:18:72:2e:
                    4c:8e:c5:d8:1e:59:a1:e8:15:cc:08:4f:9e:93:f8:
                    6d:f0:e6:9d:2b:41:65:e8:08:b7:a6:34:a7:ec:9a:
                    dd:76:c7:98:7e:a5:f4:96:94:f4:3f:90:e8:9e:56:
                    62:e0:14:6b:3a:bd:e1:ab:48:1b:e4:41:b4:f5:62:
                    ff:32:2e:77:74:8a:c8:1c:82:42:c2:83:4f:26:a9:
                    c6:ab:f4:f8:d0:09:50:8b:07:c4:67:ce:d8:a8:15:
                    a8:24:b0:59:01:9c:fd:cd:e2:f7:c3:47:3a:73:c0:
                    92:8e:5d:e2:3c:29:62:8b:f2:a1:88:0c:a6:21:5c:
                    17:bd:b4:84:6f:59:a9:ed:0b:29:68:72:fe:f7:77:
                    72:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:F5:A5:57:D3:B0:09:91:A4:61:1F:5C:8D:1E:CC:A1:17:39:E8:36
            X509v3 Authority Key Identifier:
                keyid:15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/0dee0414-8d67-4374-bd72-56db7ffd9b1a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/z2afnCt1NpzA_dOMFjxYsdQtAQc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1d:61:99:95:c0:a3:6a:17:a9:9d:84:c4:72:5c:9d:88:4b:b7:
         b9:d5:16:ce:08:a5:6f:8c:56:23:a2:5d:a1:f8:ef:2f:0e:c1:
         e6:d6:ab:e6:73:85:6c:87:c8:2d:d5:fb:12:25:51:5d:19:b2:
         fc:e9:14:de:9c:5a:15:5e:fb:f3:c1:6f:16:d8:35:3c:74:e6:
         ef:9a:7e:fe:94:d5:ad:2a:2b:6c:62:47:2a:26:73:ef:0d:31:
         f6:a7:68:8a:29:02:a4:78:37:53:f4:b8:2d:34:31:25:ea:b2:
         f7:ee:51:ed:3e:11:70:08:4e:18:77:f4:b6:d2:0e:18:1f:1a:
         f3:82:d1:d3:a9:2c:89:1c:35:1e:19:4c:12:26:d7:4c:eb:80:
         df:a8:c3:a7:43:ea:a8:7f:d5:8c:ed:ba:33:26:cc:1c:53:6c:
         21:a2:5e:f4:95:df:b4:1b:7e:32:4c:33:c5:f5:66:08:8e:7d:
         2c:d4:72:29:31:0b:c1:b3:bf:09:a8:5f:c9:9d:17:b9:a9:02:
         10:32:12:bd:15:9e:21:05:d4:7d:ca:be:5b:e5:ef:b9:25:18:
         b1:bf:fe:e9:16:e7:9b:5d:81:6c:3c:d4:45:8a:01:fb:59:fe:
         22:a7:9f:0f:e0:b2:e8:c3:d6:98:60:55:6c:46:df:7d:37:19:
         15:24:f0:4c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKZVmvhu5bsR7tmTIswLffnFW+f0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMWIxZmU2NzMyMWNmNjY5ZjljMmI3NTM2OWNjMGZkZDM4
YzE2M2M1OGIxZDQyZDAxMDcwHhcNMjQwNDIyMDAwMDAwWhcNMjQwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzM0NTdlZjE3NjhlNGQ2NTFjN2ZkY2U1YWUxM2VhODlm
Y2M0OWE0MWM1YWFhNmZlNjNmZWExODNhMDBkMjk2MS0wKwYDVQQDEyQzNTA5NWUz
ZS04NGNiLTRhZDAtYmRhMS02YzZmOGRhNjlmNjEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC62+v0LYfifDXrjifp/qgllg77EU0DY2OuL10zH8BLdBuv
du60uPnxsELoMDcCL+771fskYbDWy+N/dUPKmWND8LPf7eOqOQDxPf9W0kIzP/w2
abpWcP46nPuSLXLjZFN2xVV8aU/9o9rEc1JU+54UcdmyvhhyLkyOxdgeWaHoFcwI
T56T+G3w5p0rQWXoCLemNKfsmt12x5h+pfSWlPQ/kOieVmLgFGs6veGrSBvkQbT1
Yv8yLnd0isgcgkLCg08mqcar9PjQCVCLB8RnztioFagksFkBnP3N4vfDRzpzwJKO
XeI8KWKL8qGIDKYhXBe9tIRvWantCylocv73d3JZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUifWlV9OwCZGkYR9cjR7MoRc56DYwHwYDVR0jBBgwFoAUFfTvBPWvI5bJ
XxZC43kHi0iMFgswDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9hYWE3NjM5NC00
OGZjLTRmZjMtYjZhYS0wNjkzYzU1ZDc1OGYvMWIxZmU2NzMyMWNmNjY5ZjljMmI3
NTM2OWNjMGZkZDM4YzE2M2M1OGIxZDQyZDAxMDcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZmY5ZmE4NGUtOTc4My00YTBiLWE1OGQtNmRj
OGUyNDMzZDMzLzBkZWUwNDE0LThkNjctNDM3NC1iZDcyLTU2ZGI3ZmZkOWIxYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2ZmOWZhODRlLTk3ODMtNGEwYi1hNThk
LTZkYzhlMjQzM2QzMy96MmFmbkN0MU5wekFfZE9NRmp4WXNkUXRBUWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCtUjANBgkqhkiG9w0BAQsFAAOCAQEAHWGZlcCjahepnYTEclydiEu3udUW
zgilb4xWI6JdofjvLw7B5tar5nOFbIfILdX7EiVRXRmy/OkU3pxaFV7788FvFtg1
PHTm75p+/pTVrSorbGJHKiZz7w0x9qdoiikCpHg3U/S4LTQxJeqy9+5R7T4RcAhO
GHf0ttIOGB8a84LR06ksiRw1HhlMEibXTOuA36jDp0PqqH/VjO26MybMHFNsIaJe
9JXftBt+MkwzxfVmCI59LNRyKTELwbO/CahfyZ0XuakCEDISvRWeIQXUfcq+W+Xv
uSUYsb/+6Rbnm12BbDzURYoB+1n+IqefD+Cy6MPWmGBVbEbffTcZFSTwTA==
-----END CERTIFICATE-----