Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/2d6a17c2-b155-4b32-933b-3f7043e2cecc/d64e08ed-e92c-3535-8921-9eee6e64ba61.roa
File:                     d64e08ed-e92c-3535-8921-9eee6e64ba61.roa (raw, json)
Hash identifier:          RJWEuxmOHSQM8E1q1aTYbWjgCsYXPrA7p01yHaIV6yI=
Subject key identifier:   18:83:C4:FB:DF:C1:0F:65:45:10:77:45:39:32:0F:9A:BC:F2:3B:67
Certificate issuer:       /CN=2d6a17c2-b155-4b32-933b-3f7043e2cecc
Certificate serial:       010D0C9F432858464A44664FCFB255E4A99023C0
Authority key identifier: 0B:75:35:AC:19:65:B0:66:0B:65:F7:2F:F2:E3:7F:C4:7A:A3:03:56
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/2d6a17c2-b155-4b32-933b-3f7043e2cecc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/2d6a17c2-b155-4b32-933b-3f7043e2cecc/d64e08ed-e92c-3535-8921-9eee6e64ba61.roa
Signing time:             Sat 22 Jun 2024 01:00:24 +0000
ROA not before:           Sat 22 Jun 2024 01:00:24 +0000
ROA not after:            Fri 20 Sep 2024 01:00:24 +0000
asID:                     63023
IP address blocks:        67.220.85.0/24 maxlen: 24
                          67.220.86.0/24 maxlen: 24
                          67.220.95.0/24 maxlen: 24
                          68.168.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Aug 2024 23:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:4a:44:66:4f:cf:b2:55:e4:a9:90:23:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d6a17c2-b155-4b32-933b-3f7043e2cecc
        Validity
            Not Before: Jun 22 01:00:24 2024 GMT
            Not After : Sep 20 01:00:24 2024 GMT
        Subject: CN=d5f72b2c-35d5-4bb8-a2ed-87ed05e77802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:da:2d:6e:88:9b:8a:30:19:c0:9d:94:7e:75:
                    2f:bb:5d:4a:59:19:d2:81:fb:a2:1f:17:a0:26:1c:
                    b7:9c:df:7b:6b:dc:2d:96:ca:18:a5:22:66:ce:16:
                    4a:71:a0:d1:33:27:96:ca:33:ff:40:e7:f3:83:59:
                    dd:5f:1b:e5:38:49:cd:f8:b8:59:f5:75:f4:b6:21:
                    57:ae:46:f7:f8:f9:fd:26:db:89:90:03:dd:b7:e2:
                    f3:f8:c2:71:2b:74:87:9b:44:d6:d2:09:89:ef:85:
                    4a:04:55:80:cf:ab:3a:15:82:46:b8:90:8f:47:48:
                    1f:28:49:3a:15:1f:d8:8e:aa:5a:3e:64:a0:44:d5:
                    0c:54:7e:f6:1e:0e:dc:5e:fb:c5:c9:92:08:8d:21:
                    b5:ac:af:ac:c4:4f:f5:dc:ee:d6:8b:24:96:9a:cc:
                    a1:b1:1f:3b:7f:99:19:b0:33:d6:91:bf:d3:af:63:
                    12:63:6f:94:b9:b0:ae:86:f9:14:3c:f4:f8:0a:f6:
                    2f:94:aa:bf:2b:7d:c2:10:7e:72:94:a3:00:71:b5:
                    e8:ed:5b:df:99:f6:16:64:d6:b2:b2:f9:d5:90:c3:
                    43:14:ab:80:9f:e4:e7:26:89:00:48:5e:f4:d8:b5:
                    ac:b6:df:d3:44:90:c9:9b:ce:10:bb:0b:b5:72:80:
                    54:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:83:C4:FB:DF:C1:0F:65:45:10:77:45:39:32:0F:9A:BC:F2:3B:67
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/2d6a17c2-b155-4b32-933b-3f7043e2cecc/d64e08ed-e92c-3535-8921-9eee6e64ba61.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/2d6a17c2-b155-4b32-933b-3f7043e2cecc/2d6a17c2-b155-4b32-933b-3f7043e2cecc.crl

            X509v3 Authority Key Identifier:
                keyid:0B:75:35:AC:19:65:B0:66:0B:65:F7:2F:F2:E3:7F:C4:7A:A3:03:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/2d6a17c2-b155-4b32-933b-3f7043e2cecc.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  67.220.85.0-67.220.86.255
                  67.220.95.0/24
                  68.168.31.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         7d:18:f0:9e:c5:60:d5:ca:77:49:61:22:5c:70:37:b3:48:68:
         a9:92:b5:91:be:95:bc:f2:63:fe:1d:d7:4c:65:65:ca:79:ec:
         11:59:79:2a:f6:ec:78:95:92:0f:ef:31:f2:52:f3:0b:6e:6f:
         aa:71:eb:c0:e5:cc:e3:e3:97:2c:23:01:06:ce:b8:45:f6:a5:
         c1:46:d4:ab:9b:9e:d9:ce:10:28:33:44:a7:d0:00:62:54:f6:
         e5:87:42:57:3c:d1:c1:9f:70:71:fd:96:df:2f:05:15:1c:db:
         cc:03:21:be:70:97:ea:ef:55:51:dd:47:e8:39:af:45:ba:fa:
         d2:8b:14:15:fc:c6:a6:83:ca:70:6a:1f:42:b0:f6:18:22:b6:
         03:06:11:01:dc:54:8a:75:f5:53:8b:05:09:05:29:69:d9:c2:
         c4:c7:6c:4b:a7:47:ce:fa:f5:c0:05:be:44:3f:f3:5f:47:8a:
         f5:95:02:4a:54:7f:71:9d:07:1d:44:a1:b1:f2:06:35:9e:7f:
         51:68:de:a0:36:79:64:58:b0:fd:4a:b4:92:b3:24:06:51:ae:
         d5:5d:0f:6d:f8:fb:a8:5a:32:6e:1d:78:ac:8d:38:72:b9:90:
         ef:de:8c:d0:b3:c8:a4:93:c2:ae:39:da:0f:ee:44:98:62:c6:
         c9:24:24:6c
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgIUAQ0Mn0MoWEZKRGZPz7JV5KmQI8AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMmQ2YTE3YzItYjE1NS00YjMyLTkzM2ItM2Y3MDQzZTJj
ZWNjMB4XDTI0MDYyMjAxMDAyNFoXDTI0MDkyMDAxMDAyNFowLzEtMCsGA1UEAxMk
ZDVmNzJiMmMtMzVkNS00YmI4LWEyZWQtODdlZDA1ZTc3ODAyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtotboibijAZwJ2UfnUvu11KWRnSgfuiHxeg
Jhy3nN97a9wtlsoYpSJmzhZKcaDRMyeWyjP/QOfzg1ndXxvlOEnN+LhZ9XX0tiFX
rkb3+Pn9JtuJkAPdt+Lz+MJxK3SHm0TW0gmJ74VKBFWAz6s6FYJGuJCPR0gfKEk6
FR/YjqpaPmSgRNUMVH72Hg7cXvvFyZIIjSG1rK+sxE/13O7WiySWmsyhsR87f5kZ
sDPWkb/Tr2MSY2+UubCuhvkUPPT4CvYvlKq/K33CEH5ylKMAcbXo7VvfmfYWZNay
svnVkMNDFKuAn+TnJokASF702LWstt/TRJDJm84Quwu1coBUiQIDAQABo4IDaTCC
A2UwHQYDVR0OBBYEFBiDxPvfwQ9lRRB3RTkyD5q88jtnMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8yZDZh
MTdjMi1iMTU1LTRiMzItOTMzYi0zZjcwNDNlMmNlY2MvZDY0ZTA4ZWQtZTkyYy0z
NTM1LTg5MjEtOWVlZTZlNjRiYTYxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3MjcyYy1h
NzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvMmQ2YTE3YzItYjE1NS00YjMyLTkz
M2ItM2Y3MDQzZTJjZWNjLzJkNmExN2MyLWIxNTUtNGIzMi05MzNiLTNmNzA0M2Uy
Y2VjYy5jcmwwHwYDVR0jBBgwFoAUC3U1rBllsGYLZfcv8uN/xHqjA1YwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEtNDVi
Zi05NTg2LTkyZGQ0OWVmMzIyMy8yZDZhMTdjMi1iMTU1LTRiMzItOTMzYi0zZjcw
NDNlMmNlY2MuY2VyMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABD3FUD
BABD3FYDBABD3F8DBABEqB8wVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgG
CCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9j
cHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAfRjwnsVg1cp3SWEiXHA3s0hoqZK1
kb6VvPJj/h3XTGVlynnsEVl5KvbseJWSD+8x8lLzC25vqnHrwOXM4+OXLCMBBs64
RfalwUbUq5ue2c4QKDNEp9AAYlT25YdCVzzRwZ9wcf2W3y8FFRzbzAMhvnCX6u9V
Ud1H6DmvRbr60osUFfzGpoPKcGofQrD2GCK2AwYRAdxUinX1U4sFCQUpadnCxMds
S6dHzvr1wAW+RD/zX0eK9ZUCSlR/cZ0HHUShsfIGNZ5/UWjeoDZ5ZFiw/Uq0krMk
BlGu1V0Pbfj7qFoybh14rI04crmQ796M0LPIpJPCrjnaD+5EmGLGySQkbA==
-----END CERTIFICATE-----