Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7/29bf48cb-bfcf-35da-8782-3603ab8a6c3c.roa
File:                     29bf48cb-bfcf-35da-8782-3603ab8a6c3c.roa (raw, json)
Hash identifier:          WWem4zut94wGDRaIw7LlbDpzzsZw5Ofor80ujELE/iE=
Subject key identifier:   70:1D:9D:D5:1B:17:65:99:8F:AC:29:72:38:1D:56:BC:7B:6B:AA:8C
Certificate issuer:       /CN=b56f665d-3c28-457f-ab6f-a47444d6d1f7
Certificate serial:       010D0C9F4328583EF340BBFF4D61D74E4C731E00
Authority key identifier: FB:11:63:27:81:CE:E3:9A:28:74:74:C2:28:2C:2E:94:DD:83:08:C4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7/29bf48cb-bfcf-35da-8782-3603ab8a6c3c.roa
Signing time:             Fri 12 Aug 2022 20:12:17 +0000
ROA not before:           Fri 12 Aug 2022 20:12:17 +0000
ROA not after:            Thu 14 Nov 2024 05:00:00 +0000
asID:                     20460
IP address blocks:        72.14.131.0/24 maxlen: 24
                          72.14.128.0/24 maxlen: 24
                          72.14.129.0/24 maxlen: 24
                          72.14.130.0/24 maxlen: 24
                          72.14.140.0/24 maxlen: 24
                          72.14.145.0/24 maxlen: 24
                          72.14.150.0/24 maxlen: 24
                          72.14.152.0/24 maxlen: 24
                          72.14.155.0/24 maxlen: 24
                          72.14.156.0/24 maxlen: 24
                          72.14.158.0/24 maxlen: 24
                          72.14.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 02 Nov 2022 03:35:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3e:f3:40:bb:ff:4d:61:d7:4e:4c:73:1e:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56f665d-3c28-457f-ab6f-a47444d6d1f7
        Validity
            Not Before: Aug 12 20:12:17 2022 GMT
            Not After : Nov 14 05:00:00 2024 GMT
        Subject: CN=d0842337-e7ac-4269-9032-6cb2579212df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:30:4e:3e:c1:8f:e6:b0:30:f0:c7:43:a7:c8:
                    c8:ec:fb:bd:2a:f2:23:d5:4c:d8:5e:f0:8f:89:b3:
                    5a:87:08:5d:c2:5e:8a:8c:8d:85:47:df:b8:20:34:
                    ec:66:19:f5:63:03:28:ed:48:20:97:b2:31:2b:1c:
                    97:08:35:49:ff:74:dc:43:74:b9:34:54:94:04:48:
                    ed:89:62:d9:b8:5e:46:31:b2:ec:c0:62:0a:34:32:
                    fb:9f:3d:af:62:e2:85:30:6f:bc:c7:3c:15:b8:42:
                    b9:37:39:9d:1d:bf:51:62:6e:59:a6:fd:4b:82:6a:
                    e8:f0:1e:cf:46:48:5b:d4:f8:1e:be:90:a2:30:3c:
                    f2:13:f8:6a:80:e7:ee:d2:84:55:23:2d:fc:12:4e:
                    aa:5f:e6:18:92:fa:15:c4:8a:30:d1:2e:37:d4:00:
                    01:1a:51:e7:56:b2:92:f2:2e:c7:0c:dc:24:33:d5:
                    54:52:e6:66:b6:1a:37:fe:c8:7a:71:5e:8f:0b:ea:
                    e6:5a:fe:53:8c:cd:d7:c5:21:b0:87:13:92:85:15:
                    3a:0b:2e:a6:6d:70:e4:c2:31:ec:0a:df:86:57:9c:
                    b2:17:ed:58:68:b3:cf:3d:e0:8d:4c:d2:3c:e4:1b:
                    26:5d:c4:25:27:96:8c:aa:38:4c:99:ec:dd:f4:39:
                    a5:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:1D:9D:D5:1B:17:65:99:8F:AC:29:72:38:1D:56:BC:7B:6B:AA:8C
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7/29bf48cb-bfcf-35da-8782-3603ab8a6c3c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7/b56f665d-3c28-457f-ab6f-a47444d6d1f7.crl

            X509v3 Authority Key Identifier:
                keyid:FB:11:63:27:81:CE:E3:9A:28:74:74:C2:28:2C:2E:94:DD:83:08:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b56f665d-3c28-457f-ab6f-a47444d6d1f7.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.14.128.0/22
                  72.14.140.0/24
                  72.14.145.0/24
                  72.14.150.0/24
                  72.14.152.0/24
                  72.14.155.0-72.14.156.255
                  72.14.158.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         7d:fe:91:ec:28:46:22:c0:e5:c1:2e:8d:c2:99:ce:57:bb:fd:
         94:e4:cd:15:0c:87:92:32:d9:cd:b8:9b:fc:ab:04:c7:68:80:
         26:68:fb:09:b6:9f:7d:01:ff:8c:d2:ee:af:f1:43:1a:9a:f2:
         7e:91:d4:fa:4d:5d:42:1c:81:e5:a5:43:77:22:ed:85:f9:ec:
         4a:d3:0a:df:ff:b8:41:44:09:e7:e2:2a:c6:ea:fe:d8:c6:09:
         60:50:4d:f4:6f:1b:23:98:cb:8b:69:e1:09:cf:40:1b:0c:e7:
         cb:da:e9:a7:1a:ad:ba:25:21:1a:c1:4c:20:47:a7:35:9f:53:
         f6:5a:9f:9d:5b:a0:9c:b6:9a:8c:bb:f3:e5:7a:b0:14:3f:b7:
         b9:cc:e7:04:bc:84:b8:a8:f0:dc:9b:ca:8d:14:65:ab:a9:3d:
         cb:04:03:5d:4b:e1:b7:78:bd:01:f5:f8:42:4f:25:23:e0:23:
         11:3f:56:e6:ad:bb:68:9a:f8:0f:d7:f2:12:91:23:70:42:4a:
         32:d6:0c:35:62:a5:2b:57:27:15:5b:d1:41:3e:ff:de:3e:db:
         8d:b2:b3:6c:98:cc:f7:c1:08:98:3d:2a:e2:dc:55:db:df:c6:
         b1:1d:00:b3:3a:83:31:4b:62:de:82:02:94:28:9e:50:1a:bf:
         b9:92:31:c7
-----BEGIN CERTIFICATE-----
MIIGbzCCBVegAwIBAgIUAQ0Mn0MoWD7zQLv/TWHXTkxzHgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjU2ZjY2NWQtM2MyOC00NTdmLWFiNmYtYTQ3NDQ0ZDZk
MWY3MB4XDTIyMDgxMjIwMTIxN1oXDTI0MTExNDA1MDAwMFowLzEtMCsGA1UEAxMk
ZDA4NDIzMzctZTdhYy00MjY5LTkwMzItNmNiMjU3OTIxMmRmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDBOPsGP5rAw8MdDp8jI7Pu9KvIj1UzYXvCP
ibNahwhdwl6KjI2FR9+4IDTsZhn1YwMo7Uggl7IxKxyXCDVJ/3TcQ3S5NFSUBEjt
iWLZuF5GMbLswGIKNDL7nz2vYuKFMG+8xzwVuEK5NzmdHb9RYm5Zpv1Lgmro8B7P
Rkhb1PgevpCiMDzyE/hqgOfu0oRVIy38Ek6qX+YYkvoVxIow0S431AABGlHnVrKS
8i7HDNwkM9VUUuZmtho3/sh6cV6PC+rmWv5TjM3XxSGwhxOShRU6Cy6mbXDkwjHs
Ct+GV5yyF+1YaLPPPeCNTNI85BsmXcQlJ5aMqjhMmezd9DmljwIDAQABo4IDgTCC
A30wHQYDVR0OBBYEFHAdndUbF2WZj6wpcjgdVrx7a6qMMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9iNTZm
NjY1ZC0zYzI4LTQ1N2YtYWI2Zi1hNDc0NDRkNmQxZjcvMjliZjQ4Y2ItYmZjZi0z
NWRhLTg3ODItMzYwM2FiOGE2YzNjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3MjcyYy1h
NzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvYjU2ZjY2NWQtM2MyOC00NTdmLWFi
NmYtYTQ3NDQ0ZDZkMWY3L2I1NmY2NjVkLTNjMjgtNDU3Zi1hYjZmLWE0NzQ0NGQ2
ZDFmNy5jcmwwHwYDVR0jBBgwFoAU+xFjJ4HO45oodHTCKCwulN2DCMQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEtNDVi
Zi05NTg2LTkyZGQ0OWVmMzIyMy9iNTZmNjY1ZC0zYzI4LTQ1N2YtYWI2Zi1hNDc0
NDRkNmQxZjcuY2VyMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCSA6AAwQA
SA6MAwQASA6RAwQASA6WAwQASA6YMAwDBABIDpsDBABIDpwDBAFIDp4wVAYDVR0g
AQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5h
cmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOC
AQEAff6R7ChGIsDlwS6NwpnOV7v9lOTNFQyHkjLZzbib/KsEx2iAJmj7CbaffQH/
jNLur/FDGpryfpHU+k1dQhyB5aVDdyLthfnsStMK3/+4QUQJ5+Iqxur+2MYJYFBN
9G8bI5jLi2nhCc9AGwzny9rppxqtuiUhGsFMIEenNZ9T9lqfnVugnLaajLvz5Xqw
FD+3ucznBLyEuKjw3JvKjRRlq6k9ywQDXUvht3i9AfX4Qk8lI+AjET9W5q27aJr4
D9fyEpEjcEJKMtYMNWKlK1cnFVvRQT7/3j7bjbKzbJjM98EImD0q4txV29/GsR0A
szqDMUti3oIClCieUBq/uZIxxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:07:48 2024 by rpki-client on console-ams.rpki-client.org