Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/27c7a344-4bc7-468b-ad30-3b9c006cd0c8/bfd429b5-c7b2-323f-a5a4-5d08fb5b5508.roa
File:                     bfd429b5-c7b2-323f-a5a4-5d08fb5b5508.roa (raw, json)
Hash identifier:          b4PO9yR+z2CYUGCm6eR2lUH9kwehV02gYJM9/sfAaGY=
Subject key identifier:   2B:95:DB:4D:C3:32:E7:E8:D8:60:0E:EC:C6:13:0A:FA:31:22:38:58
Certificate issuer:       /CN=27c7a344-4bc7-468b-ad30-3b9c006cd0c8
Certificate serial:       010D0C9F43285848ADC60C78CD592DB8A8FDEA80
Authority key identifier: D9:4A:87:E9:9F:64:F3:92:1C:80:49:03:D0:E0:01:6E:63:18:33:DD
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/27c7a344-4bc7-468b-ad30-3b9c006cd0c8.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/27c7a344-4bc7-468b-ad30-3b9c006cd0c8/bfd429b5-c7b2-323f-a5a4-5d08fb5b5508.roa
Signing time:             Mon 27 Jan 2025 02:00:39 +0000
ROA not before:           Mon 27 Jan 2025 02:00:39 +0000
ROA not after:            Sun 27 Apr 2025 01:00:39 +0000
asID:                     11758
IP address blocks:        104.171.208.0/24 maxlen: 24
                          104.171.209.0/24 maxlen: 24
                          104.171.210.0/24 maxlen: 24
                          104.171.211.0/24 maxlen: 24
                          104.171.212.0/24 maxlen: 24
                          104.171.213.0/24 maxlen: 24
                          104.171.214.0/24 maxlen: 24
                          104.171.215.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 06 Mar 2025 20:04:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:ad:c6:0c:78:cd:59:2d:b8:a8:fd:ea:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c7a344-4bc7-468b-ad30-3b9c006cd0c8
        Validity
            Not Before: Jan 27 02:00:39 2025 GMT
            Not After : Apr 27 01:00:39 2025 GMT
        Subject: CN=c9999769-4434-4faa-b908-bb6e149eeeb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b0:74:bd:57:61:86:63:13:61:66:3d:40:7a:
                    ec:7b:02:8d:fe:48:f6:e0:ad:ed:ae:ea:d6:f3:da:
                    21:4b:5b:aa:a5:75:3b:47:aa:57:15:f6:5a:36:c7:
                    b0:0e:4c:34:51:a4:f9:70:f4:5d:4d:42:73:b4:fa:
                    f2:bf:62:a3:ba:5e:f2:c8:a0:b9:91:49:2f:08:d6:
                    ff:aa:04:cb:44:5a:ee:bf:85:8a:c6:02:d2:49:4f:
                    55:53:55:a4:e7:9a:b8:6a:92:f9:2b:a9:12:f1:24:
                    ed:7e:31:b4:c4:47:d6:01:d8:bd:4a:87:8c:f8:87:
                    9c:57:d5:14:0c:04:f2:86:40:85:ec:2c:54:48:27:
                    81:18:45:1a:5b:6d:dc:ca:85:13:9e:ba:49:fe:43:
                    c3:64:f4:86:d8:ec:dd:96:4c:ab:a2:72:59:55:9c:
                    b3:90:9e:17:83:b3:fd:8a:cb:e1:7f:2a:72:3a:3a:
                    f2:7f:4c:ec:10:4b:60:87:91:cf:1c:78:8a:6e:1b:
                    01:03:22:5b:bf:c6:7b:d2:85:73:a2:8a:ce:6d:29:
                    ef:c9:bb:df:76:4e:22:20:df:bc:ef:d6:e3:cd:2a:
                    71:92:49:3d:80:dd:c5:44:77:ba:40:2c:81:11:12:
                    4d:df:de:e0:dc:08:5f:e3:36:d4:6b:9f:28:d4:20:
                    90:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:95:DB:4D:C3:32:E7:E8:D8:60:0E:EC:C6:13:0A:FA:31:22:38:58
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/27c7a344-4bc7-468b-ad30-3b9c006cd0c8/bfd429b5-c7b2-323f-a5a4-5d08fb5b5508.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/27c7a344-4bc7-468b-ad30-3b9c006cd0c8/27c7a344-4bc7-468b-ad30-3b9c006cd0c8.crl

            X509v3 Authority Key Identifier:
                keyid:D9:4A:87:E9:9F:64:F3:92:1C:80:49:03:D0:E0:01:6E:63:18:33:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/27c7a344-4bc7-468b-ad30-3b9c006cd0c8.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.171.208.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         66:3e:95:6a:25:ff:6a:93:3e:d7:8b:57:54:3f:32:60:25:c5:
         9d:0e:78:fe:b6:93:cf:66:31:25:cd:67:dd:c6:7b:f7:e1:1a:
         08:ce:48:cd:f1:e8:f6:0a:37:a3:69:21:2e:37:f6:4e:a1:95:
         8a:e8:95:5e:87:c6:74:78:c6:dc:3b:7d:56:8d:ea:42:08:86:
         a3:b4:c0:68:1f:9e:9e:9d:ec:02:5d:b8:02:a3:ad:15:56:2e:
         f7:f2:c5:45:28:ec:7c:e1:c9:03:b2:bb:28:3b:51:c2:73:57:
         0a:d4:c9:99:25:16:b3:ef:2d:6f:e6:8e:f1:f5:e5:8a:f3:d6:
         e8:74:b1:b4:60:e9:75:f9:9b:8e:f6:6b:a6:76:ac:7c:18:3f:
         87:6b:fe:14:95:98:c0:31:18:33:9f:1a:24:64:33:23:ce:fc:
         90:3f:1e:28:be:fa:81:50:46:0d:3f:94:a6:4f:e9:97:54:08:
         10:61:65:40:b8:1b:fb:e3:bf:88:66:04:3a:95:88:13:36:be:
         27:65:24:a2:32:68:d1:2f:15:0e:f0:85:45:7b:8f:23:92:80:
         f4:53:87:e6:84:25:3b:d2:0c:68:63:93:1f:56:e2:49:a0:c9:
         36:ed:6b:54:3a:2c:4c:9b:20:57:7d:f8:27:e3:8b:d3:bb:29:
         5e:d1:a6:ae
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEitxgx4zVktuKj96oAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMjdjN2EzNDQtNGJjNy00NjhiLWFkMzAtM2I5YzAwNmNk
MGM4MB4XDTI1MDEyNzAyMDAzOVoXDTI1MDQyNzAxMDAzOVowLzEtMCsGA1UEAxMk
Yzk5OTk3NjktNDQzNC00ZmFhLWI5MDgtYmI2ZTE0OWVlZWIzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrB0vVdhhmMTYWY9QHrsewKN/kj24K3trurW
89ohS1uqpXU7R6pXFfZaNsewDkw0UaT5cPRdTUJztPryv2Kjul7yyKC5kUkvCNb/
qgTLRFruv4WKxgLSSU9VU1Wk55q4apL5K6kS8STtfjG0xEfWAdi9SoeM+IecV9UU
DATyhkCF7CxUSCeBGEUaW23cyoUTnrpJ/kPDZPSG2OzdlkyronJZVZyzkJ4Xg7P9
isvhfypyOjryf0zsEEtgh5HPHHiKbhsBAyJbv8Z70oVzoorObSnvybvfdk4iIN+8
79bjzSpxkkk9gN3FRHe6QCyBERJN397g3Ahf4zbUa58o1CCQMQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFCuV203DMufo2GAO7MYTCvoxIjhYMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8yN2M3
YTM0NC00YmM3LTQ2OGItYWQzMC0zYjljMDA2Y2QwYzgvYmZkNDI5YjUtYzdiMi0z
MjNmLWE1YTQtNWQwOGZiNWI1NTA4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvMjdjN2EzNDQtNGJjNy00NjhiLWFk
MzAtM2I5YzAwNmNkMGM4LzI3YzdhMzQ0LTRiYzctNDY4Yi1hZDMwLTNiOWMwMDZj
ZDBjOC5jcmwwHwYDVR0jBBgwFoAU2UqH6Z9k85IcgEkD0OABbmMYM90wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi8yN2M3YTM0NC00YmM3LTQ2OGItYWQzMC0zYjlj
MDA2Y2QwYzguY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDaKvQMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGY+lWol/2qTPteLV1Q/MmAlxZ0OeP62k89mMSXNZ93Ge/fhGgjOSM3x
6PYKN6NpIS439k6hlYrolV6HxnR4xtw7fVaN6kIIhqO0wGgfnp6d7AJduAKjrRVW
LvfyxUUo7HzhyQOyuyg7UcJzVwrUyZklFrPvLW/mjvH15Yrz1uh0sbRg6XX5m472
a6Z2rHwYP4dr/hSVmMAxGDOfGiRkMyPO/JA/Hii++oFQRg0/lKZP6ZdUCBBhZUC4
G/vjv4hmBDqViBM2vidlJKIyaNEvFQ7whUV7jyOSgPRTh+aEJTvSDGhjkx9W4kmg
yTbta1Q6LEybIFd9+Cfji9O7KV7Rpq4=
-----END CERTIFICATE-----