Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/56a23346-5a0e-4976-9b33-3b4d1d90cfa3/cf5b96af-e9db-3416-b3c6-6b5c72481da8.roa
File:                     cf5b96af-e9db-3416-b3c6-6b5c72481da8.roa (raw, json)
Hash identifier:          +/B3YNMOpnV43Hjx3TNU1Zy5dc0DzJBpqZCGsQTkJZ8=
Subject key identifier:   4B:C0:3A:43:8C:95:93:89:9A:03:FE:27:FA:E0:B9:03:D7:13:D8:C6
Certificate issuer:       /CN=56a23346-5a0e-4976-9b33-3b4d1d90cfa3
Certificate serial:       010D0C9F43285844A75AB95E843BBAFEAD1D4B00
Authority key identifier: BF:20:32:E5:7B:D7:81:C7:C0:B0:29:98:B3:33:55:D1:62:33:E8:99
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/56a23346-5a0e-4976-9b33-3b4d1d90cfa3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/56a23346-5a0e-4976-9b33-3b4d1d90cfa3/cf5b96af-e9db-3416-b3c6-6b5c72481da8.roa
Signing time:             Tue 23 Jan 2024 23:41:56 +0000
ROA not before:           Tue 23 Jan 2024 23:41:56 +0000
ROA not after:            Mon 22 Apr 2024 22:41:56 +0000
asID:                     22765
IP address blocks:        72.20.200.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 16:58:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:44:a7:5a:b9:5e:84:3b:ba:fe:ad:1d:4b:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56a23346-5a0e-4976-9b33-3b4d1d90cfa3
        Validity
            Not Before: Jan 23 23:41:56 2024 GMT
            Not After : Apr 22 22:41:56 2024 GMT
        Subject: CN=1007c7d8-c2e0-4124-b6ee-eae17fe95dcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:74:6a:d2:d8:93:88:99:dc:6c:a6:87:8d:62:
                    bf:9d:c7:cf:aa:4c:1e:cb:08:3e:c0:49:57:6e:46:
                    bd:19:6f:42:1d:04:e5:e3:e2:6d:6c:fc:89:b7:71:
                    e6:72:b5:bd:1f:5b:1f:6b:29:1a:8a:b6:84:53:9a:
                    1b:d1:ff:83:e3:16:fb:23:5d:25:78:8d:6f:a8:8d:
                    f7:b0:8d:f4:2d:9f:d6:c1:ac:58:00:19:4c:97:8f:
                    31:26:2d:c8:01:82:68:70:a1:3d:84:3a:7f:1e:1b:
                    fc:a0:17:a6:13:cb:f6:69:fa:92:70:e9:2c:f5:52:
                    4d:94:eb:02:74:f9:bb:39:30:44:f3:a3:ff:49:fe:
                    8a:3b:81:be:b5:5e:a9:bd:c6:86:8f:d7:52:10:c4:
                    14:59:9e:48:68:fb:93:ea:b4:ab:ce:3a:dd:d1:b8:
                    ec:ba:aa:c0:38:95:b9:89:cf:57:9e:f2:5d:3c:7b:
                    1c:53:ed:b4:31:e0:35:35:f3:d6:df:41:54:bc:e4:
                    fa:66:16:15:14:30:c1:6b:81:c1:bd:22:36:c8:66:
                    f5:59:74:e9:16:5d:2e:ae:c0:5d:a6:27:df:9b:cc:
                    bd:48:b4:71:8a:8e:a5:5c:c8:51:54:c1:f5:ce:97:
                    cb:16:95:d9:44:06:42:63:18:02:df:f5:b5:74:1f:
                    3f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:C0:3A:43:8C:95:93:89:9A:03:FE:27:FA:E0:B9:03:D7:13:D8:C6
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/56a23346-5a0e-4976-9b33-3b4d1d90cfa3/cf5b96af-e9db-3416-b3c6-6b5c72481da8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/56a23346-5a0e-4976-9b33-3b4d1d90cfa3/56a23346-5a0e-4976-9b33-3b4d1d90cfa3.crl

            X509v3 Authority Key Identifier:
                keyid:BF:20:32:E5:7B:D7:81:C7:C0:B0:29:98:B3:33:55:D1:62:33:E8:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/56a23346-5a0e-4976-9b33-3b4d1d90cfa3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.20.200.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         56:e0:74:2e:a4:e9:d6:15:2a:23:bd:13:e0:ef:a0:6f:5a:da:
         4d:47:87:26:16:f5:41:20:27:a8:cc:03:4f:22:1c:a6:e5:63:
         01:4c:ab:61:f4:75:e1:9d:a0:10:9f:e4:72:c6:d7:33:1c:d7:
         f0:6e:ee:99:37:dd:c8:78:81:04:8c:4f:69:ca:63:7c:ac:ee:
         77:01:45:92:96:1b:8c:ad:66:48:68:00:5f:3d:40:5f:6e:8c:
         8d:5b:c9:03:db:94:d6:0a:82:84:a2:5f:dd:3e:0d:0f:3e:95:
         3a:9c:7c:db:f2:58:eb:7e:e3:a9:07:cf:49:6d:99:b5:46:d3:
         70:91:9b:e9:87:70:51:71:06:a3:91:67:af:83:fa:c8:cc:c3:
         2d:41:99:77:1e:a7:b9:3f:16:af:32:07:4a:68:99:37:9b:43:
         17:2f:07:02:ce:0d:3d:33:40:2a:0d:0d:da:05:dc:da:38:63:
         66:04:a9:de:1e:0c:f9:41:d7:00:90:b2:e7:88:4d:9b:b4:9e:
         40:d0:9e:6e:18:d8:e3:64:f9:01:fd:99:90:96:e2:90:c2:c6:
         11:4f:e3:10:74:c6:a2:26:7c:f4:d5:5e:e2:40:20:ee:e7:9a:
         5f:ef:aa:5f:15:6f:a7:c3:ca:62:48:9f:14:b7:7a:6e:03:13:
         1d:ed:18:ea
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWESnWrlehDu6/q0dSwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNTZhMjMzNDYtNWEwZS00OTc2LTliMzMtM2I0ZDFkOTBj
ZmEzMB4XDTI0MDEyMzIzNDE1NloXDTI0MDQyMjIyNDE1NlowLzEtMCsGA1UEAxMk
MTAwN2M3ZDgtYzJlMC00MTI0LWI2ZWUtZWFlMTdmZTk1ZGNjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HRq0tiTiJncbKaHjWK/ncfPqkweywg+wElX
bka9GW9CHQTl4+JtbPyJt3HmcrW9H1sfaykairaEU5ob0f+D4xb7I10leI1vqI33
sI30LZ/WwaxYABlMl48xJi3IAYJocKE9hDp/Hhv8oBemE8v2afqScOks9VJNlOsC
dPm7OTBE86P/Sf6KO4G+tV6pvcaGj9dSEMQUWZ5IaPuT6rSrzjrd0bjsuqrAOJW5
ic9XnvJdPHscU+20MeA1NfPW30FUvOT6ZhYVFDDBa4HBvSI2yGb1WXTpFl0ursBd
piffm8y9SLRxio6lXMhRVMH1zpfLFpXZRAZCYxgC3/W1dB8/WQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFEvAOkOMlZOJmgP+J/rguQPXE9jGMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi81NmEy
MzM0Ni01YTBlLTQ5NzYtOWIzMy0zYjRkMWQ5MGNmYTMvY2Y1Yjk2YWYtZTlkYi0z
NDE2LWIzYzYtNmI1YzcyNDgxZGE4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81YjdmYjEyMi1k
ZmRmLTRjMGMtYjkwZC0zYmM3YTVmZWI4MmIvNTZhMjMzNDYtNWEwZS00OTc2LTli
MzMtM2I0ZDFkOTBjZmEzLzU2YTIzMzQ2LTVhMGUtNDk3Ni05YjMzLTNiNGQxZDkw
Y2ZhMy5jcmwwHwYDVR0jBBgwFoAUvyAy5XvXgcfAsCmYszNV0WIz6JkwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMw
Yy1iOTBkLTNiYzdhNWZlYjgyYi81NmEyMzM0Ni01YTBlLTQ5NzYtOWIzMy0zYjRk
MWQ5MGNmYTMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCSBTIMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFbgdC6k6dYVKiO9E+DvoG9a2k1HhyYW9UEgJ6jMA08iHKblYwFMq2H0
deGdoBCf5HLG1zMc1/Bu7pk33ch4gQSMT2nKY3ys7ncBRZKWG4ytZkhoAF89QF9u
jI1byQPblNYKgoSiX90+DQ8+lTqcfNvyWOt+46kHz0ltmbVG03CRm+mHcFFxBqOR
Z6+D+sjMwy1BmXcep7k/Fq8yB0pomTebQxcvBwLODT0zQCoNDdoF3No4Y2YEqd4e
DPlB1wCQsueITZu0nkDQnm4Y2ONk+QH9mZCW4pDCxhFP4xB0xqImfPTVXuJAIO7n
ml/vql8Vb6fDymJInxS3em4DEx3tGOo=
-----END CERTIFICATE-----