Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/3d291b6a-1b30-4fc0-b1dd-582ab98347d6/ae4d2f42-df41-3a13-bf63-935e7905dc93.roa
File:                     ae4d2f42-df41-3a13-bf63-935e7905dc93.roa (raw, json)
Hash identifier:          qOpTAcCope+plhHX7SQ26YjcgEfWcF4errLiSUwaTcc=
Subject key identifier:   79:7A:49:2A:78:56:F2:E1:80:90:14:55:F2:96:AC:53:6B:C1:86:20
Certificate issuer:       /CN=3d291b6a-1b30-4fc0-b1dd-582ab98347d6
Certificate serial:       010D0C9F43285849419E7CCAE53C3C2C9E7F1C00
Authority key identifier: BC:F7:6D:C8:7E:F4:7A:0B:B2:C7:B8:46:A4:17:5E:45:ED:F8:72:11
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/3d291b6a-1b30-4fc0-b1dd-582ab98347d6.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/3d291b6a-1b30-4fc0-b1dd-582ab98347d6/ae4d2f42-df41-3a13-bf63-935e7905dc93.roa
Signing time:             Fri 21 Mar 2025 01:00:39 +0000
ROA not before:           Fri 21 Mar 2025 01:00:39 +0000
ROA not after:            Thu 19 Jun 2025 01:00:39 +0000
asID:                     81
IP address blocks:        2610:28::/32 maxlen: 32
Validation:               Failed, certificate revoked on Mon 07 Apr 2025 16:33:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:41:9e:7c:ca:e5:3c:3c:2c:9e:7f:1c:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d291b6a-1b30-4fc0-b1dd-582ab98347d6
        Validity
            Not Before: Mar 21 01:00:39 2025 GMT
            Not After : Jun 19 01:00:39 2025 GMT
        Subject: CN=27fd9acc-c473-4c50-b70f-4c2ede2a9ad4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:32:9b:7d:8e:86:b3:15:45:fa:13:64:1f:6c:
                    d6:b1:17:2e:f2:38:ff:45:cc:a1:81:73:1c:a0:2e:
                    01:54:15:3f:55:46:55:7f:80:65:ff:9c:31:94:fa:
                    59:19:70:63:1e:d1:ef:10:96:ff:70:a4:fa:63:98:
                    3d:01:9f:b8:a3:70:3f:78:62:7d:0e:2c:27:8f:8b:
                    3b:ae:d9:08:23:77:83:a3:79:ce:41:d2:2c:f0:05:
                    29:d7:8b:2e:ae:78:ed:fe:60:27:f6:d0:43:2c:a1:
                    90:83:ae:8d:75:cf:f7:c0:c4:c2:0f:cd:45:06:e7:
                    49:71:40:53:78:f9:af:47:cf:fc:93:65:5e:e0:30:
                    c6:66:57:0c:83:57:43:ff:d3:d0:d9:0c:34:bf:3c:
                    b7:4b:38:53:6f:9f:80:9d:3c:35:96:29:73:ed:07:
                    8b:c1:eb:ed:27:07:bf:ba:8a:6d:34:0e:bb:59:da:
                    1b:6b:ad:0a:9e:a6:29:e1:2f:8a:4b:91:7d:24:6a:
                    cd:ab:5c:26:4a:88:0c:2e:fd:f2:d8:59:8c:44:cc:
                    51:e5:7a:dd:48:19:2f:b8:f7:e2:cf:f9:6f:ff:f4:
                    d5:0b:49:ed:5b:82:2b:1c:df:da:b7:62:cb:99:62:
                    42:09:b3:2b:7f:4b:a1:49:02:67:11:8b:f7:91:f4:
                    dd:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:7A:49:2A:78:56:F2:E1:80:90:14:55:F2:96:AC:53:6B:C1:86:20
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/3d291b6a-1b30-4fc0-b1dd-582ab98347d6/ae4d2f42-df41-3a13-bf63-935e7905dc93.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/3d291b6a-1b30-4fc0-b1dd-582ab98347d6/3d291b6a-1b30-4fc0-b1dd-582ab98347d6.crl

            X509v3 Authority Key Identifier:
                keyid:BC:F7:6D:C8:7E:F4:7A:0B:B2:C7:B8:46:A4:17:5E:45:ED:F8:72:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/3d291b6a-1b30-4fc0-b1dd-582ab98347d6.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2610:28::/32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         47:9a:36:fd:86:fe:02:0c:9d:1d:71:56:84:09:74:38:7e:5a:
         09:a0:be:e8:20:df:24:a3:d6:11:4f:36:8b:db:44:2a:02:ad:
         96:60:70:b4:6d:bf:f4:ab:b9:45:8e:ad:4c:b3:d4:1b:94:97:
         cb:ae:3a:c7:6d:7a:01:1c:fd:de:fb:fc:0d:57:a3:5c:96:9f:
         19:d9:9a:5d:5f:da:4c:51:8b:db:80:3b:f7:64:64:51:58:7f:
         08:8d:22:82:2f:b7:38:1a:83:2c:12:35:30:93:6f:1c:09:81:
         59:ca:c8:fb:22:f8:6e:8d:49:29:2f:15:dc:80:d0:80:ae:41:
         ed:0f:9c:5f:e4:14:32:43:59:31:6b:36:25:f4:54:f0:9c:cc:
         7a:b2:91:7f:3f:87:46:b1:b3:99:8a:1e:cc:f0:45:44:35:ef:
         12:4d:0b:49:cb:be:c0:3d:fe:0d:c5:36:e1:3a:41:e8:1e:e9:
         3d:25:c5:d8:8a:f4:c8:6a:84:65:04:48:93:63:82:a2:4e:cc:
         97:b3:2c:89:23:30:32:2f:cd:3b:38:88:fc:e0:1c:e7:6f:78:
         8f:1c:84:34:2b:e3:3d:25:10:82:94:56:56:9b:02:48:96:fc:
         50:92:37:fb:6e:29:2e:14:4b:ef:76:3b:93:c6:52:4b:f0:6e:
         dd:0b:94:3b
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgIUAQ0Mn0MoWElBnnzK5Tw8LJ5/HAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkM2QyOTFiNmEtMWIzMC00ZmMwLWIxZGQtNTgyYWI5ODM0
N2Q2MB4XDTI1MDMyMTAxMDAzOVoXDTI1MDYxOTAxMDAzOVowLzEtMCsGA1UEAxMk
MjdmZDlhY2MtYzQ3My00YzUwLWI3MGYtNGMyZWRlMmE5YWQ0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzKbfY6GsxVF+hNkH2zWsRcu8jj/RcyhgXMc
oC4BVBU/VUZVf4Bl/5wxlPpZGXBjHtHvEJb/cKT6Y5g9AZ+4o3A/eGJ9Diwnj4s7
rtkII3eDo3nOQdIs8AUp14surnjt/mAn9tBDLKGQg66Ndc/3wMTCD81FBudJcUBT
ePmvR8/8k2Ve4DDGZlcMg1dD/9PQ2Qw0vzy3SzhTb5+AnTw1lilz7QeLwevtJwe/
uoptNA67Wdoba60KnqYp4S+KS5F9JGrNq1wmSogMLv3y2FmMRMxR5XrdSBkvuPfi
z/lv//TVC0ntW4IrHN/at2LLmWJCCbMrf0uhSQJnEYv3kfTdMwIDAQABo4IDVjCC
A1IwHQYDVR0OBBYEFHl6SSp4VvLhgJAUVfKWrFNrwYYgMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzY5ZmQwMTU2LWJiMWYtNDhiNi1iZjMyLWM5NDkyMjg2ZjE5NS8zZDI5
MWI2YS0xYjMwLTRmYzAtYjFkZC01ODJhYjk4MzQ3ZDYvYWU0ZDJmNDItZGY0MS0z
YTEzLWJmNjMtOTM1ZTc5MDVkYzkzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy82OWZkMDE1Ni1i
YjFmLTQ4YjYtYmYzMi1jOTQ5MjI4NmYxOTUvM2QyOTFiNmEtMWIzMC00ZmMwLWIx
ZGQtNTgyYWI5ODM0N2Q2LzNkMjkxYjZhLTFiMzAtNGZjMC1iMWRkLTU4MmFiOTgz
NDdkNi5jcmwwHwYDVR0jBBgwFoAUvPdtyH70eguyx7hGpBdeRe34chEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzY5ZmQwMTU2LWJiMWYtNDhi
Ni1iZjMyLWM5NDkyMjg2ZjE5NS8zZDI5MWI2YS0xYjMwLTRmYzAtYjFkZC01ODJh
Yjk4MzQ3ZDYuY2VyMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJhAAKDBU
BgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8v
d3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEB
CwUAA4IBAQBHmjb9hv4CDJ0dcVaECXQ4floJoL7oIN8ko9YRTzaL20QqAq2WYHC0
bb/0q7lFjq1Ms9QblJfLrjrHbXoBHP3e+/wNV6Nclp8Z2ZpdX9pMUYvbgDv3ZGRR
WH8IjSKCL7c4GoMsEjUwk28cCYFZysj7IvhujUkpLxXcgNCArkHtD5xf5BQyQ1kx
azYl9FTwnMx6spF/P4dGsbOZih7M8EVENe8STQtJy77APf4NxTbhOkHoHuk9JcXY
ivTIaoRlBEiTY4KiTsyXsyyJIzAyL807OIj84Bznb3iPHIQ0K+M9JRCClFZWmwJI
lvxQkjf7bikuFEvvdjuTxlJL8G7dC5Q7
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:07:56 2025 by rpki-client