Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/f1099499-e865-4a58-89d5-0df023af2376/65dea0e8-176a-3d48-9746-bcb73b9776c7.roa
File:                     65dea0e8-176a-3d48-9746-bcb73b9776c7.roa (raw, json)
Hash identifier:          4JWkYd+efj4vxn6pv4udrKGMI0wLL4sIQLMpxZ8HHBA=
Subject key identifier:   E9:C9:BE:0E:52:54:E9:95:6F:B9:78:42:1E:E4:34:75:65:BF:E3:8E
Certificate issuer:       /CN=f1099499-e865-4a58-89d5-0df023af2376
Certificate serial:       010D0C9F43285848AF2B7AF7BD9CE340071903B0
Authority key identifier: C4:83:95:BC:07:81:7D:1D:AE:34:86:BC:A2:03:C2:30:72:E3:46:5E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/f1099499-e865-4a58-89d5-0df023af2376.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/f1099499-e865-4a58-89d5-0df023af2376/65dea0e8-176a-3d48-9746-bcb73b9776c7.roa
Signing time:             Mon 27 Jan 2025 14:00:52 +0000
ROA not before:           Mon 27 Jan 2025 14:00:52 +0000
ROA not after:            Sun 27 Apr 2025 13:00:52 +0000
asID:                     32030
IP address blocks:        45.45.168.0/23 maxlen: 23
                          192.40.141.0/24 maxlen: 24
                          2620:128:7000::/48 maxlen: 48
                          2620:128:7003::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 18 Mar 2025 22:20:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:af:2b:7a:f7:bd:9c:e3:40:07:19:03:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1099499-e865-4a58-89d5-0df023af2376
        Validity
            Not Before: Jan 27 14:00:52 2025 GMT
            Not After : Apr 27 13:00:52 2025 GMT
        Subject: CN=b448ec25-b81b-4bf0-9607-3022e07740d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e9:b5:09:d8:c7:cd:90:7c:bf:77:62:6f:5f:
                    4a:68:2b:dc:33:8f:1b:16:1e:5d:52:87:b4:4c:eb:
                    03:2e:5c:26:39:4b:47:8e:a3:40:95:58:a6:b7:b2:
                    6b:95:b1:89:58:15:d7:2b:b5:76:cb:71:38:32:88:
                    2e:6d:3b:58:60:ce:5b:4c:f3:81:1c:4c:0b:ea:d9:
                    e8:37:78:68:1e:a7:f2:fc:1f:40:97:5f:32:67:8c:
                    6d:db:f7:94:e1:e7:ec:4d:4a:47:d6:c1:7d:b9:16:
                    6b:41:b8:2b:a3:ae:bc:3d:fc:e8:3c:7f:bf:5a:7d:
                    57:54:3f:07:51:0b:d0:4e:d7:28:92:e2:ae:3b:c9:
                    03:c3:6b:e0:ca:5d:ec:92:b2:7e:11:2e:dd:fa:dc:
                    82:f1:63:86:29:64:c9:59:32:87:39:1c:6a:3b:1d:
                    f3:7a:0a:07:b3:5f:fb:8e:26:c5:6a:f5:90:ab:5d:
                    3e:b8:d9:eb:cb:ac:dd:b0:19:fb:d7:fc:04:54:e2:
                    43:68:94:5c:09:5f:38:fa:5d:41:09:50:bf:7e:b1:
                    71:76:87:c0:68:17:60:5f:3c:a6:b1:30:82:44:5e:
                    32:0e:94:5d:32:f9:28:3b:40:fc:42:ac:b0:9d:7d:
                    5b:49:ba:c8:f1:91:c6:1e:58:a2:b1:ef:62:f8:f1:
                    0b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C9:BE:0E:52:54:E9:95:6F:B9:78:42:1E:E4:34:75:65:BF:E3:8E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/f1099499-e865-4a58-89d5-0df023af2376/65dea0e8-176a-3d48-9746-bcb73b9776c7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/f1099499-e865-4a58-89d5-0df023af2376/f1099499-e865-4a58-89d5-0df023af2376.crl

            X509v3 Authority Key Identifier:
                keyid:C4:83:95:BC:07:81:7D:1D:AE:34:86:BC:A2:03:C2:30:72:E3:46:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/f1099499-e865-4a58-89d5-0df023af2376.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.45.168.0/23
                  192.40.141.0/24
                IPv6:
                  2620:128:7000::/48
                  2620:128:7003::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         3f:23:80:1f:1a:4f:51:7f:f3:9a:c3:9a:d6:9b:36:2c:66:35:
         82:64:1a:f3:59:16:cc:53:50:0d:31:1e:57:b1:d4:57:c9:78:
         f8:92:b4:93:7d:1f:11:ec:96:a0:9a:2f:23:a7:a8:02:8a:e2:
         e1:a4:20:bc:4d:74:e2:80:a8:30:cb:9c:15:39:a1:81:1d:62:
         27:42:55:7d:81:68:62:0d:37:25:3d:a1:4a:af:9a:41:69:c5:
         f8:a0:94:5d:6d:0f:c2:0b:92:49:a4:fb:df:d6:53:d1:8c:ff:
         1f:6e:71:12:11:5e:ea:f4:c0:78:29:27:ee:17:51:22:59:f7:
         ef:c1:4e:47:59:4d:92:5a:42:ae:92:40:9a:f9:7d:7c:9b:d1:
         aa:30:6a:56:83:47:f6:1a:f1:85:a2:e5:2e:55:e9:4b:e9:cc:
         91:1b:c2:d8:92:9d:25:32:7d:13:be:1d:a5:3a:5a:fa:1e:c4:
         33:d8:76:ec:3b:c9:8e:11:b4:08:47:40:1e:bc:8d:30:b9:9c:
         a2:c5:c6:7c:67:fd:6c:fb:a6:1a:f0:e4:61:13:46:98:9c:b6:
         17:7a:32:e8:c3:57:fd:57:09:e0:3d:47:83:b7:70:ca:4d:85:
         68:96:be:58:dc:53:d5:28:70:2c:b9:0d:fe:bf:cc:43:c9:60:
         ca:16:83:87
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgIUAQ0Mn0MoWEivK3r3vZzjQAcZA7AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjEwOTk0OTktZTg2NS00YTU4LTg5ZDUtMGRmMDIzYWYy
Mzc2MB4XDTI1MDEyNzE0MDA1MloXDTI1MDQyNzEzMDA1MlowLzEtMCsGA1UEAxMk
YjQ0OGVjMjUtYjgxYi00YmYwLTk2MDctMzAyMmUwNzc0MGQzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlum1CdjHzZB8v3dib19KaCvcM48bFh5dUoe0
TOsDLlwmOUtHjqNAlVimt7JrlbGJWBXXK7V2y3E4MogubTtYYM5bTPOBHEwL6tno
N3hoHqfy/B9Al18yZ4xt2/eU4efsTUpH1sF9uRZrQbgro668PfzoPH+/Wn1XVD8H
UQvQTtcokuKuO8kDw2vgyl3skrJ+ES7d+tyC8WOGKWTJWTKHORxqOx3zegoHs1/7
jibFavWQq10+uNnry6zdsBn71/wEVOJDaJRcCV84+l1BCVC/frFxdofAaBdgXzym
sTCCRF4yDpRdMvkoO0D8QqywnX1bSbrI8ZHGHliise9i+PELvQIDAQABo4IDdTCC
A3EwHQYDVR0OBBYEFOnJvg5SVOmVb7l4Qh7kNHVlv+OOMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS9mMTA5
OTQ5OS1lODY1LTRhNTgtODlkNS0wZGYwMjNhZjIzNzYvNjVkZWEwZTgtMTc2YS0z
ZDQ4LTk3NDYtYmNiNzNiOTc3NmM3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvZjEwOTk0OTktZTg2NS00YTU4LTg5
ZDUtMGRmMDIzYWYyMzc2L2YxMDk5NDk5LWU4NjUtNGE1OC04OWQ1LTBkZjAyM2Fm
MjM3Ni5jcmwwHwYDVR0jBBgwFoAUxIOVvAeBfR2uNIa8ogPCMHLjRl4wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS9mMTA5OTQ5OS1lODY1LTRhNTgtODlkNS0wZGYw
MjNhZjIzNzYuY2VyMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBLS2oAwQA
wCiNMBgEAgACMBIDBwAmIAEocAADBwAmIAEocAMwVAYDVR0gAQH/BEowSDBGBggr
BgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNv
dXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAPyOAHxpPUX/z
msOa1ps2LGY1gmQa81kWzFNQDTEeV7HUV8l4+JK0k30fEeyWoJovI6eoAori4aQg
vE104oCoMMucFTmhgR1iJ0JVfYFoYg03JT2hSq+aQWnF+KCUXW0PwguSSaT739ZT
0Yz/H25xEhFe6vTAeCkn7hdRIln378FOR1lNklpCrpJAmvl9fJvRqjBqVoNH9hrx
haLlLlXpS+nMkRvC2JKdJTJ9E74dpTpa+h7EM9h27DvJjhG0CEdAHryNMLmcosXG
fGf9bPumGvDkYRNGmJy2F3oy6MNX/VcJ4D1Hg7dwyk2FaJa+WNxT1ShwLLkN/r/M
Q8lgyhaDhw==
-----END CERTIFICATE-----