Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/069f55a5-80ce-4c81-a51a-56b4f8ff3c34.roa
File:                     069f55a5-80ce-4c81-a51a-56b4f8ff3c34.roa (raw, json)
Hash identifier:          wdbE1lbYCyNF+brWHO5BbNPUoXxt4VZou+AxSSAPSk0=
Subject key identifier:   D3:9C:24:73:87:8E:F8:50:37:37:EA:4B:EA:40:FB:60:CC:E1:64:26
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       74C08B244873D86FB88B15DF6D7216706EF97414
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/069f55a5-80ce-4c81-a51a-56b4f8ff3c34.roa
Signing time:             Mon 07 Apr 2025 11:53:18 +0000
ROA not before:           Mon 07 Apr 2025 11:53:18 +0000
ROA not after:            Mon 12 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 07 Apr 2025 12:08:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:c0:8b:24:48:73:d8:6f:b8:8b:15:df:6d:72:16:70:6e:f9:74:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr  7 11:53:18 2025 GMT
            Not After : May 12 23:59:59 2025 GMT
        Subject: serialNumber=0e213f9325a60c40f001d85cabd6d8fb41ee4e8dbcd90f71583ddc0a61707048, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:08:a8:81:9d:48:4c:53:1d:9b:e6:da:d2:11:
                    25:0c:b3:be:08:dd:55:3c:77:35:57:49:2d:75:3a:
                    1f:38:12:f7:cf:f6:7d:8b:2c:e3:90:f8:74:4e:fe:
                    31:64:88:b0:0f:42:6a:4a:ae:39:70:c5:96:6f:c8:
                    01:cf:22:11:98:7d:46:da:e0:e3:75:54:89:cf:5b:
                    65:c9:5b:2d:03:0d:54:ff:5d:2c:45:83:ba:f2:6b:
                    a7:5e:14:d6:11:f4:9f:56:64:18:1f:50:24:ab:ee:
                    2b:70:ca:54:06:53:6f:b5:23:59:f3:d7:79:93:44:
                    b8:18:0a:2d:c6:cb:75:89:4a:f0:49:14:36:c4:cb:
                    15:21:aa:d4:cc:d1:8f:84:7d:32:c2:91:21:2f:53:
                    d1:6a:c7:63:52:e7:d3:8f:c8:68:75:d6:a0:cd:79:
                    db:98:3e:96:19:3d:da:dd:59:5b:82:e8:5c:da:8d:
                    3e:ea:bb:db:3d:29:0a:12:14:34:45:e6:d7:40:d3:
                    45:06:11:77:99:13:1d:7c:9b:86:d5:30:0e:71:1e:
                    71:8c:41:2e:ef:84:12:f7:24:03:f6:bc:a8:0e:66:
                    53:1c:71:e9:a0:d0:b5:ef:4b:3b:96:53:fb:8d:a3:
                    b0:40:0b:35:31:ca:bd:88:6f:9c:29:75:2b:83:02:
                    13:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:9C:24:73:87:8E:F8:50:37:37:EA:4B:EA:40:FB:60:CC:E1:64:26
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/069f55a5-80ce-4c81-a51a-56b4f8ff3c34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:6e:85:bc:07:8b:03:cf:d8:7c:a7:3e:93:a3:af:ce:0b:24:
         c7:32:bb:fe:2b:02:fd:64:a9:9c:25:62:a5:d5:bc:d6:fb:3f:
         4b:fc:61:90:51:40:39:56:d5:a2:63:89:b0:20:ed:46:81:f0:
         90:74:47:09:f5:5e:20:32:66:48:7f:5e:88:dc:16:7b:d9:55:
         04:79:f6:ba:91:e9:09:00:f5:d7:40:30:7a:0f:3d:d1:95:84:
         c5:24:8f:4c:a0:6e:f3:9c:e9:9d:3f:2c:c0:78:c0:27:88:6c:
         63:0f:b7:d0:45:91:3d:33:f3:2a:0d:93:8d:57:0e:89:2d:03:
         77:5d:eb:c4:17:29:e9:0c:e5:6c:3d:ac:cf:36:cc:a2:59:b6:
         be:fd:5a:7c:71:8e:8b:3e:d0:f3:7c:50:d2:5d:77:e8:4d:0a:
         fc:8d:d4:d8:f5:62:b5:55:ce:e8:d2:3a:55:fd:4b:85:08:e0:
         e5:fd:04:32:64:4d:aa:25:a1:78:e7:74:3e:89:50:8e:9d:8f:
         4f:34:26:20:e0:32:66:fd:85:73:1d:b5:21:b9:bc:42:ac:1a:
         53:92:4a:ea:72:8d:ce:a0:6a:ac:d5:22:71:8a:02:97:ce:1c:
         23:f4:86:50:c5:b1:c4:dc:84:08:54:55:7d:c3:7e:f8:7b:80:
         a1:6c:70:89
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdMCLJEhz2G+4ixXfbXIWcG75dBQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDA3MTE1MzE4WhcNMjUwNTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTIxM2Y5MzI1YTYwYzQwZjAwMWQ4NWNhYmQ2ZDhmYjQx
ZWU0ZThkYmNkOTBmNzE1ODNkZGMwYTYxNzA3MDQ4MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8CKiBnUhMUx2b5trSESUMs74I3VU8dzVXSS11Oh84EvfP
9n2LLOOQ+HRO/jFkiLAPQmpKrjlwxZZvyAHPIhGYfUba4ON1VInPW2XJWy0DDVT/
XSxFg7rya6deFNYR9J9WZBgfUCSr7itwylQGU2+1I1nz13mTRLgYCi3Gy3WJSvBJ
FDbEyxUhqtTM0Y+EfTLCkSEvU9Fqx2NS59OPyGh11qDNeduYPpYZPdrdWVuC6Fza
jT7qu9s9KQoSFDRF5tdA00UGEXeZEx18m4bVMA5xHnGMQS7vhBL3JAP2vKgOZlMc
cemg0LXvSzuWU/uNo7BACzUxyr2Ib5wpdSuDAhNlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU05wkc4eO+FA3N+pL6kD7YMzhZCYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzA2OWY1NWE1LTgwY2UtNGM4MS1hNTFhLTU2YjRmOGZmM2MzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAAxuhbwHiwPP2HynPpOjr84LJMcy
u/4rAv1kqZwlYqXVvNb7P0v8YZBRQDlW1aJjibAg7UaB8JB0Rwn1XiAyZkh/Xojc
FnvZVQR59rqR6QkA9ddAMHoPPdGVhMUkj0ygbvOc6Z0/LMB4wCeIbGMPt9BFkT0z
8yoNk41XDoktA3dd68QXKekM5Ww9rM82zKJZtr79Wnxxjos+0PN8UNJdd+hNCvyN
1Nj1YrVVzujSOlX9S4UI4OX9BDJkTaoloXjndD6JUI6dj080JiDgMmb9hXMdtSG5
vEKsGlOSSupyjc6gaqzVInGKApfOHCP0hlDFscTchAhUVX3Dfvh7gKFscIk=
-----END CERTIFICATE-----