Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/14e91e2a-0aa7-420d-8eae-0d024bca1b8e.roa
File:                     14e91e2a-0aa7-420d-8eae-0d024bca1b8e.roa (raw, json)
Hash identifier:          YZBX3el40ezIK+C4uU9SzOYVDm7UieUSxzgNUUlvURY=
Subject key identifier:   73:03:28:BD:E7:68:D1:4D:E8:D4:7A:76:92:16:BB:BD:DA:00:60:D8
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       69EAA001E2F8FB00FAB117857EA512B37C2DC8E0
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/14e91e2a-0aa7-420d-8eae-0d024bca1b8e.roa
Signing time:             Fri 06 Jun 2025 04:03:19 +0000
ROA not before:           Fri 06 Jun 2025 04:03:19 +0000
ROA not after:            Fri 11 Jul 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 06 Jun 2025 04:23:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:ea:a0:01:e2:f8:fb:00:fa:b1:17:85:7e:a5:12:b3:7c:2d:c8:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun  6 04:03:19 2025 GMT
            Not After : Jul 11 23:59:59 2025 GMT
        Subject: serialNumber=c076c79e1c514ebc3b9e9265890fcc78c6b3017c5cd40e2d50c1a05b0f3862ec, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c3:9a:c3:c4:45:2d:fb:8c:a6:f4:87:91:e4:
                    b9:af:54:5b:00:86:86:d8:7a:3a:20:96:a8:d6:23:
                    46:d6:ee:a5:18:7b:b5:77:b9:d1:70:ec:ea:d0:8b:
                    fb:06:3d:51:64:31:17:c0:01:20:d6:28:fa:4f:6b:
                    fe:4a:66:0c:72:0c:09:87:83:da:5f:23:bb:22:8e:
                    b7:1a:43:2f:dc:63:85:1c:0a:c4:fb:89:ce:3b:8f:
                    ea:c5:90:60:9f:8d:be:74:31:24:40:be:a6:5c:3d:
                    46:15:ae:17:fa:80:5a:9a:46:f5:df:1d:98:96:0d:
                    dc:a0:50:6d:17:d6:aa:03:00:5e:11:39:48:09:a1:
                    ea:30:51:b8:b7:42:6a:3a:23:f7:cd:73:4c:d8:60:
                    29:47:98:6a:7d:3f:b0:0a:cd:c0:b6:45:41:8f:93:
                    a0:92:f7:ff:d7:15:4e:c0:12:0c:fa:27:fd:72:4a:
                    1d:50:ba:1e:e3:c8:db:01:e1:98:e6:3c:aa:d9:3a:
                    b2:fc:45:db:1b:bb:b1:d3:5f:60:3e:73:64:9e:79:
                    f6:d4:ac:f5:df:89:41:64:e3:2b:16:dc:83:3a:9f:
                    6e:ec:78:8a:b9:14:69:9c:9c:c0:15:c5:13:81:93:
                    05:b9:43:34:ee:8d:14:e6:51:49:38:39:78:cf:e1:
                    48:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:03:28:BD:E7:68:D1:4D:E8:D4:7A:76:92:16:BB:BD:DA:00:60:D8
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/14e91e2a-0aa7-420d-8eae-0d024bca1b8e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:ce:d9:63:e3:33:df:8b:60:0e:36:8a:2c:2d:6e:42:b7:4d:
         50:5a:b3:3b:55:72:a1:47:5b:73:4d:c2:08:76:b0:77:05:1e:
         f4:52:13:56:59:0e:b0:5a:0a:83:c7:47:53:20:fb:09:79:cb:
         3d:aa:3d:d3:e7:0f:38:04:4d:7e:48:0c:e7:11:d1:d6:70:6b:
         4b:2d:ab:20:69:59:88:e6:36:0a:d4:d7:19:c7:98:47:52:06:
         36:de:38:02:9f:1a:7b:de:df:c1:0f:ec:76:59:e8:a2:60:62:
         26:f7:94:7f:05:52:6d:76:92:be:eb:36:6a:b4:12:47:35:55:
         7b:00:15:10:97:e7:0a:30:d3:12:1b:1e:24:5a:1c:74:f9:8e:
         b4:c9:3a:24:ae:cb:a3:4e:b4:94:8f:62:71:f5:6e:46:fb:63:
         55:11:06:19:9e:15:5f:89:03:11:43:3d:59:47:ce:a6:e5:e4:
         77:30:a9:51:96:7d:fc:05:e2:00:6a:17:41:61:0e:8e:dd:9c:
         99:98:b6:34:38:ac:c1:da:66:d7:d2:2f:a4:f1:6e:ad:48:87:
         24:ea:36:07:ed:f0:b3:21:bf:41:08:32:82:f6:b6:6e:a4:85:
         a1:c4:55:11:20:d4:9f:11:c3:07:bf:6d:8b:d9:83:ec:74:1d:
         5a:8b:fe:ad
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaeqgAeL4+wD6sReFfqUSs3wtyOAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNjA2MDQwMzE5WhcNMjUwNzExMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMDc2Yzc5ZTFjNTE0ZWJjM2I5ZTkyNjU4OTBmY2M3OGM2
YjMwMTdjNWNkNDBlMmQ1MGMxYTA1YjBmMzg2MmVjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0w5rDxEUt+4ym9IeR5LmvVFsAhobYejoglqjWI0bW7qUY
e7V3udFw7OrQi/sGPVFkMRfAASDWKPpPa/5KZgxyDAmHg9pfI7sijrcaQy/cY4Uc
CsT7ic47j+rFkGCfjb50MSRAvqZcPUYVrhf6gFqaRvXfHZiWDdygUG0X1qoDAF4R
OUgJoeowUbi3Qmo6I/fNc0zYYClHmGp9P7AKzcC2RUGPk6CS9//XFU7AEgz6J/1y
Sh1Quh7jyNsB4ZjmPKrZOrL8Rdsbu7HTX2A+c2SeefbUrPXfiUFk4ysW3IM6n27s
eIq5FGmcnMAVxROBkwW5QzTujRTmUUk4OXjP4UgLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcwMovedo0U3o1Hp2kha7vdoAYNgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzE0ZTkxZTJhLTBhYTctNDIwZC04ZWFlLTBkMDI0YmNhMWI4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKzO2WPjM9+LYA42iiwtbkK3TVBa
sztVcqFHW3NNwgh2sHcFHvRSE1ZZDrBaCoPHR1Mg+wl5yz2qPdPnDzgETX5IDOcR
0dZwa0stqyBpWYjmNgrU1xnHmEdSBjbeOAKfGnve38EP7HZZ6KJgYib3lH8FUm12
kr7rNmq0Ekc1VXsAFRCX5wow0xIbHiRaHHT5jrTJOiSuy6NOtJSPYnH1bkb7Y1UR
BhmeFV+JAxFDPVlHzqbl5HcwqVGWffwF4gBqF0FhDo7dnJmYtjQ4rMHaZtfSL6Tx
bq1IhyTqNgft8LMhv0EIMoL2tm6khaHEVREg1J8Rwwe/bYvZg+x0HVqL/q0=
-----END CERTIFICATE-----