Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1c74f292-2269-4796-8afd-dfbb6b69a012.roa
File:                     1c74f292-2269-4796-8afd-dfbb6b69a012.roa (raw, json)
Hash identifier:          vNJKMgtDwi6XFXgYbR9riH8GlgTnAcA42vr58EFG+/c=
Subject key identifier:   8E:38:A7:B7:AE:07:8B:12:F7:64:D5:09:54:F3:B1:56:15:47:1F:07
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       521E9E0E3B4A25A8A98A50850BDEDAE237CBB014
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1c74f292-2269-4796-8afd-dfbb6b69a012.roa
Signing time:             Sun 06 Apr 2025 16:33:11 +0000
ROA not before:           Sun 06 Apr 2025 16:33:11 +0000
ROA not after:            Sun 11 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 06 Apr 2025 16:48:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:1e:9e:0e:3b:4a:25:a8:a9:8a:50:85:0b:de:da:e2:37:cb:b0:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr  6 16:33:11 2025 GMT
            Not After : May 11 23:59:59 2025 GMT
        Subject: serialNumber=415f50b74b55f80a213fabbfa3469156e5d57b9eb8b1010057e254175a01aec4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fe:fa:5a:52:21:8c:db:c9:b5:a9:37:7a:f9:
                    d8:93:19:4e:47:b0:eb:f8:48:0e:85:2b:e2:0a:9d:
                    87:57:02:18:87:03:00:86:e5:a1:5b:60:40:0b:af:
                    1f:de:8f:66:d4:b1:65:75:55:00:88:bf:16:fd:13:
                    b7:90:20:c1:1d:27:47:df:fe:e4:96:86:fc:13:e6:
                    1d:72:65:ce:10:7c:21:fb:e9:d5:d0:52:ff:28:fa:
                    da:d2:b1:b6:43:96:ce:96:07:d1:88:d7:17:12:53:
                    29:cf:3f:92:04:59:59:95:5a:fa:93:43:65:f1:01:
                    68:f0:46:1f:32:26:04:2c:8c:40:48:ee:7b:fa:6b:
                    32:fb:da:07:83:4d:55:11:e8:93:5e:90:72:2a:a1:
                    00:93:1b:9a:6a:83:aa:aa:d0:8d:3d:85:04:68:d6:
                    00:b7:9d:12:d8:64:2c:a9:7d:dd:58:5d:65:52:b9:
                    6f:a7:97:84:f4:10:72:3b:da:3c:fe:b6:f9:6b:38:
                    1b:69:7f:70:98:56:46:4b:85:e8:e4:01:cc:c4:2b:
                    09:f4:d8:e4:54:a4:d2:95:8f:81:37:ab:b8:ff:48:
                    c2:31:27:6d:a4:6d:ba:ce:38:10:6f:02:b4:ac:33:
                    29:18:be:60:b0:63:d7:3c:12:4c:c5:77:48:1d:fe:
                    e2:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:38:A7:B7:AE:07:8B:12:F7:64:D5:09:54:F3:B1:56:15:47:1F:07
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1c74f292-2269-4796-8afd-dfbb6b69a012.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:77:a9:af:42:25:5c:88:2a:6b:88:14:ae:f3:e8:a9:e3:6c:
         0d:19:a8:f4:0b:79:0f:c5:01:6a:10:78:08:aa:db:cf:5e:76:
         8d:5b:56:3b:bd:4b:81:9d:ff:b8:b3:4a:90:3a:68:88:ba:53:
         c3:4a:f4:8b:3a:51:f2:6e:5d:bd:1a:da:fc:37:35:5b:61:37:
         b5:b4:f0:32:aa:f0:83:8a:98:e9:aa:05:bd:fc:93:06:73:12:
         05:7c:d8:3b:be:46:1f:60:ec:07:18:6d:5d:03:79:a2:5e:ac:
         e7:0d:d0:6a:69:ec:68:77:47:5d:ef:7c:4f:1d:6c:8a:56:9b:
         32:0d:49:31:ec:7b:69:05:5b:45:61:e2:45:72:45:40:82:fc:
         79:e6:e2:c3:e0:56:aa:99:71:fb:0a:64:51:26:6b:3d:8b:b0:
         64:33:ce:07:95:c6:8d:74:bb:f3:45:16:be:4c:82:4a:70:dc:
         6a:ad:bd:42:fc:da:f1:3c:4a:58:1f:5b:53:67:6a:56:4f:52:
         d6:d9:3a:cf:ae:f6:97:bf:0e:b4:ec:82:67:06:6d:22:6d:bd:
         6b:fb:18:60:fd:50:5c:5c:8b:b4:60:bb:76:87:94:a8:90:f4:
         c5:d7:aa:51:bc:10:3f:12:99:23:cc:c3:74:3b:fc:11:5b:a3:
         72:c4:01:73
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUh6eDjtKJaipilCFC97a4jfLsBQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDA2MTYzMzExWhcNMjUwNTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MTVmNTBiNzRiNTVmODBhMjEzZmFiYmZhMzQ2OTE1NmU1
ZDU3YjllYjhiMTAxMDA1N2UyNTQxNzVhMDFhZWM0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9/vpaUiGM28m1qTd6+diTGU5HsOv4SA6FK+IKnYdXAhiH
AwCG5aFbYEALrx/ej2bUsWV1VQCIvxb9E7eQIMEdJ0ff/uSWhvwT5h1yZc4QfCH7
6dXQUv8o+trSsbZDls6WB9GI1xcSUynPP5IEWVmVWvqTQ2XxAWjwRh8yJgQsjEBI
7nv6azL72geDTVUR6JNekHIqoQCTG5pqg6qq0I09hQRo1gC3nRLYZCypfd1YXWVS
uW+nl4T0EHI72jz+tvlrOBtpf3CYVkZLhejkAczEKwn02ORUpNKVj4E3q7j/SMIx
J22kbbrOOBBvArSsMykYvmCwY9c8EkzFd0gd/uJ/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjjint64HixL3ZNUJVPOxVhVHHwcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzFjNzRmMjkyLTIyNjktNDc5Ni04YWZkLWRmYmI2YjY5YTAxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJF3qa9CJVyIKmuIFK7z6KnjbA0Z
qPQLeQ/FAWoQeAiq289edo1bVju9S4Gd/7izSpA6aIi6U8NK9Is6UfJuXb0a2vw3
NVthN7W08DKq8IOKmOmqBb38kwZzEgV82Du+Rh9g7AcYbV0DeaJerOcN0Gpp7Gh3
R13vfE8dbIpWmzINSTHse2kFW0Vh4kVyRUCC/Hnm4sPgVqqZcfsKZFEmaz2LsGQz
zgeVxo10u/NFFr5Mgkpw3GqtvUL82vE8SlgfW1NnalZPUtbZOs+u9pe/DrTsgmcG
bSJtvWv7GGD9UFxci7Rgu3aHlKiQ9MXXqlG8ED8SmSPMw3Q7/BFbo3LEAXM=
-----END CERTIFICATE-----