Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3d6b4a90-5bd9-4122-8ebf-07188551aee2.roa
File:                     3d6b4a90-5bd9-4122-8ebf-07188551aee2.roa (raw, json)
Hash identifier:          XYqVUeMLx7qQxFPfjadXaRTZSi6Pv0aasVV7UUIwnuk=
Subject key identifier:   5C:46:02:3B:17:23:8F:10:09:32:47:4C:7A:0A:73:F3:8B:45:9C:AB
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5228003B3BA0C25B90B96360A4A9C1FF23A43112
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3d6b4a90-5bd9-4122-8ebf-07188551aee2.roa
Signing time:             Mon 02 Jun 2025 22:58:19 +0000
ROA not before:           Mon 02 Jun 2025 22:58:19 +0000
ROA not after:            Mon 07 Jul 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 23:13:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:28:00:3b:3b:a0:c2:5b:90:b9:63:60:a4:a9:c1:ff:23:a4:31:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun  2 22:58:19 2025 GMT
            Not After : Jul  7 23:59:59 2025 GMT
        Subject: serialNumber=57838157add8ba7477222ed3c41a46cda42af44f754b39bf09241075d9594ce9, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a4:11:3d:32:19:0b:c9:55:74:72:be:61:69:
                    1e:27:33:31:87:96:15:ba:37:ee:85:21:67:b6:a9:
                    73:e1:12:a0:c3:ec:17:fd:df:56:8a:c1:52:76:97:
                    aa:6c:f9:c9:94:ea:b2:86:ab:eb:31:cb:e1:d4:1e:
                    23:98:ca:13:3f:60:0c:f1:12:92:db:ad:6a:b6:54:
                    b1:3a:93:4f:36:8c:da:1c:28:1f:f1:ca:23:89:c2:
                    a8:bb:05:ad:fe:45:73:b2:44:66:1f:14:81:e4:47:
                    bc:8c:f7:53:61:a1:c3:c2:b4:8f:19:66:cc:b5:ae:
                    5f:00:20:3b:fc:a2:37:94:52:a7:37:28:4a:8a:53:
                    df:90:17:aa:c9:10:10:83:ff:1e:4b:02:12:83:c3:
                    ee:86:d9:6d:7d:57:f5:94:d9:53:57:83:8a:6a:4c:
                    fe:7c:26:71:5f:96:53:d2:2b:b4:09:ab:fb:b2:1a:
                    c4:59:bf:88:86:c8:52:31:41:80:13:fd:c0:7e:1c:
                    10:72:ec:94:50:be:8d:2e:b4:35:28:46:f8:2a:aa:
                    74:77:c2:8c:f3:61:ba:39:e7:bb:5d:62:9d:b5:5d:
                    80:36:45:d3:b3:5d:08:8a:e1:23:02:62:b3:5f:ac:
                    0a:82:ec:41:89:6c:8e:46:c3:25:a6:dc:8c:61:5b:
                    56:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:46:02:3B:17:23:8F:10:09:32:47:4C:7A:0A:73:F3:8B:45:9C:AB
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3d6b4a90-5bd9-4122-8ebf-07188551aee2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:47:0e:54:87:03:8c:16:b3:54:28:a4:e8:02:e4:f7:7d:cf:
         07:15:7a:cb:0f:59:e6:06:95:9f:9d:60:e1:99:4f:c1:fa:90:
         19:19:50:b5:6e:1b:b7:59:22:d3:ee:a0:1f:63:f3:1c:84:b0:
         9f:0f:34:20:57:47:83:07:99:c8:23:1c:2a:09:b2:d7:9a:72:
         50:8c:26:8b:5b:ea:27:f8:ce:99:7c:c2:f7:5b:e1:07:2f:e3:
         a5:1e:21:78:d0:06:7e:99:d2:42:b4:9a:b4:77:a7:90:3d:9f:
         cc:69:10:df:06:4c:8b:df:d8:3c:5e:f2:4e:fa:43:1a:83:7c:
         fd:13:06:38:14:f3:1d:66:b0:0c:73:1b:c0:9f:f0:0e:af:bd:
         1b:fc:eb:fb:cb:50:34:21:0f:91:f7:4d:6f:55:ee:69:ea:19:
         bd:43:1f:c8:9c:f0:df:55:18:bd:d3:ea:9d:b4:2a:28:23:f8:
         f5:a0:c9:cf:0f:57:2a:af:9c:a1:fe:b7:07:e0:3e:00:89:d5:
         90:ec:0b:32:0c:17:ef:f3:cb:ec:58:c7:08:8d:ee:42:2e:1c:
         cd:8e:18:17:34:a1:c1:01:75:9d:06:07:82:e3:fd:80:67:42:
         cd:0a:64:1a:d3:8a:1a:53:f0:fa:24:f6:ff:86:f6:71:92:54:
         21:43:2e:70
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUigAOzugwluQuWNgpKnB/yOkMRIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNjAyMjI1ODE5WhcNMjUwNzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NzgzODE1N2FkZDhiYTc0NzcyMjJlZDNjNDFhNDZjZGE0
MmFmNDRmNzU0YjM5YmYwOTI0MTA3NWQ5NTk0Y2U5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIpBE9MhkLyVV0cr5haR4nMzGHlhW6N+6FIWe2qXPhEqDD
7Bf931aKwVJ2l6ps+cmU6rKGq+sxy+HUHiOYyhM/YAzxEpLbrWq2VLE6k082jNoc
KB/xyiOJwqi7Ba3+RXOyRGYfFIHkR7yM91NhocPCtI8ZZsy1rl8AIDv8ojeUUqc3
KEqKU9+QF6rJEBCD/x5LAhKDw+6G2W19V/WU2VNXg4pqTP58JnFfllPSK7QJq/uy
GsRZv4iGyFIxQYAT/cB+HBBy7JRQvo0utDUoRvgqqnR3wozzYbo557tdYp21XYA2
RdOzXQiK4SMCYrNfrAqC7EGJbI5GwyWm3IxhW1ahAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXEYCOxcjjxAJMkdMegpz84tFnKswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNkNmI0YTkwLTViZDktNDEyMi04ZWJmLTA3MTg4NTUxYWVlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAChHDlSHA4wWs1QopOgC5Pd9zwcV
essPWeYGlZ+dYOGZT8H6kBkZULVuG7dZItPuoB9j8xyEsJ8PNCBXR4MHmcgjHCoJ
steaclCMJotb6if4zpl8wvdb4Qcv46UeIXjQBn6Z0kK0mrR3p5A9n8xpEN8GTIvf
2Dxe8k76QxqDfP0TBjgU8x1msAxzG8Cf8A6vvRv86/vLUDQhD5H3TW9V7mnqGb1D
H8ic8N9VGL3T6p20Kigj+PWgyc8PVyqvnKH+twfgPgCJ1ZDsCzIMF+/zy+xYxwiN
7kIuHM2OGBc0ocEBdZ0GB4Lj/YBnQs0KZBrTihpT8Pok9v+G9nGSVCFDLnA=
-----END CERTIFICATE-----