Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/507f51dd-e775-44b8-b866-926558676718.roa
File:                     507f51dd-e775-44b8-b866-926558676718.roa (raw, json)
Hash identifier:          EpDlBIG7rehP8jZgo8ut+SeT7m/X242CSWN+ZzNUAN8=
Subject key identifier:   90:77:86:BE:ED:D6:02:FF:79:B0:5A:9D:E1:D7:30:D2:2D:BB:28:96
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       1AF4B65496797F2996806E881EDC241036BD49B5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/507f51dd-e775-44b8-b866-926558676718.roa
Signing time:             Sat 14 Jun 2025 16:48:19 +0000
ROA not before:           Sat 14 Jun 2025 16:48:19 +0000
ROA not after:            Sat 19 Jul 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sat 14 Jun 2025 17:08:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:f4:b6:54:96:79:7f:29:96:80:6e:88:1e:dc:24:10:36:bd:49:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 14 16:48:19 2025 GMT
            Not After : Jul 19 23:59:59 2025 GMT
        Subject: serialNumber=fc097f0b45abd751a422809e9d767401581deaf6ee5f51bee91fbe6e3ac500fa, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:da:80:5f:e1:a6:da:7f:57:62:23:38:56:c7:
                    5e:11:40:b1:d8:20:93:20:16:59:de:43:dd:90:dc:
                    a0:ae:ed:01:d4:e6:1d:ba:f1:85:ab:f6:ee:ad:8b:
                    84:d6:f9:73:35:5a:b0:9a:52:b1:e3:5b:3d:91:64:
                    43:68:29:72:b4:73:a0:54:13:d3:23:86:6c:c1:f5:
                    be:5d:99:6a:e0:bc:4a:6d:2b:b8:06:83:ec:fe:b9:
                    eb:5a:af:3a:c1:59:e1:61:03:68:be:f7:7d:ba:28:
                    4b:66:20:7d:16:31:45:2b:fc:88:02:a7:3b:7c:19:
                    13:0f:d6:a6:54:dd:66:ad:71:0c:fb:c3:57:b7:a2:
                    07:4e:bc:c2:47:e4:5d:7d:44:2e:de:7b:be:1c:e8:
                    70:03:80:b4:6b:aa:1c:ba:81:19:23:d8:50:2d:44:
                    f7:8d:76:4f:43:ed:fd:da:e0:47:0a:c5:fc:55:71:
                    25:6d:22:fb:60:14:d1:a5:bc:cf:06:f9:98:c9:2c:
                    38:91:61:50:69:34:81:67:e9:1f:61:e4:60:d2:97:
                    99:25:e0:2a:bb:ae:9c:60:eb:33:7f:08:dc:d7:95:
                    79:a7:e8:c5:bb:12:47:ad:b0:ae:4d:e5:5b:1c:48:
                    a3:51:23:2c:0c:75:20:9f:6d:07:79:f5:1f:a5:8f:
                    95:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:77:86:BE:ED:D6:02:FF:79:B0:5A:9D:E1:D7:30:D2:2D:BB:28:96
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/507f51dd-e775-44b8-b866-926558676718.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:c8:39:8c:7d:f2:e4:8b:ac:5d:ad:9b:e5:19:43:03:33:89:
         a1:78:78:a0:ad:1c:e6:68:7d:25:75:d4:0d:02:72:8e:75:25:
         15:74:7c:d4:21:6f:4d:0f:a6:db:a2:1b:a3:8c:a5:40:86:2b:
         35:35:31:0c:27:dd:ac:40:e3:66:10:74:b6:d8:ec:49:1b:b7:
         2b:83:0c:00:ee:41:d0:c9:48:a9:0d:13:e3:3c:63:eb:c8:ad:
         c9:73:dd:67:40:b0:1b:c7:b0:74:8c:4b:1d:b1:31:f5:04:d2:
         88:f9:0c:a4:d7:c4:af:d0:5f:f1:2e:0d:3c:b6:33:b7:d7:9d:
         cd:56:18:36:78:70:be:a6:71:85:7c:38:6d:27:e3:35:9b:9a:
         07:7e:78:e1:3e:9d:df:38:b6:14:40:eb:28:34:ba:07:f6:4f:
         3a:0e:85:22:6e:30:57:f8:96:1a:83:d6:c5:06:73:a5:0f:fc:
         3f:a6:35:be:4d:b3:95:d1:f2:60:01:41:b7:fe:1b:54:51:1a:
         2c:6f:e0:2a:28:25:0d:2a:57:47:82:8e:a7:f1:b8:d5:26:ad:
         52:cd:81:6c:00:ca:7b:87:db:b1:a5:5b:38:5a:78:70:68:11:
         94:8f:39:af:0e:2f:83:7c:86:01:2e:d1:51:dd:d2:a8:68:49:
         e7:82:db:da
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGvS2VJZ5fymWgG6IHtwkEDa9SbUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNjE0MTY0ODE5WhcNMjUwNzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYzA5N2YwYjQ1YWJkNzUxYTQyMjgwOWU5ZDc2NzQwMTU4
MWRlYWY2ZWU1ZjUxYmVlOTFmYmU2ZTNhYzUwMGZhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDC2oBf4abaf1diIzhWx14RQLHYIJMgFlneQ92Q3KCu7QHU
5h268YWr9u6ti4TW+XM1WrCaUrHjWz2RZENoKXK0c6BUE9MjhmzB9b5dmWrgvEpt
K7gGg+z+uetarzrBWeFhA2i+9326KEtmIH0WMUUr/IgCpzt8GRMP1qZU3WatcQz7
w1e3ogdOvMJH5F19RC7ee74c6HADgLRrqhy6gRkj2FAtRPeNdk9D7f3a4EcKxfxV
cSVtIvtgFNGlvM8G+ZjJLDiRYVBpNIFn6R9h5GDSl5kl4Cq7rpxg6zN/CNzXlXmn
6MW7EketsK5N5VscSKNRIywMdSCfbQd59R+lj5X/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkHeGvu3WAv95sFqd4dcw0i27KJYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzUwN2Y1MWRkLWU3NzUtNDRiOC1iODY2LTkyNjU1ODY3NjcxOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADbIOYx98uSLrF2tm+UZQwMziaF4
eKCtHOZofSV11A0Cco51JRV0fNQhb00PptuiG6OMpUCGKzU1MQwn3axA42YQdLbY
7EkbtyuDDADuQdDJSKkNE+M8Y+vIrclz3WdAsBvHsHSMSx2xMfUE0oj5DKTXxK/Q
X/EuDTy2M7fXnc1WGDZ4cL6mcYV8OG0n4zWbmgd+eOE+nd84thRA6yg0ugf2TzoO
hSJuMFf4lhqD1sUGc6UP/D+mNb5Ns5XR8mABQbf+G1RRGixv4CooJQ0qV0eCjqfx
uNUmrVLNgWwAynuH27GlWzhaeHBoEZSPOa8OL4N8hgEu0VHd0qhoSeeC29o=
-----END CERTIFICATE-----