Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67190cb7-7ae9-4ae1-9ba0-953dee46085f.roa
File:                     67190cb7-7ae9-4ae1-9ba0-953dee46085f.roa (raw, json)
Hash identifier:          9USXx3/nfIiD9Hnnp4YPszYFR0GXvLNFEoX253Le51Q=
Subject key identifier:   DA:3E:22:DC:3C:DB:DB:FF:11:2C:5D:E7:FB:CD:43:39:B1:C7:4B:1A
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       51B61652C5E6A3AEB1B09077A41731A2A5E9627D
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67190cb7-7ae9-4ae1-9ba0-953dee46085f.roa
Signing time:             Sun 01 Jun 2025 13:03:17 +0000
ROA not before:           Sun 01 Jun 2025 13:03:17 +0000
ROA not after:            Sun 06 Jul 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 01 Jun 2025 13:23:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:b6:16:52:c5:e6:a3:ae:b1:b0:90:77:a4:17:31:a2:a5:e9:62:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun  1 13:03:17 2025 GMT
            Not After : Jul  6 23:59:59 2025 GMT
        Subject: serialNumber=73c2a29ece0a044b4d60373ad4722192a2ac9a7206e2ec82b51124dec3eaa963, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:86:7e:96:2a:f5:61:7f:d5:82:24:2f:45:bf:
                    cb:62:fe:15:06:c9:9d:3e:e3:fd:77:47:16:34:bc:
                    0e:37:29:07:12:1a:ee:42:27:10:4d:59:ff:cb:a8:
                    1f:65:6c:b5:cd:13:d3:d0:f9:7c:61:79:b0:da:bd:
                    1c:8f:67:a6:4b:9c:c7:80:7b:12:26:2e:db:d4:93:
                    a4:50:3c:63:6d:58:e6:9c:3f:d2:1a:00:d8:62:c2:
                    91:dc:a1:f7:8d:f8:21:86:cf:d9:b5:cf:90:08:71:
                    da:5a:f0:71:03:42:29:22:cd:dd:1c:c2:1e:01:6a:
                    c1:9e:93:4e:a2:09:91:23:43:c4:6d:9b:8a:15:d9:
                    72:51:ed:45:f5:84:51:5a:ad:ef:78:23:9c:29:da:
                    d1:4a:ef:85:35:52:50:75:22:6e:ba:db:66:19:89:
                    32:2b:16:7f:3c:3d:61:30:b3:5e:aa:ab:d6:6e:57:
                    f3:9b:7f:1f:7e:57:e3:40:3d:f7:b3:7d:92:b8:9a:
                    75:f8:93:1e:69:23:ca:ba:66:e7:de:c5:f1:52:53:
                    a1:8b:e1:c4:9a:17:8f:eb:da:ce:0b:e7:13:17:87:
                    90:3b:42:75:2d:16:81:c1:bb:65:6d:45:90:90:bd:
                    fc:80:55:4a:cd:42:04:cf:59:dc:28:ca:97:79:02:
                    c0:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:3E:22:DC:3C:DB:DB:FF:11:2C:5D:E7:FB:CD:43:39:B1:C7:4B:1A
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/67190cb7-7ae9-4ae1-9ba0-953dee46085f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:0a:4d:51:80:71:c7:76:e0:96:64:39:40:fb:32:07:4e:a7:
         ca:ae:92:64:da:65:01:d8:fc:8c:8c:63:cc:1d:c6:ed:64:d1:
         67:04:89:d8:32:88:b0:d0:6f:b2:b1:bd:44:f4:ec:b3:89:50:
         2a:76:2a:8d:01:81:91:42:67:ec:db:87:8e:49:3f:23:5e:5c:
         4c:78:48:d5:ef:ac:12:7f:ce:b3:87:a2:27:d2:ac:7e:ff:6c:
         cc:50:b9:4b:67:5f:ce:ca:07:0b:c3:bf:f5:48:de:2f:3e:e6:
         01:c0:fb:a5:52:64:32:d4:d6:48:80:65:47:30:21:be:1f:8e:
         0f:45:69:87:09:4d:35:61:5d:a1:6e:b5:dc:e7:51:6f:ec:30:
         79:29:6d:37:b2:46:14:e3:7e:9e:36:e0:f8:5a:68:dd:9b:c4:
         8c:e7:07:6f:40:6c:69:bc:6a:94:aa:3c:df:ff:0e:4c:b0:66:
         73:5e:ae:55:1a:03:eb:20:87:2d:b9:ca:d2:c9:4c:87:8d:6e:
         df:d3:7b:ba:30:54:7d:fe:dc:84:a7:a1:3b:5a:cf:1c:12:ee:
         6f:d2:f9:8d:19:19:15:72:26:13:70:3f:e1:80:8e:56:05:df:
         56:ee:ba:ba:0a:5f:62:eb:3d:fb:e3:a7:10:d6:5d:7e:c7:ba:
         aa:47:0e:e2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUbYWUsXmo66xsJB3pBcxoqXpYn0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNjAxMTMwMzE3WhcNMjUwNzA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3M2MyYTI5ZWNlMGEwNDRiNGQ2MDM3M2FkNDcyMjE5MmEy
YWM5YTcyMDZlMmVjODJiNTExMjRkZWMzZWFhOTYzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXhn6WKvVhf9WCJC9Fv8ti/hUGyZ0+4/13RxY0vA43KQcS
Gu5CJxBNWf/LqB9lbLXNE9PQ+XxhebDavRyPZ6ZLnMeAexImLtvUk6RQPGNtWOac
P9IaANhiwpHcofeN+CGGz9m1z5AIcdpa8HEDQikizd0cwh4BasGek06iCZEjQ8Rt
m4oV2XJR7UX1hFFare94I5wp2tFK74U1UlB1Im6622YZiTIrFn88PWEws16qq9Zu
V/Obfx9+V+NAPfezfZK4mnX4kx5pI8q6ZufexfFSU6GL4cSaF4/r2s4L5xMXh5A7
QnUtFoHBu2VtRZCQvfyAVUrNQgTPWdwoypd5AsDNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2j4i3Dzb2/8RLF3n+81DObHHSxowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzY3MTkwY2I3LTdhZTktNGFlMS05YmEwLTk1M2RlZTQ2MDg1Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABQKTVGAccd24JZkOUD7MgdOp8qu
kmTaZQHY/IyMY8wdxu1k0WcEidgyiLDQb7KxvUT07LOJUCp2Ko0BgZFCZ+zbh45J
PyNeXEx4SNXvrBJ/zrOHoifSrH7/bMxQuUtnX87KBwvDv/VI3i8+5gHA+6VSZDLU
1kiAZUcwIb4fjg9FaYcJTTVhXaFutdznUW/sMHkpbTeyRhTjfp424PhaaN2bxIzn
B29AbGm8apSqPN//DkywZnNerlUaA+sghy25ytLJTIeNbt/Te7owVH3+3ISnoTta
zxwS7m/S+Y0ZGRVyJhNwP+GAjlYF31buuroKX2LrPfvjpxDWXX7HuqpHDuI=
-----END CERTIFICATE-----