Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6c278a7e-d76f-4a0d-936f-e1931725a720.roa
File:                     6c278a7e-d76f-4a0d-936f-e1931725a720.roa (raw, json)
Hash identifier:          TBb9H4M+A5CGdb/Jda8LjEaXjgigwa+Bi9ln+NA/LLs=
Subject key identifier:   C4:03:FA:55:4A:48:88:01:BB:F4:36:C7:78:4F:80:CB:3D:C9:9E:EE
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       783B08865D9369EE258796DB6D926004201023C1
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6c278a7e-d76f-4a0d-936f-e1931725a720.roa
Signing time:             Fri 25 Apr 2025 04:28:19 +0000
ROA not before:           Fri 25 Apr 2025 04:28:19 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 25 Apr 2025 04:48:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:3b:08:86:5d:93:69:ee:25:87:96:db:6d:92:60:04:20:10:23:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 25 04:28:19 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=83e61089fe94da200bd8ace8a5f47260da73134b166f04e1e1359a55491c50d5, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:c6:69:15:6e:24:48:70:57:c2:1e:a9:8b:a4:
                    f5:ff:f7:0c:f4:4a:b4:d7:aa:e4:ec:11:a1:4a:ca:
                    b5:33:c3:e0:1b:3c:a4:e5:6c:5b:0c:3b:09:dd:38:
                    85:bb:b7:74:42:92:ca:19:6f:5c:36:fb:3c:4b:52:
                    22:88:81:6d:20:62:bb:7f:41:62:8b:9c:bc:9e:93:
                    1e:fe:91:cc:05:86:df:6e:97:bc:43:2c:2d:59:54:
                    cc:49:46:d7:2a:61:24:e5:f5:1a:b0:85:07:b0:c3:
                    2f:48:5b:65:b6:98:ca:71:6e:6f:6d:47:c1:6a:d7:
                    37:fd:7c:d1:74:55:f2:00:39:ce:00:8a:b7:e3:df:
                    ce:41:6c:85:bf:1c:b5:48:c9:80:2f:4f:8c:ea:e4:
                    ef:29:5c:3a:17:2d:5c:7d:a6:ec:92:dc:b3:19:99:
                    c2:56:7e:00:08:de:53:a2:24:97:c1:e4:ff:41:8b:
                    7f:fa:46:7d:3a:c7:d7:27:7f:03:dc:54:3d:82:8c:
                    98:ae:ea:fe:5e:2f:19:ee:12:e3:f5:26:22:30:86:
                    43:03:25:03:54:84:e1:d7:55:71:38:0d:03:db:42:
                    39:96:e1:dd:e7:89:b7:db:6e:89:9a:be:1d:a8:64:
                    f8:5d:b4:7b:41:bb:3c:33:67:06:08:2b:0c:29:76:
                    f9:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:03:FA:55:4A:48:88:01:BB:F4:36:C7:78:4F:80:CB:3D:C9:9E:EE
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6c278a7e-d76f-4a0d-936f-e1931725a720.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:c5:bf:0a:dd:12:a9:26:7e:c0:e4:d8:6d:2a:98:1b:a6:e5:
         62:33:4d:f3:bd:d4:66:1e:fe:62:c3:5d:28:9a:7c:6b:19:a6:
         72:5a:86:71:f0:1c:6e:6e:6a:d8:1d:92:86:43:39:1f:bb:30:
         1d:b3:35:5d:c1:a7:8d:31:48:a4:7e:f0:7b:55:56:42:c1:11:
         5a:8f:27:9a:c4:a0:d5:1e:54:5e:e3:34:58:1a:f6:c1:5e:d8:
         c4:5e:bb:0f:7a:31:a4:de:ad:c1:84:57:e9:6a:83:22:2e:77:
         1e:ac:9e:31:42:d7:f6:cc:56:1a:85:19:f7:54:fa:c4:72:99:
         78:71:1a:c7:a4:fc:ce:7f:77:8f:d6:62:74:ec:99:60:89:3b:
         8e:26:b5:41:38:14:a8:5c:7d:c3:41:17:e4:5d:4f:ae:19:e1:
         fc:7e:37:11:1a:99:12:54:e5:8a:92:45:f6:af:6a:59:5f:d1:
         26:b0:1d:61:b2:8c:8f:6c:30:2f:6b:8a:30:fa:29:ab:73:1d:
         1e:49:01:eb:df:2e:73:3f:84:53:85:65:00:19:33:16:aa:11:
         5b:cd:ce:2c:0d:76:5d:7a:97:c5:9b:19:9c:58:44:11:3c:58:
         fc:d0:e5:58:89:43:07:47:8c:87:d5:d0:d6:89:93:50:cf:fc:
         2a:88:54:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeDsIhl2Tae4lh5bbbZJgBCAQI8EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDI1MDQyODE5WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4M2U2MTA4OWZlOTRkYTIwMGJkOGFjZThhNWY0NzI2MGRh
NzMxMzRiMTY2ZjA0ZTFlMTM1OWE1NTQ5MWM1MGQ1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCIxmkVbiRIcFfCHqmLpPX/9wz0SrTXquTsEaFKyrUzw+Ab
PKTlbFsMOwndOIW7t3RCksoZb1w2+zxLUiKIgW0gYrt/QWKLnLyekx7+kcwFht9u
l7xDLC1ZVMxJRtcqYSTl9RqwhQewwy9IW2W2mMpxbm9tR8Fq1zf9fNF0VfIAOc4A
irfj385BbIW/HLVIyYAvT4zq5O8pXDoXLVx9puyS3LMZmcJWfgAI3lOiJJfB5P9B
i3/6Rn06x9cnfwPcVD2CjJiu6v5eLxnuEuP1JiIwhkMDJQNUhOHXVXE4DQPbQjmW
4d3nibfbbomavh2oZPhdtHtBuzwzZwYIKwwpdvnlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxAP6VUpIiAG79DbHeE+Ayz3Jnu4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzZjMjc4YTdlLWQ3NmYtNGEwZC05MzZmLWUxOTMxNzI1YTcyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJTFvwrdEqkmfsDk2G0qmBum5WIz
TfO91GYe/mLDXSiafGsZpnJahnHwHG5uatgdkoZDOR+7MB2zNV3Bp40xSKR+8HtV
VkLBEVqPJ5rEoNUeVF7jNFga9sFe2MReuw96MaTercGEV+lqgyIudx6snjFC1/bM
VhqFGfdU+sRymXhxGsek/M5/d4/WYnTsmWCJO44mtUE4FKhcfcNBF+RdT64Z4fx+
NxEamRJU5YqSRfavallf0SawHWGyjI9sMC9rijD6KatzHR5JAevfLnM/hFOFZQAZ
MxaqEVvNziwNdl16l8WbGZxYRBE8WPzQ5ViJQwdHjIfV0NaJk1DP/CqIVIo=
-----END CERTIFICATE-----