Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/719d822d-9554-4cb7-8d4d-4201f1dd753b.roa
File:                     719d822d-9554-4cb7-8d4d-4201f1dd753b.roa (raw, json)
Hash identifier:          B+aRQ/ZUjuAT7d3hPbiLBrpCVBR4WKJzHDaEPJVDFas=
Subject key identifier:   76:C1:5D:97:3B:04:91:10:F1:CC:AA:3D:F9:33:FA:1E:30:97:0C:C8
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       09B01F68343422CECA184E8459397CCE08993B46
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/719d822d-9554-4cb7-8d4d-4201f1dd753b.roa
Signing time:             Fri 18 Apr 2025 01:53:18 +0000
ROA not before:           Fri 18 Apr 2025 01:53:18 +0000
ROA not after:            Fri 23 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 18 Apr 2025 02:13:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:b0:1f:68:34:34:22:ce:ca:18:4e:84:59:39:7c:ce:08:99:3b:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 18 01:53:18 2025 GMT
            Not After : May 23 23:59:59 2025 GMT
        Subject: serialNumber=e5aeb5b4a8c8985119266b053873597fd2b812508e85ff4bc3d5a0d9e741eff0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e0:a5:50:04:e4:df:89:66:04:18:bc:ea:5d:
                    f7:38:d9:73:cf:d1:20:91:71:c8:65:c3:29:c8:0f:
                    1b:b1:0a:eb:d4:c7:5e:29:63:ff:62:58:99:34:f8:
                    15:5a:5d:40:2b:35:53:c3:26:b0:d1:de:35:a4:ec:
                    fa:49:af:cd:0e:42:54:4a:e8:6a:54:59:b8:1f:0b:
                    57:2a:02:38:4f:92:8e:18:04:01:8b:11:3d:0b:cf:
                    28:32:48:66:a2:f3:71:60:fc:c2:3a:3e:f2:89:aa:
                    58:dc:c0:4b:db:7a:53:4e:1b:c6:a0:76:76:92:e9:
                    97:78:9b:f1:6f:00:07:ce:2c:54:fe:05:fd:82:70:
                    87:8b:e4:1a:11:11:83:ac:20:3b:5a:79:4e:d7:63:
                    7b:c7:fe:dc:e7:a9:04:de:6d:2f:d8:38:7f:a1:12:
                    63:ac:59:0c:9f:f1:35:ef:0d:2e:1d:b3:f8:a1:3f:
                    5e:d9:cd:22:3a:bc:62:59:fe:6d:0e:29:53:b1:f6:
                    ff:50:b4:7b:c6:fb:e9:04:8c:9c:dc:03:59:fa:ed:
                    f5:2f:4c:be:95:7a:7d:8a:d3:30:72:ab:4c:59:d8:
                    1c:db:32:ff:81:ca:d6:13:e9:47:f2:9c:2e:4a:9c:
                    e2:dd:be:05:8e:8e:a1:00:77:94:c1:4b:52:09:ed:
                    80:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:C1:5D:97:3B:04:91:10:F1:CC:AA:3D:F9:33:FA:1E:30:97:0C:C8
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/719d822d-9554-4cb7-8d4d-4201f1dd753b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:70:04:df:7d:66:92:8d:ca:34:bb:89:14:d8:5a:33:12:b9:
         04:b1:09:c2:01:69:f6:14:10:c3:48:1e:3f:69:6e:e6:2f:bb:
         77:09:3a:ac:7b:65:96:87:ce:9a:86:90:00:df:c4:6b:f0:79:
         e4:30:6f:59:3d:02:c7:be:7e:b8:35:e6:79:2d:83:f5:79:0f:
         31:d3:fa:5d:54:46:b6:ed:b5:57:42:18:51:8a:5c:32:ce:43:
         48:54:27:07:5e:5d:c4:cf:06:80:5e:9d:ad:87:6d:d3:10:ff:
         ee:6e:6d:9a:80:3f:dd:d7:c4:59:9c:83:25:41:42:10:bc:a9:
         7d:36:bc:c0:49:82:77:7f:fd:d5:e2:8d:08:1a:16:91:56:ac:
         33:50:69:b8:1e:6e:95:59:5d:a6:89:56:e9:37:66:49:a9:d8:
         24:d3:23:02:c2:0a:2e:a7:79:37:19:d6:72:ad:03:1b:e9:a1:
         24:5e:ad:78:81:09:cf:fe:70:d2:92:43:7c:4e:a1:78:de:67:
         5d:76:0f:33:b8:03:ad:e2:26:33:67:25:43:ec:eb:52:ba:0d:
         13:63:aa:c0:2c:2f:18:67:cc:a9:9c:53:1e:fe:0d:52:96:a7:
         ad:91:02:bb:8a:5b:46:be:b7:32:5a:05:6c:6a:c7:d8:11:fc:
         bb:b6:8c:83
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCbAfaDQ0Is7KGE6EWTl8zgiZO0YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDE4MDE1MzE4WhcNMjUwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNWFlYjViNGE4Yzg5ODUxMTkyNjZiMDUzODczNTk3ZmQy
YjgxMjUwOGU4NWZmNGJjM2Q1YTBkOWU3NDFlZmYwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDU4KVQBOTfiWYEGLzqXfc42XPP0SCRcchlwynIDxuxCuvU
x14pY/9iWJk0+BVaXUArNVPDJrDR3jWk7PpJr80OQlRK6GpUWbgfC1cqAjhPko4Y
BAGLET0LzygySGai83Fg/MI6PvKJqljcwEvbelNOG8agdnaS6Zd4m/FvAAfOLFT+
Bf2CcIeL5BoREYOsIDtaeU7XY3vH/tznqQTebS/YOH+hEmOsWQyf8TXvDS4ds/ih
P17ZzSI6vGJZ/m0OKVOx9v9QtHvG++kEjJzcA1n67fUvTL6Ven2K0zByq0xZ2Bzb
Mv+BytYT6UfynC5KnOLdvgWOjqEAd5TBS1IJ7YD1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdsFdlzsEkRDxzKo9+TP6HjCXDMgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzcxOWQ4MjJkLTk1NTQtNGNiNy04ZDRkLTQyMDFmMWRkNzUzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIBwBN99ZpKNyjS7iRTYWjMSuQSx
CcIBafYUEMNIHj9pbuYvu3cJOqx7ZZaHzpqGkADfxGvweeQwb1k9Ase+frg15nkt
g/V5DzHT+l1URrbttVdCGFGKXDLOQ0hUJwdeXcTPBoBena2HbdMQ/+5ubZqAP93X
xFmcgyVBQhC8qX02vMBJgnd//dXijQgaFpFWrDNQabgebpVZXaaJVuk3Zkmp2CTT
IwLCCi6neTcZ1nKtAxvpoSRerXiBCc/+cNKSQ3xOoXjeZ112DzO4A63iJjNnJUPs
61K6DRNjqsAsLxhnzKmcUx7+DVKWp62RAruKW0a+tzJaBWxqx9gR/Lu2jIM=
-----END CERTIFICATE-----