Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79658bf8-990a-4a32-b971-f60352c25468.roa
File:                     79658bf8-990a-4a32-b971-f60352c25468.roa (raw, json)
Hash identifier:          TgutBHVfIbl/6o8Ygimbos6MAeKGSXCn2ZTu+s0XHoM=
Subject key identifier:   35:D3:60:E9:64:3B:BC:8F:06:B9:57:49:B2:E7:48:8A:37:80:7E:3C
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       15BDC4F96FCB835F0AB3BDD17879C3620C879C3C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79658bf8-990a-4a32-b971-f60352c25468.roa
Signing time:             Fri 23 May 2025 13:38:21 +0000
ROA not before:           Fri 23 May 2025 13:38:21 +0000
ROA not after:            Fri 27 Jun 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 23 May 2025 13:58:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:bd:c4:f9:6f:cb:83:5f:0a:b3:bd:d1:78:79:c3:62:0c:87:9c:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 23 13:38:21 2025 GMT
            Not After : Jun 27 23:59:59 2025 GMT
        Subject: serialNumber=16afb93a5b048af9b937d772e49651ff83b4c424c261c05a9782033b7424aa95, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9a:ae:4e:af:6f:bd:d3:76:54:47:4d:ed:b1:
                    25:2e:62:1d:21:bf:1d:81:03:d6:10:52:ed:e5:99:
                    cb:c2:01:52:5c:6d:ba:d2:df:ae:27:69:02:4d:5c:
                    ec:cc:87:66:3c:89:2f:f9:67:dd:5e:21:70:c4:ab:
                    4e:68:bd:5c:fe:bd:02:f0:a2:e2:59:54:5e:e8:8b:
                    85:d2:98:d2:18:b4:d0:93:1d:eb:30:d7:25:cb:e4:
                    66:7c:e2:10:86:5d:b7:bb:44:bd:30:53:20:aa:5a:
                    e5:20:3c:32:1c:20:49:2a:75:49:8a:12:32:c3:39:
                    6e:03:69:46:71:97:d9:25:97:ea:ab:61:94:b0:fb:
                    5c:a3:ea:c0:b4:07:25:a7:79:e5:89:74:8f:74:24:
                    73:66:8e:14:a9:f7:ca:c0:43:52:5a:6e:13:16:fd:
                    40:a9:94:f0:cc:4b:23:44:35:48:61:c3:47:37:fc:
                    fd:56:c2:ec:28:2a:b7:e7:78:4f:7f:3a:9c:0e:40:
                    95:f9:e5:14:18:e8:fb:e7:70:12:76:a0:5e:9c:73:
                    20:40:8c:e6:6b:1c:68:85:5c:af:b6:f6:a9:e3:61:
                    f0:05:e5:39:8d:c0:d5:8a:9d:8b:f2:6e:76:f1:46:
                    6f:18:75:5e:92:17:21:6c:15:e5:50:62:02:9d:77:
                    5a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:D3:60:E9:64:3B:BC:8F:06:B9:57:49:B2:E7:48:8A:37:80:7E:3C
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79658bf8-990a-4a32-b971-f60352c25468.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:49:69:13:f2:05:7f:e9:e7:31:5b:20:91:ab:d1:68:13:ed:
         a8:53:6e:34:cb:fc:b2:ab:14:bb:f0:3d:77:f3:0f:38:81:b9:
         9a:10:4c:c7:ae:5a:2a:56:62:48:20:c8:dd:46:ba:ab:1f:df:
         e8:a3:7a:4f:4e:c5:30:af:05:85:89:00:19:92:f3:fc:31:5b:
         f9:f4:e7:fe:c7:41:80:1a:c4:75:77:76:76:94:e8:bc:f6:8b:
         c0:68:36:00:5a:ca:67:26:9e:71:ae:6a:53:60:7f:fd:55:02:
         3d:bf:45:c8:1f:c0:e0:01:0b:d2:a4:b9:b3:f3:3e:28:a1:68:
         7e:1f:35:e6:58:01:02:b8:61:47:08:10:e7:f3:eb:6b:20:ec:
         05:27:31:d6:58:77:0d:1b:9a:9e:80:f8:9a:6a:a5:e9:32:0e:
         2c:58:d2:93:98:1e:8b:62:94:a6:af:e4:69:82:38:75:90:f7:
         2a:7a:3f:09:65:4c:ed:a0:f1:ea:c2:8c:43:eb:fd:c2:9f:50:
         7f:cc:22:2d:0a:2c:76:b0:16:ea:1f:85:14:d7:d8:3b:8e:77:
         d6:19:aa:4e:4c:03:32:5f:63:fa:83:e0:4d:b1:58:ca:6f:ac:
         ce:b5:f4:9e:17:d1:5e:c4:aa:3d:82:b0:04:4c:e3:4c:70:67:
         ec:e3:2a:24
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFb3E+W/Lg18Ks73ReHnDYgyHnDwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTIzMTMzODIxWhcNMjUwNjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNmFmYjkzYTViMDQ4YWY5YjkzN2Q3NzJlNDk2NTFmZjgz
YjRjNDI0YzI2MWMwNWE5NzgyMDMzYjc0MjRhYTk1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAmq5Or2+903ZUR03tsSUuYh0hvx2BA9YQUu3lmcvCAVJc
bbrS364naQJNXOzMh2Y8iS/5Z91eIXDEq05ovVz+vQLwouJZVF7oi4XSmNIYtNCT
Hesw1yXL5GZ84hCGXbe7RL0wUyCqWuUgPDIcIEkqdUmKEjLDOW4DaUZxl9kll+qr
YZSw+1yj6sC0ByWneeWJdI90JHNmjhSp98rAQ1JabhMW/UCplPDMSyNENUhhw0c3
/P1WwuwoKrfneE9/OpwOQJX55RQY6PvncBJ2oF6ccyBAjOZrHGiFXK+29qnjYfAF
5TmNwNWKnYvybnbxRm8YdV6SFyFsFeVQYgKdd1p5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNdNg6WQ7vI8GuVdJsudIijeAfjwwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzc5NjU4YmY4LTk5MGEtNGEzMi1iOTcxLWY2MDM1MmMyNTQ2OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADJJaRPyBX/p5zFbIJGr0WgT7ahT
bjTL/LKrFLvwPXfzDziBuZoQTMeuWipWYkggyN1Guqsf3+ijek9OxTCvBYWJABmS
8/wxW/n05/7HQYAaxHV3dnaU6Lz2i8BoNgBaymcmnnGualNgf/1VAj2/RcgfwOAB
C9KkubPzPiihaH4fNeZYAQK4YUcIEOfz62sg7AUnMdZYdw0bmp6A+JpqpekyDixY
0pOYHotilKav5GmCOHWQ9yp6PwllTO2g8erCjEPr/cKfUH/MIi0KLHawFuofhRTX
2DuOd9YZqk5MAzJfY/qD4E2xWMpvrM619J4X0V7Eqj2CsARM40xwZ+zjKiQ=
-----END CERTIFICATE-----