Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/80f40900-a492-49b4-950a-ffd04be4334c.roa
File:                     80f40900-a492-49b4-950a-ffd04be4334c.roa (raw, json)
Hash identifier:          RB1w7RHx2R37m8+UGCRSMILlPpb2hqPv+6zyqLPA1Jo=
Subject key identifier:   F0:1B:ED:BF:77:AD:C5:AE:77:3E:45:9D:90:6B:64:4B:58:B6:99:0E
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2F70F271C0AD59343E747DD546BAA38484D5E6FB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/80f40900-a492-49b4-950a-ffd04be4334c.roa
Signing time:             Thu 17 Apr 2025 09:28:18 +0000
ROA not before:           Thu 17 Apr 2025 09:28:18 +0000
ROA not after:            Thu 22 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 17 Apr 2025 09:48:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:70:f2:71:c0:ad:59:34:3e:74:7d:d5:46:ba:a3:84:84:d5:e6:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 17 09:28:18 2025 GMT
            Not After : May 22 23:59:59 2025 GMT
        Subject: serialNumber=a4064ccb64583861905b1ab87790b48685e97092dfe2649f72fb1dbbbb496432, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:08:4b:b3:f9:bf:b6:4c:cd:16:e7:04:69:83:
                    0c:6d:29:dc:99:e5:64:04:a4:99:63:33:7f:eb:45:
                    60:91:a6:04:16:88:3b:39:0e:bd:62:a0:01:99:35:
                    65:45:9a:3e:f2:1c:23:d5:2d:f8:8f:24:af:cf:33:
                    0d:43:d5:f7:7d:61:33:89:89:19:62:09:df:7a:49:
                    20:fd:50:11:45:ae:d6:cc:50:4e:cc:47:dd:3b:a6:
                    94:9f:ad:16:8b:ba:c0:2d:bc:dc:8a:44:fc:da:99:
                    53:85:b0:3d:62:22:28:8e:c0:6d:9e:7f:a3:dd:9b:
                    b4:57:88:0c:81:91:64:e8:5a:9e:a3:72:83:d3:b1:
                    fa:8c:e7:bc:1f:2e:47:35:a4:78:09:71:75:0a:ba:
                    07:81:68:02:0e:ee:3c:ca:a7:d9:ec:4d:89:68:56:
                    1e:76:8c:31:76:7d:c8:d1:6c:89:81:b0:1a:d8:f6:
                    0f:b5:62:8a:af:93:51:1c:04:58:8e:d9:b1:ce:cb:
                    48:e1:44:8c:8f:3d:6d:a2:f1:6e:37:96:7d:d9:f8:
                    0e:bc:16:0d:a3:14:be:8c:47:b4:85:88:f6:ff:e0:
                    00:ca:a0:b5:f3:be:24:df:cb:5a:fa:80:10:bd:94:
                    75:06:dc:d1:15:f1:95:66:82:2e:4c:64:98:ae:7d:
                    a7:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:1B:ED:BF:77:AD:C5:AE:77:3E:45:9D:90:6B:64:4B:58:B6:99:0E
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/80f40900-a492-49b4-950a-ffd04be4334c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:3a:ad:fb:d1:17:53:b7:32:b6:df:06:fd:92:21:69:66:61:
         2a:d8:10:66:65:1d:26:64:5b:d8:c7:51:a4:94:ab:12:cd:e3:
         fb:e4:72:f9:89:b1:08:fb:43:5d:39:6b:92:7a:89:fd:07:7a:
         61:d8:0d:65:6a:e5:1d:8c:61:bd:cc:39:fc:41:4c:75:02:1b:
         e3:27:3d:4e:ed:f2:4c:e5:00:94:c9:d8:e4:3f:e6:79:b7:d5:
         19:f9:e6:fb:ee:b2:4e:d1:91:3e:0f:ac:da:53:52:49:bc:f1:
         56:20:e3:88:5d:99:67:f4:3c:71:50:c1:b7:c5:36:5e:e0:9f:
         cb:ef:06:ee:b1:1b:3a:50:b9:ac:55:8a:f6:db:15:ce:bc:07:
         de:04:80:e9:16:e3:e6:3e:0c:87:9b:b4:59:19:f1:9d:fc:db:
         90:35:f3:e3:45:64:21:97:bb:2d:19:7f:3a:5f:af:dc:7a:5a:
         2c:8c:d7:70:8b:67:e9:ad:61:d4:c4:a9:f1:32:f6:24:54:70:
         a5:da:60:96:f1:46:ef:5e:68:b3:73:dc:ab:5e:20:d6:ab:ee:
         60:a5:39:f0:2b:aa:bc:33:30:f1:38:65:50:f0:0c:1c:14:5e:
         51:5d:1b:8a:b0:85:4d:4c:36:f4:f5:88:1e:d9:10:3b:9e:49:
         83:68:77:01
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL3DyccCtWTQ+dH3VRrqjhITV5vswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDE3MDkyODE4WhcNMjUwNTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDA2NGNjYjY0NTgzODYxOTA1YjFhYjg3NzkwYjQ4Njg1
ZTk3MDkyZGZlMjY0OWY3MmZiMWRiYmJiNDk2NDMyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrCEuz+b+2TM0W5wRpgwxtKdyZ5WQEpJljM3/rRWCRpgQW
iDs5Dr1ioAGZNWVFmj7yHCPVLfiPJK/PMw1D1fd9YTOJiRliCd96SSD9UBFFrtbM
UE7MR907ppSfrRaLusAtvNyKRPzamVOFsD1iIiiOwG2ef6Pdm7RXiAyBkWToWp6j
coPTsfqM57wfLkc1pHgJcXUKugeBaAIO7jzKp9nsTYloVh52jDF2fcjRbImBsBrY
9g+1Yoqvk1EcBFiO2bHOy0jhRIyPPW2i8W43ln3Z+A68Fg2jFL6MR7SFiPb/4ADK
oLXzviTfy1r6gBC9lHUG3NEV8ZVmgi5MZJiufafJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8Bvtv3etxa53PkWdkGtkS1i2mQ4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzgwZjQwOTAwLWE0OTItNDliNC05NTBhLWZmZDA0YmU0MzM0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABI6rfvRF1O3MrbfBv2SIWlmYSrY
EGZlHSZkW9jHUaSUqxLN4/vkcvmJsQj7Q105a5J6if0HemHYDWVq5R2MYb3MOfxB
THUCG+MnPU7t8kzlAJTJ2OQ/5nm31Rn55vvusk7RkT4PrNpTUkm88VYg44hdmWf0
PHFQwbfFNl7gn8vvBu6xGzpQuaxVivbbFc68B94EgOkW4+Y+DIebtFkZ8Z3825A1
8+NFZCGXuy0Zfzpfr9x6WiyM13CLZ+mtYdTEqfEy9iRUcKXaYJbxRu9eaLNz3Kte
INar7mClOfArqrwzMPE4ZVDwDBwUXlFdG4qwhU1MNvT1iB7ZEDueSYNodwE=
-----END CERTIFICATE-----