Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/90d7ee75-a616-4519-b5f3-8f2d02153fa7.roa
File:                     90d7ee75-a616-4519-b5f3-8f2d02153fa7.roa (raw, json)
Hash identifier:          6LNL8/Eo1yN+W7wadQtX9PB/TWMqmUkiBjOyv0LIa1A=
Subject key identifier:   62:78:7F:CE:AF:02:95:F3:3F:C4:57:D2:67:07:B1:A1:6B:EB:9F:F3
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       16DF53E04AEC03B26F04D913BFA6B5D4DB38CFF7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/90d7ee75-a616-4519-b5f3-8f2d02153fa7.roa
Signing time:             Thu 03 Apr 2025 20:33:17 +0000
ROA not before:           Thu 03 Apr 2025 20:33:17 +0000
ROA not after:            Thu 08 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 03 Apr 2025 20:48:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:df:53:e0:4a:ec:03:b2:6f:04:d9:13:bf:a6:b5:d4:db:38:cf:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr  3 20:33:17 2025 GMT
            Not After : May  8 23:59:59 2025 GMT
        Subject: serialNumber=501227b795d0b09a6f1f7128fd96b282a291a58798a1560527b7651fe82a5944, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d8:e7:9b:78:47:fe:3b:2c:ab:83:43:10:29:
                    6c:d8:95:00:de:4b:fd:79:6b:2c:88:57:37:e2:cd:
                    1b:33:bd:c2:9f:84:f4:b2:4c:60:74:e8:af:a0:76:
                    e3:4e:9f:3e:81:bf:3c:65:ec:61:dc:4a:a4:28:4e:
                    1b:6e:61:a0:d0:12:bb:c2:76:7b:93:48:33:2a:4f:
                    1f:a3:b3:8a:48:50:b5:2b:49:cb:a8:d1:23:87:b4:
                    13:06:47:36:cc:a3:d9:2f:b0:3e:43:b8:b0:ec:d1:
                    d8:ca:f8:71:5a:18:07:be:1b:66:09:6b:26:d5:9a:
                    25:36:c9:28:39:61:34:9a:c4:fd:6c:01:48:4f:a7:
                    64:93:c5:ec:b9:d4:ec:54:a7:eb:0b:24:46:7b:4e:
                    5f:09:76:45:b2:51:bb:43:20:45:03:13:24:01:7f:
                    af:f5:f5:27:6f:76:95:1b:5c:dd:4a:95:9c:b1:22:
                    e4:fe:58:fd:6c:2d:63:da:ca:4d:e6:ea:0b:03:ac:
                    75:49:6d:bd:42:e1:20:ac:47:89:12:84:19:45:ea:
                    90:3b:25:7f:31:18:93:9d:87:f2:37:b3:83:e6:c5:
                    25:c8:02:71:85:64:07:60:4e:f7:b5:fd:07:14:6f:
                    c2:88:5e:3c:38:1e:b2:16:93:d7:61:7e:89:d9:84:
                    c0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:78:7F:CE:AF:02:95:F3:3F:C4:57:D2:67:07:B1:A1:6B:EB:9F:F3
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/90d7ee75-a616-4519-b5f3-8f2d02153fa7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:be:fd:61:38:41:d1:f3:14:aa:c1:f3:45:7c:58:fe:9b:08:
         42:23:ed:5d:71:58:bf:e4:bb:a8:13:d3:d3:d2:26:e2:c2:b9:
         24:ab:d9:d1:59:fe:98:c0:62:54:9f:7b:29:0e:ea:72:97:de:
         b5:6b:ff:96:ae:73:55:e9:45:14:8b:d0:0c:79:21:e4:ce:67:
         ee:99:18:06:fb:09:f1:58:b6:6d:b7:9d:70:1a:5c:54:c4:00:
         f5:0b:ab:00:e4:b6:e0:1a:81:18:a0:86:6e:2d:15:a1:37:3e:
         d5:87:b1:7b:8c:e7:1a:e8:37:98:59:dc:01:5d:6b:ce:07:03:
         b0:98:e4:2f:fd:8d:d6:09:60:9f:0d:1a:4a:ac:78:14:b1:ee:
         e4:af:10:da:49:ad:cf:4c:9d:1a:59:28:e7:e2:48:02:8d:8d:
         e7:5e:9f:a9:20:2e:f1:80:b3:ef:f2:4f:65:e4:16:73:51:95:
         8e:ea:4a:29:a3:1b:d8:d7:df:c1:eb:cf:92:3c:f6:95:7f:e2:
         3b:c6:a2:64:d6:7f:b4:f5:dd:8e:71:c7:0d:94:15:59:78:ba:
         68:c3:21:5e:f3:15:52:9c:48:e5:91:ec:ee:df:3e:01:c5:7c:
         cf:e7:d1:c5:c7:a7:4a:a0:af:b6:aa:b5:92:01:43:ae:51:94:
         5b:68:3f:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFt9T4ErsA7JvBNkTv6a11Ns4z/cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDAzMjAzMzE3WhcNMjUwNTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MDEyMjdiNzk1ZDBiMDlhNmYxZjcxMjhmZDk2YjI4MmEy
OTFhNTg3OThhMTU2MDUyN2I3NjUxZmU4MmE1OTQ0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC22OebeEf+Oyyrg0MQKWzYlQDeS/15ayyIVzfizRszvcKf
hPSyTGB06K+gduNOnz6Bvzxl7GHcSqQoThtuYaDQErvCdnuTSDMqTx+js4pIULUr
Scuo0SOHtBMGRzbMo9kvsD5DuLDs0djK+HFaGAe+G2YJaybVmiU2ySg5YTSaxP1s
AUhPp2STxey51OxUp+sLJEZ7Tl8JdkWyUbtDIEUDEyQBf6/19SdvdpUbXN1KlZyx
IuT+WP1sLWPayk3m6gsDrHVJbb1C4SCsR4kShBlF6pA7JX8xGJOdh/I3s4PmxSXI
AnGFZAdgTve1/QcUb8KIXjw4HrIWk9dhfonZhMClAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYnh/zq8ClfM/xFfSZwexoWvrn/MwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzkwZDdlZTc1LWE2MTYtNDUxOS1iNWYzLThmMmQwMjE1M2ZhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEm+/WE4QdHzFKrB80V8WP6bCEIj
7V1xWL/ku6gT09PSJuLCuSSr2dFZ/pjAYlSfeykO6nKX3rVr/5auc1XpRRSL0Ax5
IeTOZ+6ZGAb7CfFYtm23nXAaXFTEAPULqwDktuAagRighm4tFaE3PtWHsXuM5xro
N5hZ3AFda84HA7CY5C/9jdYJYJ8NGkqseBSx7uSvENpJrc9MnRpZKOfiSAKNjede
n6kgLvGAs+/yT2XkFnNRlY7qSimjG9jX38Hrz5I89pV/4jvGomTWf7T13Y5xxw2U
FVl4umjDIV7zFVKcSOWR7O7fPgHFfM/n0cXHp0qgr7aqtZIBQ65RlFtoPyw=
-----END CERTIFICATE-----