Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa707cb4-0d7f-4b93-9114-f9219939bb75.roa
File:                     aa707cb4-0d7f-4b93-9114-f9219939bb75.roa (raw, json)
Hash identifier:          ZrEbWNOm1aYhNwN7SpZyrtjim3y7Cd0EVbuuKtCPBzs=
Subject key identifier:   B9:E3:30:54:19:24:61:1C:F6:86:8D:FC:AE:1D:4A:9D:6A:D3:71:F5
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       7F443F538F79B0B6C0BD595F4B19EC53C7B99C4B
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa707cb4-0d7f-4b93-9114-f9219939bb75.roa
Signing time:             Thu 22 May 2025 00:43:16 +0000
ROA not before:           Thu 22 May 2025 00:43:16 +0000
ROA not after:            Thu 26 Jun 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 22 May 2025 01:03:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:44:3f:53:8f:79:b0:b6:c0:bd:59:5f:4b:19:ec:53:c7:b9:9c:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 22 00:43:16 2025 GMT
            Not After : Jun 26 23:59:59 2025 GMT
        Subject: serialNumber=5ae6aaaee0ce8868b54b7c0de5b1ace37103dea95a57c213dfd95f42c02e180a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:ba:0d:b3:e5:46:13:15:9d:de:3d:9f:9a:4c:
                    80:88:3c:47:7a:bb:6e:44:b7:0b:0d:33:e1:c9:39:
                    36:e9:b5:51:66:d9:84:7d:69:84:47:c9:99:10:b4:
                    f2:a8:dd:39:0a:1a:9b:33:d1:79:3a:8f:5e:e9:87:
                    c7:ea:a8:5b:f4:87:6d:86:ae:76:5e:93:74:e9:44:
                    57:d0:b3:0d:f3:60:77:74:01:90:4b:f6:df:c9:23:
                    c5:be:0e:d0:5a:7c:4a:6e:3a:5d:51:35:f6:45:80:
                    ba:e0:52:51:b5:d2:01:ab:bb:c4:ae:52:5d:71:b1:
                    16:1d:af:1d:77:6c:30:31:5c:18:19:d0:93:a0:ed:
                    07:38:51:c6:35:da:1d:26:f6:3f:0d:df:f7:8f:f0:
                    9c:a1:d8:17:bd:d3:e5:14:4b:df:1a:c4:4e:93:8a:
                    23:49:5b:98:39:f0:87:66:b0:1b:6c:a0:9f:fe:73:
                    0d:1a:08:5a:15:54:0d:c5:b7:89:a3:86:79:00:8c:
                    bd:58:27:c5:21:ae:16:6e:23:7f:50:f0:cd:86:22:
                    b3:18:2d:e6:da:70:4c:94:a2:70:00:8c:bd:da:a3:
                    a1:c8:d0:e7:2f:01:5e:a5:4e:18:f4:da:c4:ff:47:
                    93:49:2f:cb:98:a7:59:5b:0c:6a:13:58:be:9f:6f:
                    e6:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:E3:30:54:19:24:61:1C:F6:86:8D:FC:AE:1D:4A:9D:6A:D3:71:F5
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/aa707cb4-0d7f-4b93-9114-f9219939bb75.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:2d:37:60:58:2a:fc:bb:cc:5f:1c:72:b5:a2:be:09:c9:99:
         89:6b:be:a7:1e:59:09:d9:b5:bb:84:3b:ec:bc:17:f9:04:b0:
         02:61:81:7d:66:35:19:ab:1a:03:2e:ae:8d:9f:e4:06:4e:2a:
         51:95:90:26:45:ba:d1:c7:82:e6:c5:f1:de:4a:f5:2e:4f:23:
         64:75:72:7f:69:d0:7b:8f:fa:b4:82:f6:05:10:1e:99:9e:67:
         f2:26:d1:7e:a7:b6:fd:8d:af:27:1d:2f:8b:ad:01:0e:9f:cf:
         5f:8d:9d:a4:8d:52:32:58:d0:2e:73:05:49:3c:31:e1:af:83:
         0e:4d:06:5b:93:5c:7b:e5:db:7a:ed:a9:61:e4:77:bf:76:13:
         83:4c:dc:b1:3e:e9:47:d1:a3:75:d4:9c:30:5f:9d:86:54:b1:
         60:07:f4:11:77:8e:15:35:53:9c:95:df:75:99:7e:a5:dd:5c:
         dd:5e:24:cd:97:54:d6:60:0b:88:83:89:5c:ab:65:d4:c3:eb:
         67:f4:27:a4:3e:65:b9:ac:8f:22:5e:f6:6b:b0:40:b6:4f:2b:
         cf:94:61:a2:3e:5b:b6:db:4c:e7:80:96:18:ce:8d:d7:50:58:
         65:6b:1e:3c:12:71:5f:38:53:20:fa:6b:98:6c:92:d5:ad:6c:
         97:d0:e0:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUf0Q/U495sLbAvVlfSxnsU8e5nEswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTIyMDA0MzE2WhcNMjUwNjI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YWU2YWFhZWUwY2U4ODY4YjU0YjdjMGRlNWIxYWNlMzcx
MDNkZWE5NWE1N2MyMTNkZmQ5NWY0MmMwMmUxODBhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD3ug2z5UYTFZ3ePZ+aTICIPEd6u25EtwsNM+HJOTbptVFm
2YR9aYRHyZkQtPKo3TkKGpsz0Xk6j17ph8fqqFv0h22GrnZek3TpRFfQsw3zYHd0
AZBL9t/JI8W+DtBafEpuOl1RNfZFgLrgUlG10gGru8SuUl1xsRYdrx13bDAxXBgZ
0JOg7Qc4UcY12h0m9j8N3/eP8Jyh2Be90+UUS98axE6TiiNJW5g58IdmsBtsoJ/+
cw0aCFoVVA3Ft4mjhnkAjL1YJ8UhrhZuI39Q8M2GIrMYLebacEyUonAAjL3ao6HI
0OcvAV6lThj02sT/R5NJL8uYp1lbDGoTWL6fb+btAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUueMwVBkkYRz2ho38rh1KnWrTcfUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FhNzA3Y2I0LTBkN2YtNGI5My05MTE0LWY5MjE5OTM5YmI3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGMtN2BYKvy7zF8ccrWivgnJmYlr
vqceWQnZtbuEO+y8F/kEsAJhgX1mNRmrGgMuro2f5AZOKlGVkCZFutHHgubF8d5K
9S5PI2R1cn9p0HuP+rSC9gUQHpmeZ/Im0X6ntv2NrycdL4utAQ6fz1+NnaSNUjJY
0C5zBUk8MeGvgw5NBluTXHvl23rtqWHkd792E4NM3LE+6UfRo3XUnDBfnYZUsWAH
9BF3jhU1U5yV33WZfqXdXN1eJM2XVNZgC4iDiVyrZdTD62f0J6Q+ZbmsjyJe9muw
QLZPK8+UYaI+W7bbTOeAlhjOjddQWGVrHjwScV84UyD6a5hsktWtbJfQ4KQ=
-----END CERTIFICATE-----