Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ab4a3c03-3acb-4186-b0e7-7408697ce8d8.roa
File:                     ab4a3c03-3acb-4186-b0e7-7408697ce8d8.roa (raw, json)
Hash identifier:          oOF17MCwAQWE6tt2MgCFqoVhOuWkYRz88scbfg/598U=
Subject key identifier:   0B:BE:4A:9F:EB:F4:B2:82:E3:AA:1B:06:C1:AE:58:11:33:B7:8D:68
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       049B5C41F27F7997048F2E2D25DA4582AA784C65
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ab4a3c03-3acb-4186-b0e7-7408697ce8d8.roa
Signing time:             Fri 04 Apr 2025 23:23:20 +0000
ROA not before:           Fri 04 Apr 2025 23:23:20 +0000
ROA not after:            Fri 09 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 04 Apr 2025 23:38:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:9b:5c:41:f2:7f:79:97:04:8f:2e:2d:25:da:45:82:aa:78:4c:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr  4 23:23:20 2025 GMT
            Not After : May  9 23:59:59 2025 GMT
        Subject: serialNumber=387e4b2b76baacd3aa3221ae890e92ee6da7b2cffc6fe0d098cdd50358968135, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:ee:4a:52:17:99:2a:48:6d:68:7b:a1:52:2e:
                    53:44:4b:c3:a7:ec:6a:a9:4e:dd:8e:01:5a:5c:3d:
                    7e:f7:77:25:9e:39:4f:8c:4e:ab:02:49:2b:89:8a:
                    dd:f3:c7:f3:dc:18:b4:76:53:c7:7b:b9:e9:07:b8:
                    ae:72:c5:cf:69:f0:d9:ad:5c:90:77:7d:4c:dc:ad:
                    15:29:40:4e:9d:a6:03:ab:4f:e5:94:2d:86:1f:dc:
                    ca:78:17:42:54:f9:60:ba:4d:6b:57:9d:b3:18:91:
                    72:36:31:d7:c6:a0:9f:fd:42:7e:75:40:2c:60:9a:
                    d1:df:a0:b8:84:c1:52:67:7d:3d:ed:47:77:df:a9:
                    bc:d2:bb:54:63:2d:77:7e:95:37:bf:cb:f4:3a:06:
                    63:51:41:e8:54:21:18:a4:e9:19:92:3a:ce:a1:b4:
                    53:a5:88:1b:a3:c0:f5:a1:1b:4b:ec:01:1d:a4:26:
                    aa:3f:f4:9b:ea:85:b1:22:a4:7b:c4:f3:39:14:4b:
                    20:38:72:16:96:20:2a:b3:fe:f0:b7:1c:36:54:58:
                    fe:1c:9d:35:b9:1e:4c:41:29:b4:60:55:e1:9b:32:
                    b4:9f:4b:d3:92:78:04:7f:bf:84:80:c9:12:02:38:
                    f2:d6:ba:10:5c:f7:7e:9e:1d:d2:cf:e2:dc:51:48:
                    4e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:BE:4A:9F:EB:F4:B2:82:E3:AA:1B:06:C1:AE:58:11:33:B7:8D:68
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ab4a3c03-3acb-4186-b0e7-7408697ce8d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:3a:6a:ad:87:ee:88:21:80:79:0b:bc:e1:b0:a8:b3:24:cd:
         f6:19:a8:85:f7:54:d8:ee:bd:2f:91:4c:3b:8c:a2:3f:33:51:
         60:27:c4:31:b9:c7:25:96:6f:4c:11:7f:c1:4d:51:3d:0a:18:
         49:bd:35:79:63:28:61:a4:c7:39:3a:b3:43:0a:20:3d:16:a6:
         f9:59:17:2b:9c:89:fc:6c:83:60:1b:51:a3:9d:8e:f8:2e:ac:
         54:f5:72:86:33:50:af:40:c7:2c:4e:1c:ea:43:4c:8e:ee:a6:
         f6:8d:e1:ec:5f:c5:57:fc:16:6f:00:e6:76:a0:c3:d8:cf:53:
         1f:95:81:8e:bd:a4:87:25:08:27:b6:dd:63:6b:df:06:bf:79:
         9b:2d:d5:a1:4c:32:94:dd:ac:4b:ab:3f:7e:e3:30:bf:b3:90:
         f3:0f:a7:e3:12:94:99:6d:95:b6:1e:c8:5e:22:23:c0:04:1f:
         76:25:a5:6c:f7:2f:04:04:a3:42:25:42:98:cb:6d:e2:04:65:
         b3:45:ac:88:f3:87:bf:a9:36:f0:ba:f4:34:27:e4:93:0a:34:
         08:c4:8b:e9:9d:42:56:62:b3:88:ec:c2:08:c0:f8:26:89:0c:
         82:b0:2a:c8:71:4d:e7:20:e1:a4:91:4f:74:58:b0:0c:ca:7d:
         5a:d4:71:37
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBJtcQfJ/eZcEjy4tJdpFgqp4TGUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDA0MjMyMzIwWhcNMjUwNTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODdlNGIyYjc2YmFhY2QzYWEzMjIxYWU4OTBlOTJlZTZk
YTdiMmNmZmM2ZmUwZDA5OGNkZDUwMzU4OTY4MTM1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDt7kpSF5kqSG1oe6FSLlNES8On7GqpTt2OAVpcPX73dyWe
OU+MTqsCSSuJit3zx/PcGLR2U8d7uekHuK5yxc9p8NmtXJB3fUzcrRUpQE6dpgOr
T+WULYYf3Mp4F0JU+WC6TWtXnbMYkXI2MdfGoJ/9Qn51QCxgmtHfoLiEwVJnfT3t
R3ffqbzSu1RjLXd+lTe/y/Q6BmNRQehUIRik6RmSOs6htFOliBujwPWhG0vsAR2k
Jqo/9JvqhbEipHvE8zkUSyA4chaWICqz/vC3HDZUWP4cnTW5HkxBKbRgVeGbMrSf
S9OSeAR/v4SAyRICOPLWuhBc936eHdLP4txRSE7HAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUC75Kn+v0soLjqhsGwa5YETO3jWgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FiNGEzYzAzLTNhY2ItNDE4Ni1iMGU3LTc0MDg2OTdjZThkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA06aq2H7oghgHkLvOGwqLMkzfYZ
qIX3VNjuvS+RTDuMoj8zUWAnxDG5xyWWb0wRf8FNUT0KGEm9NXljKGGkxzk6s0MK
ID0WpvlZFyucifxsg2AbUaOdjvgurFT1coYzUK9AxyxOHOpDTI7upvaN4exfxVf8
Fm8A5nagw9jPUx+VgY69pIclCCe23WNr3wa/eZst1aFMMpTdrEurP37jML+zkPMP
p+MSlJltlbYeyF4iI8AEH3YlpWz3LwQEo0IlQpjLbeIEZbNFrIjzh7+pNvC69DQn
5JMKNAjEi+mdQlZis4jswgjA+CaJDIKwKshxTecg4aSRT3RYsAzKfVrUcTc=
-----END CERTIFICATE-----