Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/abb4cc59-0bf4-47e7-902e-f6028118e501.roa
File:                     abb4cc59-0bf4-47e7-902e-f6028118e501.roa (raw, json)
Hash identifier:          NIjRchaJCjqTEtRutRg53Jl/zjqg+RVTRlojapkXy6I=
Subject key identifier:   06:A2:4A:F5:E2:6E:A2:9A:97:EE:44:6B:8F:86:E1:ED:A0:BE:F1:AB
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       67209373349C6347D9169CA4B960EE340982FB28
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/abb4cc59-0bf4-47e7-902e-f6028118e501.roa
Signing time:             Mon 19 May 2025 22:33:12 +0000
ROA not before:           Mon 19 May 2025 22:33:12 +0000
ROA not after:            Mon 23 Jun 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 19 May 2025 22:53:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:20:93:73:34:9c:63:47:d9:16:9c:a4:b9:60:ee:34:09:82:fb:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 19 22:33:12 2025 GMT
            Not After : Jun 23 23:59:59 2025 GMT
        Subject: serialNumber=21758eadb41e025dea5e890d62bc238c25ab3b220ebcafa8b6675e34fd870946, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c6:70:d3:70:c2:d5:32:7d:16:e4:3a:4d:8e:
                    46:b4:6c:bd:f4:25:ae:c2:10:96:22:ae:94:eb:15:
                    85:aa:1f:dd:2a:c7:62:ea:1e:1b:7c:cb:31:c5:c2:
                    14:7a:1a:5f:d3:68:61:3c:2a:b3:f2:c4:b4:17:84:
                    b5:f3:86:b1:1d:b1:44:9d:bd:a6:8a:ab:68:07:03:
                    40:46:41:a7:f6:1e:e3:dd:23:c4:7a:e6:53:dd:66:
                    f7:b1:94:6a:01:c1:1e:a5:8e:fd:f3:b9:b3:6f:b6:
                    58:d6:4d:c2:db:2b:68:04:05:21:06:62:9d:b4:1e:
                    0b:9f:f3:82:f3:4f:b0:c2:51:93:49:90:82:cd:31:
                    71:07:ce:58:af:65:06:cf:f2:07:cf:bc:1a:4d:58:
                    77:83:eb:9f:30:b8:57:53:ff:51:ff:56:fe:11:1d:
                    f5:73:85:16:35:7b:53:95:ca:e0:78:91:2c:4f:2e:
                    fd:0d:fc:70:fb:50:83:9b:c7:8d:b4:f7:3b:8c:88:
                    53:f7:c5:ee:1c:98:41:96:eb:c6:a1:5a:0b:2f:e0:
                    f6:25:2d:4f:dd:f8:fe:5d:f4:89:64:35:09:48:b8:
                    94:92:b8:2c:f0:18:7b:4a:5f:e9:6c:11:17:93:20:
                    5c:d0:f0:89:21:aa:10:17:07:f3:a9:a2:bb:69:2d:
                    04:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:A2:4A:F5:E2:6E:A2:9A:97:EE:44:6B:8F:86:E1:ED:A0:BE:F1:AB
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/abb4cc59-0bf4-47e7-902e-f6028118e501.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:f4:c2:8c:56:64:1a:1d:6d:76:76:78:ad:59:86:e7:ad:aa:
         30:ba:4a:2b:1c:4b:c3:fc:f8:d3:8f:ea:f4:23:ac:e0:fe:12:
         6d:35:c6:f7:15:46:95:85:a4:00:08:56:c1:23:c4:40:dc:42:
         04:36:09:2a:7f:31:3a:f6:01:a0:1d:2c:7a:48:0f:4d:1a:0b:
         df:48:0c:50:82:7c:17:42:8d:4b:23:2b:0d:d3:49:86:5c:2f:
         1f:3b:fe:d6:d4:f8:8e:2a:da:67:11:2d:af:6e:ab:07:91:ba:
         41:f2:57:d4:f8:2a:2f:fb:84:48:af:ae:02:c9:1e:bb:ba:f1:
         64:ea:83:02:b4:48:a9:df:9d:dd:43:8b:f7:a0:55:46:2f:87:
         0b:dd:83:94:5b:5a:0e:b8:c0:5a:de:62:2f:b6:24:69:32:32:
         56:a1:7c:55:8e:78:ef:19:46:0a:ac:2f:9c:ac:da:4d:bd:ed:
         90:c5:4f:23:a2:e0:1a:a7:b7:94:1e:2f:9e:e6:24:8d:4a:cf:
         6a:b0:a8:33:64:10:19:6b:b3:44:00:ee:21:69:67:52:e9:85:
         9e:03:d9:0b:9f:78:9c:3d:9a:8b:65:ab:28:cf:5f:05:84:cc:
         91:71:bd:2f:6e:2f:73:5c:4e:af:9c:c3:a4:88:2b:90:9f:3e:
         88:60:f5:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZyCTczScY0fZFpykuWDuNAmC+ygwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTE5MjIzMzEyWhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMTc1OGVhZGI0MWUwMjVkZWE1ZTg5MGQ2MmJjMjM4YzI1
YWIzYjIyMGViY2FmYThiNjY3NWUzNGZkODcwOTQ2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6xnDTcMLVMn0W5DpNjka0bL30Ja7CEJYirpTrFYWqH90q
x2LqHht8yzHFwhR6Gl/TaGE8KrPyxLQXhLXzhrEdsUSdvaaKq2gHA0BGQaf2HuPd
I8R65lPdZvexlGoBwR6ljv3zubNvtljWTcLbK2gEBSEGYp20Hguf84LzT7DCUZNJ
kILNMXEHzlivZQbP8gfPvBpNWHeD658wuFdT/1H/Vv4RHfVzhRY1e1OVyuB4kSxP
Lv0N/HD7UIObx4209zuMiFP3xe4cmEGW68ahWgsv4PYlLU/d+P5d9IlkNQlIuJSS
uCzwGHtKX+lsEReTIFzQ8IkhqhAXB/OportpLQSfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBqJK9eJuopqX7kRrj4bh7aC+8aswHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2FiYjRjYzU5LTBiZjQtNDdlNy05MDJlLWY2MDI4MTE4ZTUwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALH0woxWZBodbXZ2eK1ZhuetqjC6
SiscS8P8+NOP6vQjrOD+Em01xvcVRpWFpAAIVsEjxEDcQgQ2CSp/MTr2AaAdLHpI
D00aC99IDFCCfBdCjUsjKw3TSYZcLx87/tbU+I4q2mcRLa9uqweRukHyV9T4Ki/7
hEivrgLJHru68WTqgwK0SKnfnd1Di/egVUYvhwvdg5RbWg64wFreYi+2JGkyMlah
fFWOeO8ZRgqsL5ys2k297ZDFTyOi4Bqnt5QeL57mJI1Kz2qwqDNkEBlrs0QA7iFp
Z1LphZ4D2QufeJw9motlqyjPXwWEzJFxvS9uL3NcTq+cw6SIK5CfPohg9Vk=
-----END CERTIFICATE-----