Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b176f402-c8e4-43c1-9be8-fcd2256ed671.roa
File:                     b176f402-c8e4-43c1-9be8-fcd2256ed671.roa (raw, json)
Hash identifier:          VhF1QIF25ZakRxox6u5bed8PI+Pus3kXN5lawq3hk3A=
Subject key identifier:   B6:39:22:9D:04:6D:2E:22:A1:BA:FE:CB:F9:D7:49:BA:2F:B2:AF:09
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       14EA950E19410FB67598D473A97B30704E15AB06
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b176f402-c8e4-43c1-9be8-fcd2256ed671.roa
Signing time:             Sun 20 Apr 2025 06:13:21 +0000
ROA not before:           Sun 20 Apr 2025 06:13:21 +0000
ROA not after:            Sun 25 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 20 Apr 2025 06:33:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:ea:95:0e:19:41:0f:b6:75:98:d4:73:a9:7b:30:70:4e:15:ab:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 20 06:13:21 2025 GMT
            Not After : May 25 23:59:59 2025 GMT
        Subject: serialNumber=010b6efadf7839600daa717a41350c4f7d1a52c94076d609009adfc8ea68c779, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:65:6d:1f:d1:ed:8c:e0:6b:d3:17:50:93:08:
                    e9:59:e7:71:05:ae:f5:6b:0c:2b:13:9f:d3:41:77:
                    e6:0c:a4:c6:d0:a0:15:e4:2e:91:f3:60:1d:86:52:
                    d3:23:7c:1b:61:84:51:47:80:62:ec:fb:6e:a8:e4:
                    f4:7b:45:81:c9:63:fc:54:7c:6a:f3:db:8d:3d:3e:
                    6d:64:d3:42:f1:fc:74:16:7e:62:8f:c3:e5:8d:3e:
                    9b:19:86:5a:39:56:1d:39:41:dd:76:fa:b6:3f:4f:
                    9d:1c:cd:ae:75:cc:83:e1:8d:8f:05:db:99:b4:63:
                    18:d4:eb:9c:73:ce:1b:8b:4c:b7:9c:67:e1:c5:f4:
                    b2:a4:5e:66:f3:ae:85:b9:94:c9:84:19:d4:e8:c0:
                    81:7a:4f:e7:81:8b:a4:d8:09:67:63:da:63:bc:ad:
                    2b:15:43:0e:90:32:90:0c:26:ce:4d:35:29:14:5c:
                    5b:95:46:b1:98:de:ea:e4:fc:c0:b6:90:d5:74:8b:
                    d4:01:6c:69:f6:23:6e:d1:20:94:11:97:66:15:46:
                    43:bf:f2:1c:f6:14:d2:97:b1:f1:e5:73:da:42:b4:
                    6a:15:14:88:2d:4f:01:ec:82:d7:5e:a0:e2:0c:2c:
                    1c:57:9d:0b:70:25:22:76:bf:13:58:45:8e:a2:07:
                    3b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:39:22:9D:04:6D:2E:22:A1:BA:FE:CB:F9:D7:49:BA:2F:B2:AF:09
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b176f402-c8e4-43c1-9be8-fcd2256ed671.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:cf:84:b1:69:80:a7:1d:d7:c3:38:94:b5:df:fe:ce:41:c0:
         a7:b2:29:81:7d:26:3d:e9:5a:c2:4e:32:18:75:b5:04:88:5c:
         e7:07:c1:ec:f6:56:11:a8:c8:7b:39:3f:ee:d0:34:ee:d7:65:
         30:a9:fc:a3:4b:f0:cf:c7:1f:93:db:64:25:6f:49:f5:a9:15:
         1f:5f:3c:7b:ef:2d:e1:6b:0d:57:0a:8a:7d:4a:94:4b:c0:7d:
         56:11:b9:b8:9d:4f:fe:08:0d:18:68:68:d6:c9:5a:7d:a9:5f:
         1b:c9:49:16:bb:38:59:83:f8:a4:ca:f7:53:45:31:d1:97:b5:
         e4:a4:e6:1c:8b:da:22:fd:44:e9:7a:60:a8:87:d7:0d:99:09:
         c6:07:a2:9a:ad:90:63:62:95:a5:e4:b9:c3:9f:35:c4:a6:34:
         7b:7d:85:10:6d:d4:54:34:fa:8d:17:b4:76:0d:42:6c:25:d3:
         c7:d6:4e:9c:f2:65:e9:ab:23:d5:6a:2c:ae:da:be:c9:4c:48:
         c2:15:21:f1:d4:2e:c7:85:93:1a:87:33:d0:f7:fd:a4:3d:9c:
         40:7d:5c:28:57:47:19:7c:1c:92:29:58:31:a7:9c:26:31:d6:
         4d:5b:3a:7c:72:f4:26:50:4c:56:75:3b:d0:7f:fc:7b:d0:cf:
         db:86:78:15
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFOqVDhlBD7Z1mNRzqXswcE4VqwYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDIwMDYxMzIxWhcNMjUwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTBiNmVmYWRmNzgzOTYwMGRhYTcxN2E0MTM1MGM0Zjdk
MWE1MmM5NDA3NmQ2MDkwMDlhZGZjOGVhNjhjNzc5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgZW0f0e2M4GvTF1CTCOlZ53EFrvVrDCsTn9NBd+YMpMbQ
oBXkLpHzYB2GUtMjfBthhFFHgGLs+26o5PR7RYHJY/xUfGrz2409Pm1k00Lx/HQW
fmKPw+WNPpsZhlo5Vh05Qd12+rY/T50cza51zIPhjY8F25m0YxjU65xzzhuLTLec
Z+HF9LKkXmbzroW5lMmEGdTowIF6T+eBi6TYCWdj2mO8rSsVQw6QMpAMJs5NNSkU
XFuVRrGY3urk/MC2kNV0i9QBbGn2I27RIJQRl2YVRkO/8hz2FNKXsfHlc9pCtGoV
FIgtTwHsgtdeoOIMLBxXnQtwJSJ2vxNYRY6iBzvLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtjkinQRtLiKhuv7L+ddJui+yrwkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2IxNzZmNDAyLWM4ZTQtNDNjMS05YmU4LWZjZDIyNTZlZDY3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABzPhLFpgKcd18M4lLXf/s5BwKey
KYF9Jj3pWsJOMhh1tQSIXOcHwez2VhGoyHs5P+7QNO7XZTCp/KNL8M/HH5PbZCVv
SfWpFR9fPHvvLeFrDVcKin1KlEvAfVYRubidT/4IDRhoaNbJWn2pXxvJSRa7OFmD
+KTK91NFMdGXteSk5hyL2iL9ROl6YKiH1w2ZCcYHopqtkGNilaXkucOfNcSmNHt9
hRBt1FQ0+o0XtHYNQmwl08fWTpzyZemrI9VqLK7avslMSMIVIfHULseFkxqHM9D3
/aQ9nEB9XChXRxl8HJIpWDGnnCYx1k1bOnxy9CZQTFZ1O9B//HvQz9uGeBU=
-----END CERTIFICATE-----