Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d9f39317-f831-4568-8c27-29c6bc2b68d6.roa
File:                     d9f39317-f831-4568-8c27-29c6bc2b68d6.roa (raw, json)
Hash identifier:          5EEk5UYWieKRBMqpeHH9JEo2qNFGCGTWr1C693m+SFA=
Subject key identifier:   E1:9F:35:27:8F:36:3D:9F:DC:FA:6C:32:E4:4C:81:39:D6:D9:5F:14
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2189678F57C34D9C7ED2D681299D81CCF3832C81
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d9f39317-f831-4568-8c27-29c6bc2b68d6.roa
Signing time:             Tue 15 Apr 2025 09:08:19 +0000
ROA not before:           Tue 15 Apr 2025 09:08:19 +0000
ROA not after:            Tue 20 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Tue 15 Apr 2025 09:28:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:89:67:8f:57:c3:4d:9c:7e:d2:d6:81:29:9d:81:cc:f3:83:2c:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 15 09:08:19 2025 GMT
            Not After : May 20 23:59:59 2025 GMT
        Subject: serialNumber=b808e0917402b6e0bf91c539383295698b19984c9794f087c09d176b07a04254, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:32:b2:a4:6e:c9:85:eb:0a:d6:f8:25:1d:d1:
                    81:16:39:d7:f0:0f:0d:64:af:c4:d4:cf:5d:7c:0e:
                    32:16:07:fa:80:ba:b4:02:48:33:a3:81:25:96:28:
                    21:da:e8:79:59:10:67:95:d6:0a:8d:31:50:1d:05:
                    f1:ee:7f:97:3b:27:2c:a8:fe:a9:ca:19:76:e7:73:
                    0e:1b:b5:be:b9:70:8c:d0:dd:9f:f1:ad:fb:44:fc:
                    bb:29:25:48:86:bb:c2:bb:28:99:8e:87:b8:59:2d:
                    3b:ce:97:89:d8:fc:6d:8d:db:f6:ea:42:ae:74:b6:
                    37:11:4b:66:99:f3:48:11:d6:2b:ec:ed:36:f6:df:
                    05:4b:7c:fa:46:7a:8e:f6:5c:08:4e:72:ac:9d:0e:
                    e6:9a:3b:bc:2a:c0:0c:ef:a9:4c:90:fb:f9:17:52:
                    30:38:63:7f:5f:ec:49:1c:67:71:d6:c2:91:3b:9d:
                    d7:37:7d:83:0c:e7:f1:21:48:f4:ab:ab:8f:0c:ea:
                    fe:25:67:bb:45:17:74:e2:e3:e9:30:16:8d:cb:e6:
                    63:64:05:b6:36:d1:7c:1b:bf:3b:96:f6:30:53:42:
                    71:01:c5:da:12:2a:cb:89:23:10:db:a8:eb:5b:3f:
                    de:77:bb:6b:44:9a:13:0d:59:46:c9:eb:e1:b5:fb:
                    63:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:9F:35:27:8F:36:3D:9F:DC:FA:6C:32:E4:4C:81:39:D6:D9:5F:14
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d9f39317-f831-4568-8c27-29c6bc2b68d6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:3b:c1:04:f5:b1:2b:c6:44:c3:37:5a:84:52:82:d2:db:78:
         d4:f0:c3:10:7b:d7:74:8e:fc:27:39:25:a1:8f:c8:c9:5d:bf:
         ec:21:f1:d3:d4:ce:73:04:1e:f1:57:1d:4b:3a:48:e3:96:6b:
         d3:0e:12:b3:b4:b2:95:8a:76:66:d8:ad:35:56:cc:4e:11:86:
         99:33:db:fd:6a:d9:0a:86:7c:74:3d:ce:f2:75:eb:94:8f:53:
         39:72:47:22:70:00:73:78:98:d2:27:0c:cf:04:14:4a:22:8c:
         6c:3e:5c:c5:25:7b:64:7d:60:69:c8:00:32:41:4b:43:22:dc:
         fb:c5:ed:03:f5:e3:ea:3c:9a:9d:fe:80:f2:ca:c2:8a:81:8d:
         c5:a2:ab:73:e4:b1:e5:29:87:e1:78:72:22:90:41:6a:ed:aa:
         ec:77:8f:78:0e:8c:c0:1f:64:9f:05:b2:a3:69:f6:92:31:cb:
         63:de:77:94:f4:a5:96:80:2b:07:61:3f:bb:d9:b0:d6:4d:f4:
         0d:03:de:eb:6d:03:37:b8:08:fa:8c:aa:81:75:00:27:c8:02:
         2e:4a:96:2a:89:80:4d:d1:6b:6c:a5:c3:c8:af:5f:64:67:a0:
         f3:94:82:93:b6:d1:45:98:42:ee:f0:af:f7:68:ee:29:37:a0:
         e8:e2:cf:8d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIYlnj1fDTZx+0taBKZ2BzPODLIEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDE1MDkwODE5WhcNMjUwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiODA4ZTA5MTc0MDJiNmUwYmY5MWM1MzkzODMyOTU2OThi
MTk5ODRjOTc5NGYwODdjMDlkMTc2YjA3YTA0MjU0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2MrKkbsmF6wrW+CUd0YEWOdfwDw1kr8TUz118DjIWB/qA
urQCSDOjgSWWKCHa6HlZEGeV1gqNMVAdBfHuf5c7Jyyo/qnKGXbncw4btb65cIzQ
3Z/xrftE/LspJUiGu8K7KJmOh7hZLTvOl4nY/G2N2/bqQq50tjcRS2aZ80gR1ivs
7Tb23wVLfPpGeo72XAhOcqydDuaaO7wqwAzvqUyQ+/kXUjA4Y39f7EkcZ3HWwpE7
ndc3fYMM5/EhSPSrq48M6v4lZ7tFF3Ti4+kwFo3L5mNkBbY20XwbvzuW9jBTQnEB
xdoSKsuJIxDbqOtbP953u2tEmhMNWUbJ6+G1+2O7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4Z81J482PZ/c+mwy5EyBOdbZXxQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q5ZjM5MzE3LWY4MzEtNDU2OC04YzI3LTI5YzZiYzJiNjhkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACU7wQT1sSvGRMM3WoRSgtLbeNTw
wxB713SO/Cc5JaGPyMldv+wh8dPUznMEHvFXHUs6SOOWa9MOErO0spWKdmbYrTVW
zE4Rhpkz2/1q2QqGfHQ9zvJ165SPUzlyRyJwAHN4mNInDM8EFEoijGw+XMUle2R9
YGnIADJBS0Mi3PvF7QP14+o8mp3+gPLKwoqBjcWiq3PkseUph+F4ciKQQWrtqux3
j3gOjMAfZJ8FsqNp9pIxy2Ped5T0pZaAKwdhP7vZsNZN9A0D3uttAze4CPqMqoF1
ACfIAi5KliqJgE3Ra2ylw8ivX2RnoPOUgpO20UWYQu7wr/do7ik3oOjiz40=
-----END CERTIFICATE-----