Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ea8b12e9-94bb-4795-9cb7-7c4082fcf705.roa
File:                     ea8b12e9-94bb-4795-9cb7-7c4082fcf705.roa (raw, json)
Hash identifier:          PQMuCIZVOA31K9aMviaipE/r4nLvUbuTedSjdZ6iBXo=
Subject key identifier:   0B:4C:FA:94:E6:32:4E:D9:A4:5E:61:02:9A:D8:5C:D6:CF:00:B3:B7
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       1108CECC19A0D3DAB9FD52B3346102E369688D30
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ea8b12e9-94bb-4795-9cb7-7c4082fcf705.roa
Signing time:             Thu 15 May 2025 16:03:19 +0000
ROA not before:           Thu 15 May 2025 16:03:19 +0000
ROA not after:            Thu 19 Jun 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 15 May 2025 16:23:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:08:ce:cc:19:a0:d3:da:b9:fd:52:b3:34:61:02:e3:69:68:8d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 15 16:03:19 2025 GMT
            Not After : Jun 19 23:59:59 2025 GMT
        Subject: serialNumber=1b6f588cbb56848f78b96fefb1ddb2b3f9b16dc0c4a7004ba65a27b85b17adca, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5f:16:ae:59:83:cb:ad:cc:6a:fe:b9:33:54:
                    99:be:52:f1:93:1a:a3:60:2c:07:0f:58:b4:2f:9b:
                    12:86:6d:59:a2:07:de:cf:36:d9:88:e2:48:ad:8f:
                    c9:b1:d8:d8:13:11:66:4c:1a:52:ea:22:cf:bd:e7:
                    85:f5:f0:7b:6a:ef:49:34:f1:47:c4:20:f2:d4:a6:
                    cf:4e:01:71:a5:f0:64:41:0d:28:57:96:30:59:60:
                    c3:99:2f:75:17:fa:5b:1f:ed:d6:94:8e:f4:34:d5:
                    e1:1d:05:a6:11:12:8f:57:bf:0e:f9:53:1d:82:1a:
                    cb:96:af:11:d9:9b:80:a1:ce:4d:2d:8d:d3:68:4c:
                    8e:42:c0:89:1e:01:15:83:7d:a0:64:f8:10:55:8c:
                    46:4c:7d:89:bd:2d:0f:44:ec:c8:e2:7a:0d:86:17:
                    2c:ea:a8:8d:70:88:2e:05:02:26:60:c4:34:d7:dd:
                    83:f7:71:e2:99:00:2f:3c:a6:e9:9a:6d:dc:8b:dd:
                    4d:79:29:f4:00:61:b3:62:22:c6:0c:54:9c:66:0c:
                    5a:25:cb:a2:03:bc:6c:3c:35:b6:95:57:5d:0a:ad:
                    a1:4c:cb:55:4f:00:92:f0:8a:8d:ba:df:e5:49:b8:
                    4c:b9:f7:ca:b7:8f:69:24:45:2a:77:d9:19:4a:0c:
                    7a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:4C:FA:94:E6:32:4E:D9:A4:5E:61:02:9A:D8:5C:D6:CF:00:B3:B7
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ea8b12e9-94bb-4795-9cb7-7c4082fcf705.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:c8:78:80:3a:dd:2a:34:ac:8f:b1:a8:4d:54:08:98:c6:59:
         11:0d:e5:76:0d:7d:99:54:50:8e:54:0c:05:ab:a4:91:ab:51:
         54:af:07:b8:ab:b5:83:bd:7a:cf:af:41:13:46:d6:bb:59:33:
         50:12:34:e4:a5:ae:06:8e:31:cc:e2:35:74:48:ce:a5:b4:aa:
         a4:51:c5:7c:ab:92:1d:13:81:96:b0:74:f0:8b:09:3c:76:f4:
         4f:cd:f6:93:6b:6e:b2:e2:44:e5:07:aa:5f:6d:be:58:78:85:
         f3:b9:b3:af:95:42:c1:a5:4e:68:29:6c:7d:de:36:5e:bc:f6:
         1d:6a:a5:b8:16:f9:bc:b5:fb:10:dd:66:7c:c3:fe:bd:aa:e7:
         88:0e:f6:53:57:2e:2e:e3:2d:3a:43:cd:df:ac:26:c7:24:84:
         43:eb:fa:09:6e:7a:00:cf:35:e4:93:8e:23:c9:46:9e:e7:4b:
         06:8a:cc:99:76:0f:f3:2d:63:71:75:c8:ff:db:c4:47:8b:f0:
         18:36:59:10:ae:4f:3c:c9:81:25:6b:04:11:c5:1f:b0:08:65:
         b4:ef:30:7f:0b:02:59:2b:8f:85:5d:53:9d:12:2b:49:c3:e0:
         b0:27:b9:84:5d:36:4f:d7:8f:fd:95:80:a8:3d:b3:90:a7:e0:
         cd:4f:46:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEQjOzBmg09q5/VKzNGEC42lojTAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTE1MTYwMzE5WhcNMjUwNjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjZmNTg4Y2JiNTY4NDhmNzhiOTZmZWZiMWRkYjJiM2Y5
YjE2ZGMwYzRhNzAwNGJhNjVhMjdiODViMTdhZGNhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnXxauWYPLrcxq/rkzVJm+UvGTGqNgLAcPWLQvmxKGbVmi
B97PNtmI4kitj8mx2NgTEWZMGlLqIs+954X18Htq70k08UfEIPLUps9OAXGl8GRB
DShXljBZYMOZL3UX+lsf7daUjvQ01eEdBaYREo9Xvw75Ux2CGsuWrxHZm4Chzk0t
jdNoTI5CwIkeARWDfaBk+BBVjEZMfYm9LQ9E7Mjieg2GFyzqqI1wiC4FAiZgxDTX
3YP3ceKZAC88pumabdyL3U15KfQAYbNiIsYMVJxmDFoly6IDvGw8NbaVV10KraFM
y1VPAJLwio263+VJuEy598q3j2kkRSp32RlKDHplAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUC0z6lOYyTtmkXmECmthc1s8As7cwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2VhOGIxMmU5LTk0YmItNDc5NS05Y2I3LTdjNDA4MmZjZjcwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGzIeIA63So0rI+xqE1UCJjGWREN
5XYNfZlUUI5UDAWrpJGrUVSvB7irtYO9es+vQRNG1rtZM1ASNOSlrgaOMcziNXRI
zqW0qqRRxXyrkh0TgZawdPCLCTx29E/N9pNrbrLiROUHql9tvlh4hfO5s6+VQsGl
TmgpbH3eNl689h1qpbgW+by1+xDdZnzD/r2q54gO9lNXLi7jLTpDzd+sJsckhEPr
+gluegDPNeSTjiPJRp7nSwaKzJl2D/MtY3F1yP/bxEeL8Bg2WRCuTzzJgSVrBBHF
H7AIZbTvMH8LAlkrj4VdU50SK0nD4LAnuYRdNk/Xj/2VgKg9s5Cn4M1PRkk=
-----END CERTIFICATE-----