Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ee4206f9-f17d-45dc-9362-c17c926ad59b.roa
File:                     ee4206f9-f17d-45dc-9362-c17c926ad59b.roa (raw, json)
Hash identifier:          64fea62QJH7nSr0Eh6eTvhO2TeEyubLoBcojh/1RHCE=
Subject key identifier:   19:6E:C3:88:8D:2C:1D:3E:94:E5:B0:24:9B:D4:FC:9C:3E:7A:00:20
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       32E2F8E01F7CB07418C543772FBB05369B31CCF3
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ee4206f9-f17d-45dc-9362-c17c926ad59b.roa
Signing time:             Thu 24 Apr 2025 02:33:17 +0000
ROA not before:           Thu 24 Apr 2025 02:33:17 +0000
ROA not after:            Thu 29 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 24 Apr 2025 02:48:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:e2:f8:e0:1f:7c:b0:74:18:c5:43:77:2f:bb:05:36:9b:31:cc:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 24 02:33:17 2025 GMT
            Not After : May 29 23:59:59 2025 GMT
        Subject: serialNumber=2fde20d78ed744a8183ebe353d9b3cbb4d4075162e8cd06f173141b4c342ccce, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8d:75:96:5f:c7:35:a2:b2:c2:10:72:c1:ec:
                    9b:1b:30:7b:89:af:bc:28:36:39:c0:8c:14:3a:9d:
                    2d:7e:48:27:1f:f0:98:bf:ae:c9:fa:62:b9:a0:9e:
                    c9:ed:fa:c1:6f:54:9c:66:dc:72:b2:56:81:ae:fa:
                    0a:d8:6d:87:7a:f0:f9:5f:50:c1:9d:ea:f3:c9:c6:
                    dc:a8:9d:b7:c1:9a:e8:a4:c8:7d:ec:f4:e9:94:00:
                    97:49:38:63:2c:d8:ac:36:e1:c0:58:39:7c:63:ca:
                    5f:9e:bc:cd:5a:f7:cb:0d:ff:1b:3d:aa:04:f0:16:
                    e6:3f:70:6e:fa:ce:5d:3a:f9:d4:8b:43:0c:17:4e:
                    33:50:a9:41:dd:0e:e1:ca:71:bc:4c:03:85:a8:2d:
                    0e:56:fd:f6:c6:2b:90:ec:74:c6:3f:fb:eb:e9:89:
                    7e:4c:23:f8:37:9c:32:1c:84:33:cc:78:13:30:a7:
                    54:5e:e9:7b:c8:de:86:01:f0:d8:07:dc:e2:50:ee:
                    ea:4b:e6:2b:f0:a9:7e:65:e1:87:06:f6:42:72:c7:
                    e3:70:87:53:b5:2d:71:81:0a:8b:52:e6:f4:19:80:
                    58:6b:ab:84:da:91:1a:35:f1:55:a6:3f:4c:5d:d3:
                    b9:6a:cc:8e:3f:38:3f:10:33:88:cc:13:4d:2c:fa:
                    25:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:6E:C3:88:8D:2C:1D:3E:94:E5:B0:24:9B:D4:FC:9C:3E:7A:00:20
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/ee4206f9-f17d-45dc-9362-c17c926ad59b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:df:02:9d:4f:3c:7c:8f:4f:03:a8:57:77:0a:9a:03:db:7f:
         22:df:fc:67:05:26:c6:a1:f4:22:d3:c0:c9:78:70:a5:c0:57:
         c9:5f:d7:36:e3:b5:33:a5:6e:d7:d9:d5:db:ab:36:db:f2:d7:
         53:d4:5c:f9:a2:e8:c4:aa:1b:6f:f5:88:e6:c6:20:ee:f2:bc:
         f5:11:16:06:ef:40:71:4c:c4:dc:2c:2f:b0:31:72:9f:45:63:
         11:3b:29:cc:57:5a:11:03:d7:e7:05:13:40:69:2b:93:3a:bd:
         af:91:60:40:d4:04:da:7d:3f:93:5e:73:bb:0a:17:38:09:4a:
         26:3b:55:61:a9:6b:59:0d:f6:d1:25:bb:1d:a9:84:00:04:57:
         b8:c9:47:81:54:f6:5a:f9:b4:32:f7:d1:5f:bf:de:4a:60:92:
         38:b4:94:fc:6b:a8:9a:53:af:5c:e2:84:e0:3b:d2:45:9f:98:
         e8:10:3a:ef:6e:b7:3e:3d:06:68:7c:85:a5:b6:1f:07:f8:c6:
         2c:12:d5:08:ef:68:cf:56:f7:4d:14:c2:af:21:0e:5f:dc:2d:
         02:7f:35:d4:1e:e6:22:c3:c0:33:36:d1:9a:53:e3:3a:34:85:
         6c:64:9f:28:d8:ed:11:0a:d9:57:5d:98:04:d4:5f:97:58:dc:
         22:45:b6:b0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMuL44B98sHQYxUN3L7sFNpsxzPMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDI0MDIzMzE3WhcNMjUwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZmRlMjBkNzhlZDc0NGE4MTgzZWJlMzUzZDliM2NiYjRk
NDA3NTE2MmU4Y2QwNmYxNzMxNDFiNGMzNDJjY2NlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/jXWWX8c1orLCEHLB7JsbMHuJr7woNjnAjBQ6nS1+SCcf
8Ji/rsn6Yrmgnsnt+sFvVJxm3HKyVoGu+grYbYd68PlfUMGd6vPJxtyonbfBmuik
yH3s9OmUAJdJOGMs2Kw24cBYOXxjyl+evM1a98sN/xs9qgTwFuY/cG76zl06+dSL
QwwXTjNQqUHdDuHKcbxMA4WoLQ5W/fbGK5DsdMY/++vpiX5MI/g3nDIchDPMeBMw
p1Re6XvI3oYB8NgH3OJQ7upL5ivwqX5l4YcG9kJyx+Nwh1O1LXGBCotS5vQZgFhr
q4TakRo18VWmP0xd07lqzI4/OD8QM4jME00s+iWLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGW7DiI0sHT6U5bAkm9T8nD56ACAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2VlNDIwNmY5LWYxN2QtNDVkYy05MzYyLWMxN2M5MjZhZDU5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGbfAp1PPHyPTwOoV3cKmgPbfyLf
/GcFJsah9CLTwMl4cKXAV8lf1zbjtTOlbtfZ1durNtvy11PUXPmi6MSqG2/1iObG
IO7yvPURFgbvQHFMxNwsL7Axcp9FYxE7KcxXWhED1+cFE0BpK5M6va+RYEDUBNp9
P5Nec7sKFzgJSiY7VWGpa1kN9tElux2phAAEV7jJR4FU9lr5tDL30V+/3kpgkji0
lPxrqJpTr1zihOA70kWfmOgQOu9utz49Bmh8haW2Hwf4xiwS1QjvaM9W900Uwq8h
Dl/cLQJ/NdQe5iLDwDM20ZpT4zo0hWxknyjY7REK2VddmATUX5dY3CJFtrA=
-----END CERTIFICATE-----