Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/eee621db-916e-4241-afe5-8d3c26e2fdaa.roa
File:                     eee621db-916e-4241-afe5-8d3c26e2fdaa.roa (raw, json)
Hash identifier:          Oel/YxboOK67MKnfjrGKaJImg+HGPQ0rOYfiUAt9a3A=
Subject key identifier:   DC:AA:2A:B7:93:F6:1F:35:E1:38:48:C0:98:4E:A6:91:88:A4:4B:DB
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       47DD50D911D6ED3B24415C584F5A6BD3F99EAC26
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/eee621db-916e-4241-afe5-8d3c26e2fdaa.roa
Signing time:             Mon 12 May 2025 00:38:20 +0000
ROA not before:           Mon 12 May 2025 00:38:20 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 12 May 2025 00:58:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:dd:50:d9:11:d6:ed:3b:24:41:5c:58:4f:5a:6b:d3:f9:9e:ac:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 12 00:38:20 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=32455175f6c55c1f61a276fa09afa0076cea07500aed0a3350c00568041cbb8a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:57:88:83:5c:89:5d:bc:57:0d:b4:ec:ae:ef:
                    e6:2f:0a:ff:b8:65:b2:bf:47:bf:22:ca:eb:18:ae:
                    7f:67:5e:5f:ca:e8:6d:fb:fd:25:f6:c7:02:d6:dd:
                    8e:d2:98:e5:51:1c:57:ab:6e:c6:99:87:49:c6:7b:
                    85:64:cc:4f:67:56:93:bf:43:31:45:1c:0b:d3:41:
                    a1:84:f5:b2:25:a0:bf:26:56:c9:a6:54:3d:70:f7:
                    df:34:4b:80:c8:87:d9:a0:36:1e:27:cf:fb:36:99:
                    19:c5:e0:8d:c3:71:db:d9:7e:e3:a8:12:b2:95:7f:
                    5f:5e:1b:8b:98:ba:1b:f6:f8:24:55:50:13:f6:17:
                    28:e1:0e:7b:49:44:b5:47:b6:d0:47:42:7c:c1:f5:
                    f6:e6:0a:99:a0:e3:f1:ba:ee:ab:18:d7:f3:87:1e:
                    22:18:21:b0:06:14:90:a1:1c:21:c7:aa:5c:5c:d0:
                    e6:a6:9b:a9:f3:c9:c7:0d:e5:2b:7a:44:2a:40:24:
                    b7:b5:6c:78:ad:67:c9:d6:73:0d:b1:6c:e7:2c:93:
                    c2:2f:b2:71:26:cb:b8:f3:88:d6:8f:57:65:a5:15:
                    a5:00:85:3b:42:d1:a8:b2:37:99:65:26:ba:70:8c:
                    a0:e6:93:23:d3:88:6f:bf:f1:5c:7e:02:55:8b:b5:
                    a9:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:AA:2A:B7:93:F6:1F:35:E1:38:48:C0:98:4E:A6:91:88:A4:4B:DB
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/eee621db-916e-4241-afe5-8d3c26e2fdaa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:23:dd:f5:64:e1:7e:f7:09:a3:26:29:1f:f2:e7:97:8e:93:
         ca:fd:b8:64:9d:e7:45:f5:2a:59:8b:c4:ed:34:57:b6:31:42:
         9c:a0:ae:b6:55:90:0f:a2:20:42:76:0c:fe:9e:5f:e0:9f:38:
         01:ad:dc:b1:32:71:38:38:3c:41:71:12:4c:c3:66:e0:1a:c5:
         eb:ab:47:dc:22:5b:c8:f2:0b:2e:95:40:62:f9:79:2d:8f:c0:
         a5:2e:ef:88:57:e1:b1:a1:97:51:ac:36:3c:57:05:53:ce:0e:
         b4:d0:d5:4a:77:e8:7b:8f:bf:42:3c:30:2f:5f:a9:de:52:d4:
         a8:11:e8:1f:75:68:01:57:60:d0:93:de:06:ae:69:28:70:af:
         45:9b:cf:b3:a9:b1:67:52:9d:d7:64:f8:36:65:21:76:4b:7e:
         c0:dc:c2:3a:72:46:1d:ac:f9:26:67:ea:33:f5:d8:62:c2:d0:
         cf:47:c2:81:d6:7d:92:39:88:e2:f3:a1:88:9c:f1:f4:a1:13:
         f5:85:5d:e0:ee:1f:51:d7:58:42:5a:0f:68:d7:a5:82:3d:01:
         64:ba:e8:92:be:85:a7:cb:1c:da:3e:c0:7b:cb:78:e6:46:c4:
         ee:d4:42:04:ac:45:9b:fa:12:a8:05:cd:60:54:53:49:d0:0f:
         f6:35:25:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUR91Q2RHW7TskQVxYT1pr0/merCYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTEyMDAzODIwWhcNMjUwNjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjQ1NTE3NWY2YzU1YzFmNjFhMjc2ZmEwOWFmYTAwNzZj
ZWEwNzUwMGFlZDBhMzM1MGMwMDU2ODA0MWNiYjhhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjV4iDXIldvFcNtOyu7+YvCv+4ZbK/R78iyusYrn9nXl/K
6G37/SX2xwLW3Y7SmOVRHFerbsaZh0nGe4VkzE9nVpO/QzFFHAvTQaGE9bIloL8m
VsmmVD1w9980S4DIh9mgNh4nz/s2mRnF4I3DcdvZfuOoErKVf19eG4uYuhv2+CRV
UBP2FyjhDntJRLVHttBHQnzB9fbmCpmg4/G67qsY1/OHHiIYIbAGFJChHCHHqlxc
0Oamm6nzyccN5St6RCpAJLe1bHitZ8nWcw2xbOcsk8IvsnEmy7jziNaPV2WlFaUA
hTtC0aiyN5llJrpwjKDmkyPTiG+/8Vx+AlWLtan7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3Koqt5P2HzXhOEjAmE6mkYikS9swHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2VlZTYyMWRiLTkxNmUtNDI0MS1hZmU1LThkM2MyNmUyZmRhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFEj3fVk4X73CaMmKR/y55eOk8r9
uGSd50X1KlmLxO00V7YxQpygrrZVkA+iIEJ2DP6eX+CfOAGt3LEycTg4PEFxEkzD
ZuAaxeurR9wiW8jyCy6VQGL5eS2PwKUu74hX4bGhl1GsNjxXBVPODrTQ1Up36HuP
v0I8MC9fqd5S1KgR6B91aAFXYNCT3gauaShwr0Wbz7OpsWdSnddk+DZlIXZLfsDc
wjpyRh2s+SZn6jP12GLC0M9HwoHWfZI5iOLzoYic8fShE/WFXeDuH1HXWEJaD2jX
pYI9AWS66JK+hafLHNo+wHvLeOZGxO7UQgSsRZv6EqgFzWBUU0nQD/Y1JVY=
-----END CERTIFICATE-----