Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f3b8c6b5-3335-4111-95e1-f4fc64d3487e.roa
File:                     f3b8c6b5-3335-4111-95e1-f4fc64d3487e.roa (raw, json)
Hash identifier:          RGFQZakqSzcZGb2qF3o+wdNGsTFiJZNBRdDonCy8r7Q=
Subject key identifier:   D3:09:0C:B8:6C:93:38:0C:B9:5C:48:29:C6:15:D3:49:E5:EB:4E:67
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       639923A9AA4D3A8A9E68E218FD9837E625DB45BD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f3b8c6b5-3335-4111-95e1-f4fc64d3487e.roa
Signing time:             Thu 24 Apr 2025 03:43:15 +0000
ROA not before:           Thu 24 Apr 2025 03:43:15 +0000
ROA not after:            Thu 29 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 24 Apr 2025 04:03:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:99:23:a9:aa:4d:3a:8a:9e:68:e2:18:fd:98:37:e6:25:db:45:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 24 03:43:15 2025 GMT
            Not After : May 29 23:59:59 2025 GMT
        Subject: serialNumber=55ca02486e617c70a8d7c26fabed3418c23dba64a180bd7aff94604f0c0ed5d3, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f7:af:6e:dd:3a:18:3b:a2:db:b8:88:c6:67:
                    ef:ef:6b:60:8a:19:39:f1:22:f6:69:cc:43:3c:f2:
                    aa:60:6c:99:15:fa:fc:05:51:ef:dd:e3:42:98:2c:
                    5f:9e:ba:53:3f:06:7e:8d:a2:2f:a5:38:cd:70:0c:
                    d1:09:24:3b:89:e2:df:d6:c7:5f:2f:c6:78:7a:15:
                    45:65:4f:45:0f:04:33:55:0f:d9:62:0d:68:e3:a8:
                    d9:84:84:02:1d:69:9f:14:7f:a9:28:ed:b9:9c:c5:
                    31:bd:e9:6f:44:ad:97:86:82:b7:8d:60:f8:0e:34:
                    9e:6b:e7:33:dd:53:bb:23:61:3e:60:91:36:f8:bb:
                    31:1d:02:3e:d5:79:f2:32:e6:e4:cd:52:93:78:37:
                    f5:3a:49:2a:a4:53:0c:e8:f5:68:66:7e:fb:83:aa:
                    df:eb:2c:76:d2:3f:d5:7b:c4:f8:f6:82:c8:15:e7:
                    0a:7b:95:7d:76:e0:7c:6d:29:30:49:3b:b0:03:86:
                    a3:34:21:68:91:70:96:2a:1d:1a:e5:a3:fb:bd:ea:
                    32:7b:e9:bb:e8:c0:3e:c1:35:7f:e0:13:05:7a:63:
                    0a:0c:1c:49:7b:46:c5:8b:7c:47:1e:f7:ec:4d:a6:
                    b6:78:e6:52:f8:a7:66:40:6e:fa:ba:f1:8f:48:58:
                    0e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:09:0C:B8:6C:93:38:0C:B9:5C:48:29:C6:15:D3:49:E5:EB:4E:67
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f3b8c6b5-3335-4111-95e1-f4fc64d3487e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:7d:2b:d6:4b:bf:fb:02:5c:df:da:4f:e6:0f:ce:fd:33:ce:
         be:fe:ed:33:ea:d2:3c:c3:be:d9:9a:26:1a:54:42:32:e1:9b:
         11:b5:eb:4f:b5:b8:21:95:5e:bf:b2:42:ce:f5:2a:63:01:38:
         5a:84:83:55:50:52:54:95:35:12:2d:4a:6a:55:cc:2e:88:0b:
         58:60:7b:02:f4:3c:04:90:f6:11:c4:fd:83:de:94:b3:c2:46:
         06:57:17:03:d4:aa:96:ed:5f:24:3d:3e:3c:df:51:29:ac:ef:
         7c:48:34:12:cb:58:76:45:a3:6e:f4:27:17:1f:40:ae:1e:48:
         6e:bd:06:c3:71:8a:97:c5:cb:fb:82:45:af:2d:fa:a3:9a:54:
         d2:f1:ba:7e:ef:ad:8a:9b:cc:a0:b3:87:c7:12:23:3a:99:de:
         e8:01:8d:20:98:b7:c8:f7:c7:fe:8a:bf:96:85:ee:22:64:a0:
         de:6a:ed:ac:e3:14:38:42:f0:ec:66:a6:71:71:8c:c1:76:6f:
         f3:47:9a:3c:a9:44:c4:9f:5a:14:5f:75:fb:60:36:51:de:11:
         7b:e7:ff:b3:4c:d9:b1:0e:dc:65:42:95:de:00:a3:64:dc:63:
         9a:53:da:40:dd:b0:c9:0b:d4:5c:c5:e8:83:04:bb:3b:0e:ca:
         a6:9f:22:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY5kjqapNOoqeaOIY/Zg35iXbRb0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDI0MDM0MzE1WhcNMjUwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NWNhMDI0ODZlNjE3YzcwYThkN2MyNmZhYmVkMzQxOGMy
M2RiYTY0YTE4MGJkN2FmZjk0NjA0ZjBjMGVkNWQzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL969u3ToYO6LbuIjGZ+/va2CKGTnxIvZpzEM88qpgbJkV
+vwFUe/d40KYLF+eulM/Bn6Noi+lOM1wDNEJJDuJ4t/Wx18vxnh6FUVlT0UPBDNV
D9liDWjjqNmEhAIdaZ8Uf6ko7bmcxTG96W9ErZeGgreNYPgONJ5r5zPdU7sjYT5g
kTb4uzEdAj7VefIy5uTNUpN4N/U6SSqkUwzo9WhmfvuDqt/rLHbSP9V7xPj2gsgV
5wp7lX124HxtKTBJO7ADhqM0IWiRcJYqHRrlo/u96jJ76bvowD7BNX/gEwV6YwoM
HEl7RsWLfEce9+xNprZ45lL4p2ZAbvq68Y9IWA6zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0wkMuGyTOAy5XEgpxhXTSeXrTmcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2YzYjhjNmI1LTMzMzUtNDExMS05NWUxLWY0ZmM2NGQzNDg3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIt9K9ZLv/sCXN/aT+YPzv0zzr7+
7TPq0jzDvtmaJhpUQjLhmxG160+1uCGVXr+yQs71KmMBOFqEg1VQUlSVNRItSmpV
zC6IC1hgewL0PASQ9hHE/YPelLPCRgZXFwPUqpbtXyQ9PjzfUSms73xINBLLWHZF
o270JxcfQK4eSG69BsNxipfFy/uCRa8t+qOaVNLxun7vrYqbzKCzh8cSIzqZ3ugB
jSCYt8j3x/6Kv5aF7iJkoN5q7azjFDhC8OxmpnFxjMF2b/NHmjypRMSfWhRfdftg
NlHeEXvn/7NM2bEO3GVCld4Ao2TcY5pT2kDdsMkL1FzF6IMEuzsOyqafIgI=
-----END CERTIFICATE-----