Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f5e476e4-6bda-4678-a2ec-e75339d264e3.roa
File:                     f5e476e4-6bda-4678-a2ec-e75339d264e3.roa (raw, json)
Hash identifier:          /jKf/Q/ihRwll8nC9PRsAgwlumQUGQ3ivK6alwH7h48=
Subject key identifier:   78:9B:95:11:7B:1B:6F:0C:5B:63:EB:F8:83:BD:2F:35:84:EF:FE:A0
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       BD9C7426A3D419BFFDB27AE702ACE08440630A
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f5e476e4-6bda-4678-a2ec-e75339d264e3.roa
Signing time:             Sat 24 May 2025 17:28:17 +0000
ROA not before:           Sat 24 May 2025 17:28:17 +0000
ROA not after:            Sat 28 Jun 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sat 24 May 2025 17:43:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            bd:9c:74:26:a3:d4:19:bf:fd:b2:7a:e7:02:ac:e0:84:40:63:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: May 24 17:28:17 2025 GMT
            Not After : Jun 28 23:59:59 2025 GMT
        Subject: serialNumber=014947356d21e623eb819f7f7483990ffa04507c0ccc5e946bf8f6f1cc0090ec, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:35:ad:8c:67:94:6f:d4:0e:cd:47:7b:eb:a3:
                    90:0c:1a:e5:8e:82:8b:41:d7:9e:fa:35:a9:b8:d1:
                    c4:84:29:0b:51:21:8d:a5:4a:3a:56:0a:46:97:93:
                    9e:80:f0:42:78:9a:6d:2c:8b:01:fe:ed:13:72:65:
                    a1:6e:c6:05:fe:b2:19:b3:43:95:47:02:0c:c1:ea:
                    01:4f:ce:cb:6e:8f:57:5c:1a:7a:21:f3:46:e5:56:
                    86:12:ea:d8:32:a3:e0:71:fd:1a:bf:62:cc:e8:e9:
                    e5:26:ce:c8:39:a8:59:da:b0:9a:ce:c8:69:c9:9d:
                    a4:b1:50:0a:38:05:d5:70:70:40:b7:da:f7:0a:aa:
                    cd:99:89:b0:ee:c0:61:7c:7c:aa:13:af:b5:93:39:
                    bc:ef:5c:25:80:fa:82:a7:9b:9d:a0:e3:7f:46:1b:
                    3d:cc:0f:fe:72:0c:dc:5e:8d:9a:49:62:11:6a:2e:
                    4f:df:4e:ee:54:89:99:2b:65:3d:0a:3a:5c:d8:5f:
                    4d:96:c5:2b:ae:1c:cb:5d:5b:97:a7:7a:c7:80:22:
                    4c:d8:4c:19:ad:be:c7:24:35:eb:ef:d1:1b:a2:a2:
                    eb:e9:7b:59:54:83:16:2d:53:7b:1d:9e:d5:4b:97:
                    7e:20:3b:5a:ba:4d:fc:00:b5:93:08:39:6c:78:4a:
                    5c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:9B:95:11:7B:1B:6F:0C:5B:63:EB:F8:83:BD:2F:35:84:EF:FE:A0
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f5e476e4-6bda-4678-a2ec-e75339d264e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:84:09:98:dc:ed:dc:a0:a7:27:b4:e9:a4:09:0f:0a:c7:c4:
         19:78:3a:d4:e9:8f:d2:a0:f3:db:3a:61:58:2a:38:7f:5a:fb:
         23:38:d7:b7:6f:9c:c4:8c:18:0f:f9:82:f8:09:7e:96:b6:bd:
         67:e4:61:7a:8c:69:62:30:5f:f3:b5:04:91:3e:7b:84:57:57:
         eb:92:09:0a:ce:d0:0e:a1:c5:33:4f:4e:1f:16:68:6a:f1:50:
         d2:76:7d:63:2d:15:00:91:15:1a:b4:bd:c6:a3:87:d0:c3:56:
         5a:30:36:7d:17:31:0b:4c:4d:5b:28:42:b3:9d:d1:5e:71:84:
         ed:63:ca:99:6c:1c:a4:26:b3:60:13:19:c4:9d:4b:f1:6d:08:
         a4:4c:15:37:a7:ea:11:d5:a9:45:0b:1b:dd:fe:ab:1c:1c:cd:
         ad:f7:08:7f:24:08:f1:1f:17:01:03:9f:0f:ff:6c:48:e0:9f:
         ce:13:c5:d2:20:0c:fc:7f:f6:51:98:40:07:68:d3:9c:a4:e4:
         8f:50:9c:8b:a9:51:3a:c2:ca:a2:ef:46:4b:bf:91:10:ec:f4:
         da:89:70:18:56:92:da:9f:01:a6:7b:aa:f9:1b:30:b1:27:c9:
         d8:0f:ee:86:bd:6c:79:c8:8d:ae:f9:53:a1:5c:0a:ee:b9:1e:
         01:dc:ab:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAL2cdCaj1Bm//bJ65wKs4IRAYwowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTI0MTcyODE3WhcNMjUwNjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTQ5NDczNTZkMjFlNjIzZWI4MTlmN2Y3NDgzOTkwZmZh
MDQ1MDdjMGNjYzVlOTQ2YmY4ZjZmMWNjMDA5MGVjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDoNa2MZ5Rv1A7NR3vro5AMGuWOgotB1576Nam40cSEKQtR
IY2lSjpWCkaXk56A8EJ4mm0siwH+7RNyZaFuxgX+shmzQ5VHAgzB6gFPzstuj1dc
Gnoh80blVoYS6tgyo+Bx/Rq/Yszo6eUmzsg5qFnasJrOyGnJnaSxUAo4BdVwcEC3
2vcKqs2ZibDuwGF8fKoTr7WTObzvXCWA+oKnm52g439GGz3MD/5yDNxejZpJYhFq
Lk/fTu5UiZkrZT0KOlzYX02WxSuuHMtdW5eneseAIkzYTBmtvsckNevv0Ruiouvp
e1lUgxYtU3sdntVLl34gO1q6TfwAtZMIOWx4Slx9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUeJuVEXsbbwxbY+v4g70vNYTv/qAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Y1ZTQ3NmU0LTZiZGEtNDY3OC1hMmVjLWU3NTMzOWQyNjRlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAG+ECZjc7dygpye06aQJDwrHxBl4
OtTpj9Kg89s6YVgqOH9a+yM417dvnMSMGA/5gvgJfpa2vWfkYXqMaWIwX/O1BJE+
e4RXV+uSCQrO0A6hxTNPTh8WaGrxUNJ2fWMtFQCRFRq0vcajh9DDVlowNn0XMQtM
TVsoQrOd0V5xhO1jyplsHKQms2ATGcSdS/FtCKRMFTen6hHVqUULG93+qxwcza33
CH8kCPEfFwEDnw//bEjgn84TxdIgDPx/9lGYQAdo05yk5I9QnIupUTrCyqLvRku/
kRDs9NqJcBhWktqfAaZ7qvkbMLEnydgP7oa9bHnIja75U6FcCu65HgHcq0k=
-----END CERTIFICATE-----