Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fd55b1b6-9e96-40de-b39c-2e96c15ab6b8.roa
File:                     fd55b1b6-9e96-40de-b39c-2e96c15ab6b8.roa (raw, json)
Hash identifier:          RSRIntKFh1dFVzquYR1NoCdb2P9YyzAn7X5kcObOhfE=
Subject key identifier:   6A:F2:13:DA:F9:1E:11:57:5C:85:04:B5:2A:9C:CE:CC:BD:CE:DA:46
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       25C0D2CB5CC2B1E489C60DC814AF5087D18D3E39
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fd55b1b6-9e96-40de-b39c-2e96c15ab6b8.roa
Signing time:             Sat 14 Jun 2025 22:03:21 +0000
ROA not before:           Sat 14 Jun 2025 22:03:21 +0000
ROA not after:            Sat 19 Jul 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sat 14 Jun 2025 22:18:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:c0:d2:cb:5c:c2:b1:e4:89:c6:0d:c8:14:af:50:87:d1:8d:3e:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 14 22:03:21 2025 GMT
            Not After : Jul 19 23:59:59 2025 GMT
        Subject: serialNumber=a499c7d726b5f554614482d992ab670b87ece17db99659f36dcd1e83ab1032a9, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:02:fd:9f:fe:77:c0:65:81:cd:6b:c6:da:a2:
                    b4:f8:17:26:32:d0:80:9d:52:0f:39:89:c7:9b:1c:
                    55:2c:ec:81:4a:c5:cc:15:42:cf:58:99:70:81:92:
                    d3:35:39:11:ba:30:9d:6e:63:49:91:d4:f6:ca:e9:
                    05:55:71:ea:b9:2c:59:35:15:e5:64:eb:45:30:d0:
                    3d:43:1a:9f:80:3d:e9:7e:b9:d1:ac:80:58:a8:25:
                    ec:8b:99:f3:c1:6b:b0:65:49:4b:de:64:3c:ec:8d:
                    a6:3e:5d:2f:8f:9b:f1:6b:8b:b3:bb:89:1e:d5:9f:
                    0b:db:b0:cc:2b:a2:43:44:fb:ad:3a:2d:0e:ba:4d:
                    2f:89:27:ce:bc:4e:d2:0a:44:53:05:24:5d:a0:25:
                    84:71:04:4b:2d:2a:d8:c7:d7:11:51:05:c4:2f:1d:
                    fe:43:1a:db:3c:99:64:05:9c:cf:02:a8:01:3d:1f:
                    5f:db:43:d8:ae:5f:02:6d:67:d9:ec:d1:9d:94:c0:
                    be:2a:28:b4:cb:03:a0:5a:e6:4b:5c:8e:f7:85:13:
                    18:1c:b3:a6:92:2b:7f:c2:58:59:85:5f:53:05:ed:
                    d0:2d:93:03:53:2e:22:1b:46:93:2d:c8:05:33:5f:
                    fa:18:82:4c:32:a0:5a:55:14:97:dd:95:a8:62:e0:
                    32:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F2:13:DA:F9:1E:11:57:5C:85:04:B5:2A:9C:CE:CC:BD:CE:DA:46
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/fd55b1b6-9e96-40de-b39c-2e96c15ab6b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:5e:8e:d9:f1:ff:a5:93:f0:e8:4d:f3:d0:76:51:5b:11:7e:
         22:be:05:23:29:b1:7e:1d:b5:8f:60:57:a1:c5:e5:58:c4:21:
         1a:b5:93:4e:44:c2:6d:49:84:3b:05:c4:6d:5c:e1:69:60:fa:
         70:a7:70:48:ea:a1:9c:d3:45:2b:3e:65:cd:5d:2e:89:0f:86:
         fc:c5:9f:b9:f9:73:bd:2c:7b:f1:a1:50:5e:7a:22:64:52:1e:
         fb:14:3b:5d:5d:de:4b:9f:08:0c:2c:af:43:6b:83:f8:a2:78:
         fc:f9:0c:66:2c:82:de:99:5c:75:45:3c:3f:c3:f4:57:8b:e6:
         38:58:54:20:2a:02:8a:93:f7:09:3d:06:95:48:21:34:50:7d:
         f1:d2:9a:ba:b8:84:08:97:42:15:37:b9:92:4a:4b:18:1e:14:
         c2:0b:16:62:6a:91:a0:a1:d6:6e:cd:46:ea:06:26:e8:0a:65:
         32:14:99:17:e4:cd:14:93:d7:ae:e9:70:f7:8f:92:4e:62:e8:
         31:5e:2e:0d:9b:27:43:f1:f2:9a:c7:54:31:b1:41:c4:ee:39:
         2b:f7:ff:22:c5:06:91:b7:f2:5a:bb:91:f5:f6:cc:bc:eb:8f:
         74:40:6e:2e:a6:fe:5c:af:ec:74:3f:32:5e:91:6d:a2:5f:93:
         22:ce:2c:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJcDSy1zCseSJxg3IFK9Qh9GNPjkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNjE0MjIwMzIxWhcNMjUwNzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDk5YzdkNzI2YjVmNTU0NjE0NDgyZDk5MmFiNjcwYjg3
ZWNlMTdkYjk5NjU5ZjM2ZGNkMWU4M2FiMTAzMmE5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8Av2f/nfAZYHNa8baorT4FyYy0ICdUg85icebHFUs7IFK
xcwVQs9YmXCBktM1ORG6MJ1uY0mR1PbK6QVVceq5LFk1FeVk60Uw0D1DGp+APel+
udGsgFioJeyLmfPBa7BlSUveZDzsjaY+XS+Pm/Fri7O7iR7VnwvbsMwrokNE+606
LQ66TS+JJ868TtIKRFMFJF2gJYRxBEstKtjH1xFRBcQvHf5DGts8mWQFnM8CqAE9
H1/bQ9iuXwJtZ9ns0Z2UwL4qKLTLA6Ba5ktcjveFExgcs6aSK3/CWFmFX1MF7dAt
kwNTLiIbRpMtyAUzX/oYgkwyoFpVFJfdlahi4DL3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUavIT2vkeEVdchQS1KpzOzL3O2kYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2ZkNTViMWI2LTllOTYtNDBkZS1iMzljLTJlOTZjMTVhYjZiOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABZejtnx/6WT8OhN89B2UVsRfiK+
BSMpsX4dtY9gV6HF5VjEIRq1k05Ewm1JhDsFxG1c4Wlg+nCncEjqoZzTRSs+Zc1d
LokPhvzFn7n5c70se/GhUF56ImRSHvsUO11d3kufCAwsr0Nrg/iiePz5DGYsgt6Z
XHVFPD/D9FeL5jhYVCAqAoqT9wk9BpVIITRQffHSmrq4hAiXQhU3uZJKSxgeFMIL
FmJqkaCh1m7NRuoGJugKZTIUmRfkzRST167pcPePkk5i6DFeLg2bJ0Px8prHVDGx
QcTuOSv3/yLFBpG38lq7kfX2zLzrj3RAbi6m/lyv7HQ/Ml6RbaJfkyLOLHw=
-----END CERTIFICATE-----