Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24ae7db1-322c-4dbf-806c-be391fa33dcb.roa
File:                     24ae7db1-322c-4dbf-806c-be391fa33dcb.roa (raw, json)
Hash identifier:          VgMPmNbyMbIGvEPqWHsdzdOTQ4j4QFtz9WCL428D7D8=
Subject key identifier:   16:73:A0:82:6B:6E:DA:D5:AF:DC:90:B0:59:E5:37:F6:2C:69:D2:F3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       13D3F561B3048FC593547CA17CEBD824A39E4AAA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24ae7db1-322c-4dbf-806c-be391fa33dcb.roa
Signing time:             Mon 14 Apr 2025 21:22:08 +0000
ROA not before:           Mon 14 Apr 2025 21:22:08 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fee:c000::/40 maxlen: 48
Validation:               Failed, certificate revoked on Mon 14 Apr 2025 22:52:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:d3:f5:61:b3:04:8f:c5:93:54:7c:a1:7c:eb:d8:24:a3:9e:4a:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 14 21:22:08 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=b802ecbd734208bfdb4bd8dd624e497d6f1d4d223b7e0018deb5c125064446e1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:82:0a:ad:c3:9a:dc:af:56:2b:da:60:8c:51:
                    fe:61:9d:3d:56:77:6c:3b:a5:d4:d2:af:9b:d7:db:
                    b9:9c:cd:f9:a7:9d:75:79:22:98:2d:a9:f6:55:9a:
                    6e:d1:57:0e:14:ea:14:b5:b1:0d:2c:a0:68:b2:37:
                    94:e6:60:c1:b9:ac:21:ee:81:28:92:1a:0e:06:44:
                    23:ec:9c:08:47:cd:c3:d1:8b:72:83:9e:25:c6:98:
                    d5:88:d9:ce:29:26:2b:08:e1:eb:6b:aa:18:d5:4c:
                    6b:ad:61:a6:3b:28:a9:db:01:32:58:ac:a9:27:10:
                    5a:08:74:12:8d:a4:44:18:a0:ee:10:11:60:ca:0a:
                    72:1c:06:e2:4c:ab:77:a1:50:35:cb:e7:c9:19:74:
                    18:56:86:2f:a4:36:8e:0d:44:37:f4:3a:24:70:5e:
                    ab:e2:c4:bb:e0:8d:52:c2:b1:e8:79:4c:9a:e4:bf:
                    ac:94:8a:54:e9:50:58:7b:dd:60:d9:eb:23:8b:ad:
                    23:41:47:2b:60:8c:1b:46:0b:d8:cf:fd:45:cb:33:
                    82:92:e8:0b:d5:c0:ca:43:08:47:f8:2c:85:25:3f:
                    8a:c5:c3:8b:48:05:59:ff:19:6c:2a:8e:26:38:67:
                    be:80:1f:eb:9c:f2:c9:ff:c0:d3:45:4e:bc:96:c4:
                    e6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:73:A0:82:6B:6E:DA:D5:AF:DC:90:B0:59:E5:37:F6:2C:69:D2:F3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24ae7db1-322c-4dbf-806c-be391fa33dcb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fee:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         34:a7:7b:53:c9:93:bc:e2:f6:0f:4a:a2:06:61:0a:4a:e5:28:
         71:1b:ae:20:7a:bd:f4:38:26:a5:8d:97:3d:1b:60:cd:6c:68:
         8a:a6:81:b5:fc:e5:84:7e:7d:11:06:52:fb:ec:9c:da:e6:b0:
         1a:19:96:ff:1f:13:5b:c6:d9:fb:b5:5c:1f:18:88:88:68:aa:
         8e:ea:48:13:1b:c6:bf:a1:4c:a4:6d:9a:ab:49:fd:79:0c:1f:
         e0:4f:b4:14:21:c1:a5:a5:54:2b:4e:3c:f7:57:57:33:0d:c9:
         47:08:ee:98:4c:0e:59:43:7b:ab:5f:76:37:f0:5c:a1:fe:8e:
         a7:6d:1d:9b:83:4e:af:0c:12:94:64:78:63:5f:61:d6:31:37:
         5d:84:62:e6:84:74:3e:94:21:8d:a9:56:4d:80:00:d8:93:45:
         a0:bb:3f:8e:e3:85:ee:e4:d8:2b:92:c8:9e:3c:13:9f:ef:e9:
         d9:4e:ce:ff:69:93:86:17:43:ad:7f:f5:05:30:6f:70:ce:55:
         ad:8f:f7:79:7e:ee:59:80:90:fd:6b:5d:ff:98:bb:12:53:20:
         12:03:a4:ba:b0:e1:43:bb:e9:99:c4:34:44:ad:c9:ac:f7:57:
         f4:5c:e8:f4:e7:75:68:f6:d9:1a:38:be:bd:fd:ff:a2:b7:c6:
         8f:b9:d8:7d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUE9P1YbMEj8WTVHyhfOvYJKOeSqowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE0MjEyMjA4WhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiODAyZWNiZDczNDIwOGJmZGI0YmQ4ZGQ2MjRlNDk3ZDZm
MWQ0ZDIyM2I3ZTAwMThkZWI1YzEyNTA2NDQ0NmUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrggqtw5rcr1Yr2mCMUf5hnT1Wd2w7pdTSr5vX27mczfmn
nXV5IpgtqfZVmm7RVw4U6hS1sQ0soGiyN5TmYMG5rCHugSiSGg4GRCPsnAhHzcPR
i3KDniXGmNWI2c4pJisI4etrqhjVTGutYaY7KKnbATJYrKknEFoIdBKNpEQYoO4Q
EWDKCnIcBuJMq3ehUDXL58kZdBhWhi+kNo4NRDf0OiRwXqvixLvgjVLCseh5TJrk
v6yUilTpUFh73WDZ6yOLrSNBRytgjBtGC9jP/UXLM4KS6AvVwMpDCEf4LIUlP4rF
w4tIBVn/GWwqjiY4Z76AH+uc8sn/wNNFTryWxObRAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUFnOggmtu2tWv3JCwWeU39ixp0vMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI0YWU3ZGIxLTMyMmMtNGRiZi04MDZjLWJlMzkxZmEzM2RjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/uwDANBgkqhkiG9w0BAQsFAAOCAQEANKd7U8mTvOL2D0qiBmEKSuUo
cRuuIHq99DgmpY2XPRtgzWxoiqaBtfzlhH59EQZS++yc2uawGhmW/x8TW8bZ+7Vc
HxiIiGiqjupIExvGv6FMpG2aq0n9eQwf4E+0FCHBpaVUK04891dXMw3JRwjumEwO
WUN7q192N/Bcof6Op20dm4NOrwwSlGR4Y19h1jE3XYRi5oR0PpQhjalWTYAA2JNF
oLs/juOF7uTYK5LInjwTn+/p2U7O/2mThhdDrX/1BTBvcM5VrY/3eX7uWYCQ/Wtd
/5i7ElMgEgOkurDhQ7vpmcQ0RK3JrPdX9Fzo9Od1aPbZGji+vf3/orfGj7nYfQ==
-----END CERTIFICATE-----