Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2743d45f-53f9-441e-8edc-0ca0bb2ed84c.roa
File:                     2743d45f-53f9-441e-8edc-0ca0bb2ed84c.roa (raw, json)
Hash identifier:          QZjOC/eM7kZjnxPrOiwD5dQzCcrpu4bTUj1o4qRdTMU=
Subject key identifier:   BF:37:5D:A3:B3:DD:3F:0B:AB:82:27:0B:07:BC:F8:8F:7F:59:E2:85
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       E061A2760875B0FA561616BAE4BFAA585ADE7E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2743d45f-53f9-441e-8edc-0ca0bb2ed84c.roa
Signing time:             Mon 14 Apr 2025 21:22:10 +0000
ROA not before:           Mon 14 Apr 2025 21:22:10 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fee:6000::/40 maxlen: 40
Validation:               Failed, certificate revoked on Mon 14 Apr 2025 22:52:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e0:61:a2:76:08:75:b0:fa:56:16:16:ba:e4:bf:aa:58:5a:de:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 14 21:22:10 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=dfc5d2c25c1c3add3640ad0c6d49375388272ff8201ab83e2713f593eeaab17c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c5:6f:83:6a:72:93:04:c3:57:43:9f:b1:ac:
                    ab:b9:2d:74:29:d5:a2:45:6f:27:ba:79:ce:d1:bb:
                    fd:ea:d0:2a:8b:10:75:d5:35:c4:0f:14:e3:f3:5e:
                    57:97:f3:64:7a:f2:21:11:9c:12:94:84:73:04:38:
                    b7:eb:a5:e8:c3:af:3c:c3:df:c9:c8:21:33:7b:72:
                    a8:34:80:ed:db:77:f5:9b:cb:79:5a:7c:97:69:f6:
                    09:a3:9c:58:f6:bd:78:98:68:11:85:4e:25:9b:74:
                    b8:96:5d:5b:cb:4c:3c:88:7a:47:81:22:6a:a4:ab:
                    b7:5f:66:2b:4f:e7:97:a5:d3:68:52:b0:b1:1e:e1:
                    c9:fb:b4:0e:3d:f0:73:c0:d2:47:6f:a9:96:e0:5e:
                    eb:20:b7:27:c7:70:7f:3a:cd:9c:18:bb:9a:b7:00:
                    8f:ed:36:b3:88:27:c0:c7:cf:48:03:9d:7e:91:9f:
                    3b:09:fd:60:b4:16:39:3e:95:3b:0d:ca:35:69:7d:
                    ae:00:79:3e:de:d0:94:47:11:6e:b8:d3:9a:dc:e4:
                    62:ea:24:c3:f4:81:7b:07:83:79:f4:b4:d0:61:3c:
                    49:1b:2a:41:42:8b:d6:fe:6b:23:28:ec:68:07:b1:
                    af:79:f8:d9:29:07:69:d2:07:3b:73:8b:ae:65:75:
                    30:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:37:5D:A3:B3:DD:3F:0B:AB:82:27:0B:07:BC:F8:8F:7F:59:E2:85
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2743d45f-53f9-441e-8edc-0ca0bb2ed84c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fee:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         70:b2:e1:9b:72:90:e8:0f:91:99:f2:2a:1a:39:93:98:5f:94:
         4a:91:de:9b:85:b2:0e:38:d6:ed:02:5b:2a:cf:15:81:08:20:
         06:ac:97:5f:c1:80:5d:52:c9:14:10:d5:cf:99:31:de:8a:37:
         b1:ed:f5:fd:d2:51:92:c7:6a:f6:6e:d9:0d:7d:ff:f1:70:11:
         76:89:00:29:f0:9d:b4:f9:2d:d5:0b:f8:1b:58:fc:dc:55:06:
         eb:06:c7:2e:d0:5e:a9:ac:c5:b4:73:ee:11:59:77:68:f4:6f:
         49:d0:50:c8:b5:06:d7:c9:84:b1:26:8d:47:52:f8:a7:39:01:
         2e:61:45:c6:bd:d3:63:83:99:36:c7:c2:ca:f1:97:e8:39:a4:
         0e:9e:e3:c9:4d:79:d4:bb:bf:b9:f0:f6:6b:92:49:f9:82:ce:
         3a:4f:97:7b:7e:1b:7d:ef:64:8f:ed:63:79:92:e9:94:46:56:
         cf:df:76:2a:84:b9:42:1d:e9:80:18:51:02:1a:23:29:2f:f1:
         aa:06:f3:d9:c2:1c:c4:a7:42:10:14:7b:f7:d3:62:44:a8:17:
         16:3b:f5:08:a0:93:cb:62:40:45:0c:65:74:fb:9e:7c:d6:62:
         ce:a0:aa:08:a1:ae:2d:c4:30:c8:f3:dc:e5:bd:52:4a:ca:48:
         ac:cb:e5:be
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAOBhonYIdbD6VhYWuuS/qlha3n4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE0MjEyMjEwWhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZmM1ZDJjMjVjMWMzYWRkMzY0MGFkMGM2ZDQ5Mzc1Mzg4
MjcyZmY4MjAxYWI4M2UyNzEzZjU5M2VlYWFiMTdjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXxW+DanKTBMNXQ5+xrKu5LXQp1aJFbye6ec7Ru/3q0CqL
EHXVNcQPFOPzXleX82R68iERnBKUhHMEOLfrpejDrzzD38nIITN7cqg0gO3bd/Wb
y3lafJdp9gmjnFj2vXiYaBGFTiWbdLiWXVvLTDyIekeBImqkq7dfZitP55el02hS
sLEe4cn7tA498HPA0kdvqZbgXusgtyfHcH86zZwYu5q3AI/tNrOIJ8DHz0gDnX6R
nzsJ/WC0Fjk+lTsNyjVpfa4AeT7e0JRHEW6405rc5GLqJMP0gXsHg3n0tNBhPEkb
KkFCi9b+ayMo7GgHsa95+NkpB2nSBztzi65ldTBhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUvzddo7PdPwurgicLB7z4j39Z4oUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI3NDNkNDVmLTUzZjktNDQxZS04ZWRjLTBjYTBiYjJlZDg0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/uYDANBgkqhkiG9w0BAQsFAAOCAQEAcLLhm3KQ6A+RmfIqGjmTmF+U
SpHem4WyDjjW7QJbKs8VgQggBqyXX8GAXVLJFBDVz5kx3oo3se31/dJRksdq9m7Z
DX3/8XARdokAKfCdtPkt1Qv4G1j83FUG6wbHLtBeqazFtHPuEVl3aPRvSdBQyLUG
18mEsSaNR1L4pzkBLmFFxr3TY4OZNsfCyvGX6DmkDp7jyU151Lu/ufD2a5JJ+YLO
Ok+Xe34bfe9kj+1jeZLplEZWz992KoS5Qh3pgBhRAhojKS/xqgbz2cIcxKdCEBR7
99NiRKgXFjv1CKCTy2JARQxldPuefNZizqCqCKGuLcQwyPPc5b1SSspIrMvlvg==
-----END CERTIFICATE-----