Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c9031f2-c902-4233-a6bd-6c109e4ed033.roa
File:                     4c9031f2-c902-4233-a6bd-6c109e4ed033.roa (raw, json)
Hash identifier:          5MhZl65I26drkOyrnxO01RMt8/e3I0a6vOihZ8X4LUQ=
Subject key identifier:   8A:2A:D3:8E:1E:03:A1:E7:2A:9F:D8:D5:40:20:04:1E:F1:66:FC:94
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0404AC555DDDE0ABC81684DB592DB6C8E5CCCE50
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c9031f2-c902-4233-a6bd-6c109e4ed033.roa
Signing time:             Mon 19 May 2025 15:50:30 +0000
ROA not before:           Mon 19 May 2025 15:50:30 +0000
ROA not after:            Mon 23 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff4:20c0::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:39:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:04:ac:55:5d:dd:e0:ab:c8:16:84:db:59:2d:b6:c8:e5:cc:ce:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 19 15:50:30 2025 GMT
            Not After : Jun 23 23:59:59 2025 GMT
        Subject: serialNumber=8acfd85b89680a6b2784dd5b558563a7bf9fc13b3104ab61101d03abc687cdc7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:72:91:dd:5c:67:60:29:c2:9d:5b:37:2d:04:
                    b9:e9:4e:26:6d:45:a9:ab:a5:17:91:91:00:af:12:
                    14:e5:88:ac:b9:65:f6:87:58:90:dd:e1:db:0c:82:
                    6a:df:f6:5f:b5:20:fd:e8:3a:a4:f5:79:36:05:45:
                    af:cd:95:77:94:e4:6c:04:ed:a5:51:07:33:dc:a3:
                    37:43:d4:64:72:58:37:b7:d8:7f:ce:b6:68:5f:1a:
                    6a:e6:8b:38:ee:96:d5:1e:68:31:b0:5b:15:fa:a1:
                    fa:4d:4c:5a:6a:5d:6d:da:2d:54:43:83:f8:45:ab:
                    6e:61:e1:ea:a7:cd:94:c1:dd:2b:eb:db:bc:f4:e3:
                    cc:38:f8:aa:aa:e5:3b:89:3c:48:a8:b3:f7:57:a3:
                    d6:82:49:84:c2:30:0b:e4:5a:6e:dc:45:2d:ed:76:
                    e1:c8:51:80:1d:c8:bd:e7:d0:20:aa:a5:4b:fe:b0:
                    22:f9:f7:97:62:1f:93:48:31:b4:79:71:81:10:2d:
                    3c:0d:38:7e:2f:7c:ec:50:ce:a6:3c:78:08:af:67:
                    24:3c:3e:6c:f3:b7:95:cb:28:05:c9:32:81:5f:cc:
                    c8:87:40:3d:12:46:9b:f0:0b:fb:2c:ef:d6:56:64:
                    0e:47:06:77:7f:b4:21:74:fc:cd:21:77:db:ba:0c:
                    63:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:2A:D3:8E:1E:03:A1:E7:2A:9F:D8:D5:40:20:04:1E:F1:66:FC:94
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c9031f2-c902-4233-a6bd-6c109e4ed033.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff4:20c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         c7:d9:b4:87:3e:da:b3:67:97:db:42:df:4f:90:a6:39:52:46:
         ad:0c:51:d2:0d:33:48:42:a6:da:91:c9:d9:80:f3:26:e6:be:
         b6:c6:a8:cf:bc:38:85:7c:34:5b:7b:71:b7:ce:88:8e:66:0e:
         ba:14:9c:f7:f4:4c:27:b9:e8:d9:a4:e3:44:63:c4:e9:de:50:
         b8:45:ef:3b:44:7d:15:2c:b3:21:24:18:9a:01:dc:31:56:6f:
         c6:0d:07:eb:64:fd:38:cd:f4:7c:b2:7e:67:e1:d0:40:84:18:
         16:b6:de:23:fd:e2:b3:40:d1:dc:38:df:f2:ce:23:54:8a:e2:
         d0:9a:68:37:85:13:72:05:fb:a5:c3:db:ef:08:f2:f3:d8:d1:
         a3:89:d6:cf:b8:85:39:79:83:c6:d4:56:de:6f:40:a3:7b:a8:
         cf:b5:34:a4:af:8e:be:b5:14:3e:37:b3:79:54:c6:6e:54:b7:
         7f:40:ff:41:79:18:d5:2b:12:7e:bd:54:f2:eb:a5:96:cc:09:
         d1:ea:23:61:64:16:31:12:76:52:73:b9:1d:8d:50:21:7a:53:
         58:11:16:2a:99:ed:c4:14:b3:ab:ea:25:fa:dd:a5:84:77:d1:
         3d:14:85:19:ea:20:01:fa:01:6f:a9:a5:f4:1a:16:1f:ea:79:
         e2:7e:eb:ee
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBASsVV3d4KvIFoTbWS22yOXMzlAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE5MTU1MDMwWhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YWNmZDg1Yjg5NjgwYTZiMjc4NGRkNWI1NTg1NjNhN2Jm
OWZjMTNiMzEwNGFiNjExMDFkMDNhYmM2ODdjZGM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBcpHdXGdgKcKdWzctBLnpTiZtRamrpReRkQCvEhTliKy5
ZfaHWJDd4dsMgmrf9l+1IP3oOqT1eTYFRa/NlXeU5GwE7aVRBzPcozdD1GRyWDe3
2H/OtmhfGmrmizjultUeaDGwWxX6ofpNTFpqXW3aLVRDg/hFq25h4eqnzZTB3Svr
27z048w4+Kqq5TuJPEios/dXo9aCSYTCMAvkWm7cRS3tduHIUYAdyL3n0CCqpUv+
sCL595diH5NIMbR5cYEQLTwNOH4vfOxQzqY8eAivZyQ8Pmzzt5XLKAXJMoFfzMiH
QD0SRpvwC/ss79ZWZA5HBnd/tCF0/M0hd9u6DGO7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUiirTjh4Doecqn9jVQCAEHvFm/JQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRjOTAzMWYyLWM5MDItNDIzMy1hNmJkLTZjMTA5ZTRlZDAzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/0IMAwDQYJKoZIhvcNAQELBQADggEBAMfZtIc+2rNnl9tC30+QpjlS
Rq0MUdINM0hCptqRydmA8ybmvrbGqM+8OIV8NFt7cbfOiI5mDroUnPf0TCe56Nmk
40RjxOneULhF7ztEfRUssyEkGJoB3DFWb8YNB+tk/TjN9Hyyfmfh0ECEGBa23iP9
4rNA0dw43/LOI1SK4tCaaDeFE3IF+6XD2+8I8vPY0aOJ1s+4hTl5g8bUVt5vQKN7
qM+1NKSvjr61FD43s3lUxm5Ut39A/0F5GNUrEn69VPLrpZbMCdHqI2FkFjESdlJz
uR2NUCF6U1gRFiqZ7cQUs6vqJfrdpYR30T0UhRnqIAH6AW+ppfQaFh/qeeJ+6+4=
-----END CERTIFICATE-----