Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51cfe54c-8ff8-4433-bc98-55730061dd5c.roa
File:                     51cfe54c-8ff8-4433-bc98-55730061dd5c.roa (raw, json)
Hash identifier:          GBqBMkRZCtWC+KfvS8AOxffdyf+aITVItUzTz+4BXVE=
Subject key identifier:   29:BF:D6:80:0F:26:98:4E:AA:90:43:D6:80:98:9E:DF:67:3A:88:80
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0432141D9BFA06CA97A2849FD6F5F375050F621B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51cfe54c-8ff8-4433-bc98-55730061dd5c.roa
Signing time:             Mon 14 Apr 2025 21:22:07 +0000
ROA not before:           Mon 14 Apr 2025 21:22:07 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fee:a400::/40 maxlen: 48
Validation:               Failed, certificate revoked on Mon 14 Apr 2025 22:52:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:32:14:1d:9b:fa:06:ca:97:a2:84:9f:d6:f5:f3:75:05:0f:62:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 14 21:22:07 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=2eb51619f271354d0f0b545422ad6cf5806528e840eba6aed6e0970adaebdbdf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f6:d4:e3:a9:90:bc:a5:4f:57:c4:e6:12:57:
                    3f:1c:5a:92:0d:91:4f:7b:61:63:57:b9:dd:4f:ff:
                    c1:26:a3:32:5c:bc:e0:8f:35:b6:0f:41:5c:21:b2:
                    c4:f0:98:cf:b6:60:9e:fa:09:27:ab:b4:90:21:d0:
                    5c:7a:f7:11:44:bf:3e:33:fb:4c:6f:03:77:c1:f1:
                    8b:3e:6e:90:32:a1:63:2b:29:cc:52:a1:85:2c:f3:
                    33:8a:15:9a:ce:ae:b7:e4:6d:86:b5:fa:25:73:3a:
                    97:a3:db:67:c8:40:95:b2:0b:ce:de:69:02:35:c6:
                    03:a9:e5:d2:2c:3f:d8:47:30:2f:0c:b6:18:66:f8:
                    4d:be:46:b9:5c:79:6e:c0:fd:47:d5:79:f9:7a:8b:
                    ff:c3:17:3d:64:90:b6:29:f6:fc:0f:a0:3f:ff:ba:
                    ef:c3:66:8c:f1:31:3c:e0:71:1e:a4:83:4e:86:68:
                    b6:c4:21:7d:0f:b6:44:e7:a1:48:65:46:7c:22:09:
                    75:94:d2:e0:7d:b5:27:70:c8:24:08:1a:a0:0c:94:
                    80:45:7a:31:27:38:09:15:d1:c0:81:ee:16:0c:7f:
                    5e:77:4f:c9:44:b9:b2:a9:e9:42:ed:0c:2b:c6:c6:
                    35:4c:6d:e4:a0:c7:be:57:f0:d6:03:a5:bb:c5:eb:
                    b5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:BF:D6:80:0F:26:98:4E:AA:90:43:D6:80:98:9E:DF:67:3A:88:80
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51cfe54c-8ff8-4433-bc98-55730061dd5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fee:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         54:e4:2b:a9:df:7a:c7:3f:9d:8e:cb:53:a0:47:de:e1:32:2b:
         19:fd:21:7d:bc:c2:b0:44:2c:47:4a:48:4f:95:5e:2f:07:46:
         fb:00:49:69:fe:5e:c9:7b:56:db:00:19:28:2f:9f:e5:1c:b4:
         b1:20:7c:50:35:50:17:2a:86:e5:dd:0c:84:32:4f:a9:0d:8f:
         3f:13:99:f7:a9:a7:1f:56:22:c2:77:90:3d:dd:dd:af:bd:e2:
         5a:8d:bd:5e:eb:9a:3a:b5:00:65:1a:34:f8:c6:47:bf:13:40:
         af:f2:31:eb:a0:8d:4e:8c:b5:23:a8:6e:1a:bd:79:ab:5d:9f:
         68:52:b3:13:c6:35:6e:20:5a:a9:99:7d:8f:9d:8d:df:d2:8f:
         3b:49:0b:bf:94:68:71:78:e0:75:f8:20:7d:83:63:50:5a:14:
         69:32:8f:23:85:cd:f0:92:a9:88:4a:51:0f:cb:c7:46:b1:8a:
         bd:ab:ff:29:4c:9d:46:8b:8a:0e:3f:79:7f:e2:aa:f3:01:a4:
         4c:f7:1b:8a:8c:b3:5c:f5:82:a3:c7:aa:e1:12:c9:dd:49:96:
         e3:ef:9d:d9:c7:ba:0d:fb:bb:7a:b5:63:26:bb:49:42:96:c0:
         18:47:54:cc:8a:a5:ee:39:19:1c:9a:63:2c:9e:0e:48:8c:ff:
         34:0f:c4:f8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUBDIUHZv6BsqXooSf1vXzdQUPYhswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE0MjEyMjA3WhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZWI1MTYxOWYyNzEzNTRkMGYwYjU0NTQyMmFkNmNmNTgw
NjUyOGU4NDBlYmE2YWVkNmUwOTcwYWRhZWJkYmRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCo9tTjqZC8pU9XxOYSVz8cWpINkU97YWNXud1P/8EmozJc
vOCPNbYPQVwhssTwmM+2YJ76CSertJAh0Fx69xFEvz4z+0xvA3fB8Ys+bpAyoWMr
KcxSoYUs8zOKFZrOrrfkbYa1+iVzOpej22fIQJWyC87eaQI1xgOp5dIsP9hHMC8M
thhm+E2+RrlceW7A/UfVefl6i//DFz1kkLYp9vwPoD//uu/DZozxMTzgcR6kg06G
aLbEIX0PtkTnoUhlRnwiCXWU0uB9tSdwyCQIGqAMlIBFejEnOAkV0cCB7hYMf153
T8lEubKp6ULtDCvGxjVMbeSgx75X8NYDpbvF67VPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUKb/WgA8mmE6qkEPWgJie32c6iIAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxY2ZlNTRjLThmZjgtNDQzMy1iYzk4LTU1NzMwMDYxZGQ1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/upDANBgkqhkiG9w0BAQsFAAOCAQEAVOQrqd96xz+djstToEfe4TIr
Gf0hfbzCsEQsR0pIT5VeLwdG+wBJaf5eyXtW2wAZKC+f5Ry0sSB8UDVQFyqG5d0M
hDJPqQ2PPxOZ96mnH1YiwneQPd3dr73iWo29XuuaOrUAZRo0+MZHvxNAr/Ix66CN
Toy1I6huGr15q12faFKzE8Y1biBaqZl9j52N39KPO0kLv5RocXjgdfggfYNjUFoU
aTKPI4XN8JKpiEpRD8vHRrGKvav/KUydRouKDj95f+Kq8wGkTPcbioyzXPWCo8eq
4RLJ3UmW4++d2ce6Dfu7erVjJrtJQpbAGEdUzIql7jkZHJpjLJ4OSIz/NA/E+A==
-----END CERTIFICATE-----