Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2de6b3b-0e06-49b2-8df1-071877b83155.roa
File:                     b2de6b3b-0e06-49b2-8df1-071877b83155.roa (raw, json)
Hash identifier:          sU8E8YE6Xf1VKqb/4YqtVmCLxogDis3TGI5w8QJiHvw=
Subject key identifier:   6F:E9:FF:C3:97:79:22:58:B1:87:8E:C0:BB:B8:6F:7B:44:BF:AB:04
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       39F7C4CC7E2F53BFFD0C9CF361ED58FBC98484CA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2de6b3b-0e06-49b2-8df1-071877b83155.roa
Signing time:             Mon 12 May 2025 15:20:21 +0000
ROA not before:           Mon 12 May 2025 15:20:21 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fbb:3400::/40 maxlen: 40
Validation:               Failed, certificate revoked on Tue 03 Jun 2025 20:39:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:f7:c4:cc:7e:2f:53:bf:fd:0c:9c:f3:61:ed:58:fb:c9:84:84:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 12 15:20:21 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=fb914028e11135c85562cf19fbd6314ad9b444a453b69af3fef369cd0fb3d1d9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:12:be:dd:3c:2b:0a:34:56:37:20:a4:77:ad:
                    0e:b0:87:86:40:8c:91:f1:f3:dc:27:fe:a8:fc:05:
                    98:80:19:2a:07:3b:aa:90:44:fd:cd:e2:99:bd:69:
                    eb:a6:77:5e:b0:84:d6:b3:cc:84:18:04:75:03:26:
                    09:82:cd:7d:ac:46:3d:de:40:b7:a4:d6:1d:78:b9:
                    0d:18:f0:9e:e6:b0:09:6e:6f:71:2f:fb:9f:e2:ed:
                    c4:06:cd:1b:f2:91:cd:0f:88:48:73:12:8d:fd:b5:
                    25:cd:7c:c2:59:2c:db:55:bc:4f:c7:79:9d:63:06:
                    05:06:17:83:ca:f3:1c:c3:4e:6c:e5:84:1f:1f:88:
                    be:a1:40:f9:4d:ad:53:d0:a1:57:87:58:13:cb:39:
                    3d:8f:17:53:54:c7:9a:c5:0e:eb:1a:8f:e1:36:87:
                    56:2a:11:af:e1:80:cd:3e:46:0b:2c:46:86:b1:1b:
                    18:a0:46:2e:c7:fa:f3:6d:cf:c4:d4:79:2f:d6:a4:
                    fb:97:af:e5:d9:74:22:28:35:5e:c7:5a:bb:4a:ad:
                    1e:97:58:c5:01:eb:81:12:dc:2c:35:2a:20:90:0d:
                    4e:ca:0a:19:3c:1b:bf:e6:f7:0b:b3:c9:fc:8a:2a:
                    e9:41:6e:64:a4:c9:23:b7:06:e1:50:6a:61:81:2e:
                    47:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:E9:FF:C3:97:79:22:58:B1:87:8E:C0:BB:B8:6F:7B:44:BF:AB:04
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2de6b3b-0e06-49b2-8df1-071877b83155.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fbb:3400::/40

    Signature Algorithm: sha256WithRSAEncryption
         97:12:66:8e:09:64:45:c8:18:77:6f:8e:45:25:aa:35:d1:a7:
         8f:20:7f:26:59:a5:2b:e7:3b:49:f4:b1:76:90:37:b0:de:83:
         2a:3a:b9:d1:4c:56:b3:82:7f:70:36:42:5d:78:ef:e2:50:ca:
         f2:95:40:b3:f6:95:0e:77:1e:95:9f:c9:86:85:6d:b0:5b:ab:
         96:06:7c:4d:6f:5f:78:28:33:a2:50:de:48:31:0c:39:ee:bd:
         13:49:4a:ba:75:ec:70:2a:0f:12:34:8e:f7:d3:83:f2:cd:08:
         5e:a7:f6:02:93:c6:bf:d5:49:24:45:91:52:a3:84:40:f3:36:
         0d:a1:6f:6e:a2:7d:2f:fe:42:83:58:ba:3b:3e:76:57:d6:8e:
         05:d0:10:4d:49:17:31:a2:ab:2d:18:6c:d1:fc:75:06:4f:0a:
         8b:68:c2:45:1d:42:c7:86:70:0e:5d:66:f1:a9:a0:68:be:52:
         bf:9f:a3:ac:e0:ab:5f:77:0e:a5:13:35:c8:09:23:9c:ec:93:
         46:ef:f4:74:1d:c2:78:b3:c6:58:a4:74:0b:5b:08:4c:60:c2:
         b7:06:04:3f:ff:d1:ca:3a:70:16:a5:4a:fa:bb:0b:8b:8b:f8:
         33:0b:d2:ee:c4:b2:e7:88:e2:92:6b:89:e7:98:c6:58:e8:2e:
         8f:1e:13:96
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUOffEzH4vU7/9DJzzYe1Y+8mEhMowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTEyMTUyMDIxWhcNMjUwNjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYjkxNDAyOGUxMTEzNWM4NTU2MmNmMTlmYmQ2MzE0YWQ5
YjQ0NGE0NTNiNjlhZjNmZWYzNjljZDBmYjNkMWQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwEr7dPCsKNFY3IKR3rQ6wh4ZAjJHx89wn/qj8BZiAGSoH
O6qQRP3N4pm9aeumd16whNazzIQYBHUDJgmCzX2sRj3eQLek1h14uQ0Y8J7msAlu
b3Ev+5/i7cQGzRvykc0PiEhzEo39tSXNfMJZLNtVvE/HeZ1jBgUGF4PK8xzDTmzl
hB8fiL6hQPlNrVPQoVeHWBPLOT2PF1NUx5rFDusaj+E2h1YqEa/hgM0+RgssRoax
GxigRi7H+vNtz8TUeS/WpPuXr+XZdCIoNV7HWrtKrR6XWMUB64ES3Cw1KiCQDU7K
Chk8G7/m9wuzyfyKKulBbmSkySO3BuFQamGBLkfLAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUb+n/w5d5Ilixh47Au7hve0S/qwQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IyZGU2YjNiLTBlMDYtNDliMi04ZGYxLTA3MTg3N2I4MzE1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+7NDANBgkqhkiG9w0BAQsFAAOCAQEAlxJmjglkRcgYd2+ORSWqNdGn
jyB/JlmlK+c7SfSxdpA3sN6DKjq50UxWs4J/cDZCXXjv4lDK8pVAs/aVDncelZ/J
hoVtsFurlgZ8TW9feCgzolDeSDEMOe69E0lKunXscCoPEjSO99OD8s0IXqf2ApPG
v9VJJEWRUqOEQPM2DaFvbqJ9L/5Cg1i6Oz52V9aOBdAQTUkXMaKrLRhs0fx1Bk8K
i2jCRR1Cx4ZwDl1m8amgaL5Sv5+jrOCrX3cOpRM1yAkjnOyTRu/0dB3CeLPGWKR0
C1sITGDCtwYEP//RyjpwFqVK+rsLi4v4MwvS7sSy54jikmuJ55jGWOgujx4Tlg==
-----END CERTIFICATE-----