Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/78d433c6-268d-4793-988c-f7adab886717.roa
File:                     78d433c6-268d-4793-988c-f7adab886717.roa (raw, json)
Hash identifier:          txegP7pPs331tUKmj57RIiM3L1kVPAyQ+ZgJi6B9/Pw=
Subject key identifier:   95:5D:25:54:28:86:CB:11:83:15:62:95:82:85:05:0F:09:E8:11:AE
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       592C1A3F78E26B600F2575D9D9C8D6B056D98DB2
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/78d433c6-268d-4793-988c-f7adab886717.roa
Signing time:             Sat 26 Apr 2025 08:11:03 +0000
ROA not before:           Sat 26 Apr 2025 08:11:03 +0000
ROA not after:            Sat 31 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:d00::/40 maxlen: 48
Validation:               Failed, certificate revoked on Sat 26 Apr 2025 09:02:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:2c:1a:3f:78:e2:6b:60:0f:25:75:d9:d9:c8:d6:b0:56:d9:8d:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Apr 26 08:11:03 2025 GMT
            Not After : May 31 23:59:59 2025 GMT
        Subject: serialNumber=b746b4691afa7f68ab45403d4e95ad3d352bd74e2ac1b4faa115a7252605be77, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:22:e8:3e:3f:34:b6:a9:0f:39:a8:09:29:70:
                    34:72:ff:55:fa:70:97:6e:bf:6b:70:57:d2:e0:52:
                    aa:33:e2:d9:e8:d3:96:b5:72:0d:2f:97:44:8c:5e:
                    f1:55:b1:6c:d0:6c:c3:4c:41:9f:79:10:99:99:d8:
                    a6:e8:44:78:c9:03:76:f9:ec:7e:b3:8c:2d:0b:bb:
                    62:b2:b5:1c:2e:91:14:62:c7:55:e7:dc:f7:fb:4b:
                    14:9b:8c:e8:35:f8:19:10:b2:95:46:b0:c1:ed:dd:
                    e5:2f:91:44:6d:05:ce:d8:84:8a:4a:e5:07:a3:84:
                    80:69:36:81:b9:2c:1b:f5:25:31:7f:a4:bf:0a:67:
                    62:48:2f:15:d0:bc:64:8d:76:cb:68:bf:e7:70:7a:
                    f3:89:fa:5c:1e:b8:97:8b:b3:53:b5:6c:fd:16:eb:
                    d4:b3:93:40:3a:a8:5b:c5:66:14:3b:e3:15:98:d2:
                    cc:66:31:94:11:9b:cc:2d:31:3a:71:22:c9:ea:4a:
                    ed:fe:f6:fd:b7:70:11:ed:5e:85:6a:6f:19:11:0f:
                    b2:19:9b:1b:39:42:f8:9a:78:66:2d:cf:dd:a9:3c:
                    d5:e6:94:6e:c9:58:41:fc:dc:ac:39:23:60:17:a4:
                    f6:8c:e8:18:d9:b9:c0:34:54:f9:a8:3b:cf:b2:64:
                    c9:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:5D:25:54:28:86:CB:11:83:15:62:95:82:85:05:0F:09:E8:11:AE
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/78d433c6-268d-4793-988c-f7adab886717.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         11:e3:1a:0c:91:9a:f1:ac:bb:c8:4d:bd:db:fb:03:b7:89:2d:
         f0:8e:4d:54:83:2d:d2:91:e5:e1:4a:21:d1:88:cd:45:45:3c:
         d7:50:a5:50:1f:c2:b4:d8:95:a1:7f:d9:2f:f8:23:b0:10:46:
         41:7a:9c:e7:81:a5:e9:dd:a7:e4:a9:54:87:36:e9:86:05:59:
         c5:6d:25:a2:29:22:15:72:15:28:36:d9:89:94:f4:bf:80:c2:
         22:c2:d8:41:7f:f0:34:40:19:33:00:55:78:ee:38:ca:bf:16:
         d4:34:95:a3:a7:fe:14:3c:83:5b:3b:99:dc:8f:d8:b0:1b:d8:
         83:b9:9f:b5:59:40:85:e3:97:16:8a:67:06:27:1d:61:14:18:
         13:46:35:09:53:24:a8:77:23:83:8d:82:06:bd:30:2f:85:80:
         5d:85:27:86:f5:62:01:13:e1:48:43:0f:54:fc:cd:6e:4f:17:
         d5:dc:e7:1d:8e:d0:b6:d4:8a:e5:4b:5f:7c:e1:63:29:1e:4d:
         db:f2:42:ed:8c:e1:07:6f:9c:70:ec:9d:c9:dd:c0:a2:72:c6:
         b7:f2:c4:42:c1:39:e5:d2:c2:5c:8e:74:6d:96:86:5c:bd:69:
         b8:fb:0a:5b:86:8e:10:ad:62:eb:78:c8:25:a6:bb:19:4f:39:
         a1:34:e6:97
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUWSwaP3jia2APJXXZ2cjWsFbZjbIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNDI2MDgxMTAzWhcNMjUwNTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzQ2YjQ2OTFhZmE3ZjY4YWI0NTQwM2Q0ZTk1YWQzZDM1
MmJkNzRlMmFjMWI0ZmFhMTE1YTcyNTI2MDViZTc3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxIug+PzS2qQ85qAkpcDRy/1X6cJduv2twV9LgUqoz4tno
05a1cg0vl0SMXvFVsWzQbMNMQZ95EJmZ2KboRHjJA3b57H6zjC0Lu2KytRwukRRi
x1Xn3Pf7SxSbjOg1+BkQspVGsMHt3eUvkURtBc7YhIpK5QejhIBpNoG5LBv1JTF/
pL8KZ2JILxXQvGSNdstov+dwevOJ+lweuJeLs1O1bP0W69Szk0A6qFvFZhQ74xWY
0sxmMZQRm8wtMTpxIsnqSu3+9v23cBHtXoVqbxkRD7IZmxs5QviaeGYtz92pPNXm
lG7JWEH83Kw5I2AXpPaM6BjZucA0VPmoO8+yZMnLAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUlV0lVCiGyxGDFWKVgoUFDwnoEa4wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzc4ZDQzM2M2LTI2OGQtNDc5My05ODhjLWY3YWRhYjg4NjcxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBZzADTANBgkqhkiG9w0BAQsFAAOCAQEAEeMaDJGa8ay7yE292/sDt4kt
8I5NVIMt0pHl4Uoh0YjNRUU811ClUB/CtNiVoX/ZL/gjsBBGQXqc54Gl6d2n5KlU
hzbphgVZxW0loikiFXIVKDbZiZT0v4DCIsLYQX/wNEAZMwBVeO44yr8W1DSVo6f+
FDyDWzuZ3I/YsBvYg7mftVlAheOXFopnBicdYRQYE0Y1CVMkqHcjg42CBr0wL4WA
XYUnhvViARPhSEMPVPzNbk8X1dznHY7QttSK5UtffOFjKR5N2/JC7YzhB2+ccOyd
yd3AonLGt/LEQsE55dLCXI50bZaGXL1puPsKW4aOEK1i63jIJaa7GU85oTTmlw==
-----END CERTIFICATE-----