Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/27863dcf-40d8-4826-8a21-b2b714f54200.roa
File:                     27863dcf-40d8-4826-8a21-b2b714f54200.roa (raw, json)
Hash identifier:          qjvyxd+AtJ30ZjCKxIaBwOUin6pZs0qQRU8Dqqvk+5U=
Subject key identifier:   EB:D7:5E:11:7E:32:A8:C3:83:1E:1A:CE:F9:E9:A0:9A:D2:FF:E5:88
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       47F33ECEF66C08CD493B466CB450D99744F13D06
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/27863dcf-40d8-4826-8a21-b2b714f54200.roa
Signing time:             Wed 28 May 2025 13:37:02 +0000
ROA not before:           Wed 28 May 2025 13:37:02 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:a500::/40 maxlen: 48
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 18:38:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:f3:3e:ce:f6:6c:08:cd:49:3b:46:6c:b4:50:d9:97:44:f1:3d:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: May 28 13:37:02 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=d42ec79e49ff27bf98f53f32e39049f05254a7a353b47304c8f61dea21f47e3c, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c5:cb:8c:c6:f1:3d:bd:c6:b9:f4:b8:67:1f:
                    dc:71:86:e1:ff:16:04:61:ac:d5:d7:0a:9a:e3:6f:
                    c1:ea:41:d4:f0:04:3f:ef:4e:0f:27:68:62:6c:66:
                    fe:de:3b:a2:88:30:6a:0a:2b:96:db:5e:f6:b6:cc:
                    b3:1d:45:a9:05:ad:b1:e5:54:cf:0c:44:be:b1:f9:
                    ab:46:78:80:09:4f:c2:5a:80:15:b2:2d:c0:cc:38:
                    01:e6:02:11:64:97:55:f2:e3:90:00:a1:1f:62:9e:
                    31:12:25:88:47:e0:b1:ad:bb:18:88:02:c1:69:9f:
                    ca:37:d3:b4:da:22:c8:3e:12:2f:42:7f:82:54:df:
                    bb:e7:2e:c5:c9:ff:51:b5:c0:7f:d6:dd:95:d3:97:
                    f7:18:6d:53:84:d1:77:f9:c3:06:17:ed:12:09:5b:
                    79:ad:09:af:6b:ca:87:da:3c:72:40:45:f0:55:b5:
                    a6:d8:01:c0:16:13:1f:3c:95:20:54:20:2a:f4:cf:
                    e5:7d:25:fd:81:64:00:05:18:65:66:7f:52:b2:77:
                    bd:40:4a:f2:d6:0c:ec:fe:0f:89:6f:ec:90:dd:98:
                    89:7d:8f:28:ba:f8:52:b8:27:08:1f:c6:fd:7f:62:
                    f8:1a:c2:78:55:c4:ad:d9:8c:58:1f:08:7b:2c:be:
                    5c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:D7:5E:11:7E:32:A8:C3:83:1E:1A:CE:F9:E9:A0:9A:D2:FF:E5:88
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/27863dcf-40d8-4826-8a21-b2b714f54200.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:a500::/40

    Signature Algorithm: sha256WithRSAEncryption
         c1:1c:73:8e:28:96:66:6d:10:b2:a1:cf:7d:a4:3d:47:39:7d:
         20:57:a5:b8:79:93:26:af:70:88:05:c4:29:cb:90:9c:b5:15:
         82:03:c2:25:05:cc:19:5e:f9:e6:2c:f6:fb:89:a1:7c:0e:98:
         98:d0:60:2b:64:37:d2:2d:a4:d5:ff:e1:b2:97:87:d3:03:29:
         dc:0a:09:16:f8:a7:61:0d:f2:79:a1:9c:de:5e:8c:98:14:68:
         e2:eb:b5:a8:ea:7e:ba:d7:fd:b5:aa:66:83:50:dd:88:37:7a:
         93:9e:86:66:b0:75:7e:da:95:59:d4:e9:81:60:45:52:d1:66:
         00:59:8d:b3:5b:57:d2:d6:72:68:63:b5:20:92:7d:f4:e8:a5:
         60:4b:31:33:7c:76:3e:60:6c:c1:66:04:f9:27:1b:94:ad:82:
         e7:4c:53:38:19:83:d3:7d:e5:9b:c5:cd:6f:14:aa:04:38:d8:
         1a:23:fa:52:70:47:d7:0d:e7:bb:f5:29:ed:2a:5b:25:d6:4b:
         9c:57:6c:2c:a4:ce:78:0b:08:e2:e7:95:2e:ac:5e:36:68:76:
         23:62:60:d9:48:fa:d4:61:02:e7:13:ee:ff:20:81:0f:45:1f:
         bd:70:5c:10:ee:8b:84:ea:ac:dc:18:42:4f:51:34:2c:0c:30:
         67:6a:b4:a3
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUR/M+zvZsCM1JO0ZstFDZl0TxPQYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwNTI4MTMzNzAyWhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNDJlYzc5ZTQ5ZmYyN2JmOThmNTNmMzJlMzkwNDlmMDUy
NTRhN2EzNTNiNDczMDRjOGY2MWRlYTIxZjQ3ZTNjMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqxcuMxvE9vca59LhnH9xxhuH/FgRhrNXXCprjb8HqQdTw
BD/vTg8naGJsZv7eO6KIMGoKK5bbXva2zLMdRakFrbHlVM8MRL6x+atGeIAJT8Ja
gBWyLcDMOAHmAhFkl1Xy45AAoR9injESJYhH4LGtuxiIAsFpn8o307TaIsg+Ei9C
f4JU37vnLsXJ/1G1wH/W3ZXTl/cYbVOE0Xf5wwYX7RIJW3mtCa9ryofaPHJARfBV
tabYAcAWEx88lSBUICr0z+V9Jf2BZAAFGGVmf1Kyd71ASvLWDOz+D4lv7JDdmIl9
jyi6+FK4Jwgfxv1/YvgawnhVxK3ZjFgfCHssvlwNAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU69deEX4yqMODHhrO+emgmtL/5YgwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzI3ODYzZGNmLTQwZDgtNDgyNi04YTIxLWIyYjcxNGY1NDIwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAJAApTANBgkqhkiG9w0BAQsFAAOCAQEAwRxzjiiWZm0QsqHPfaQ9Rzl9
IFeluHmTJq9wiAXEKcuQnLUVggPCJQXMGV755iz2+4mhfA6YmNBgK2Q30i2k1f/h
speH0wMp3AoJFvinYQ3yeaGc3l6MmBRo4uu1qOp+utf9tapmg1DdiDd6k56GZrB1
ftqVWdTpgWBFUtFmAFmNs1tX0tZyaGO1IJJ99OilYEsxM3x2PmBswWYE+ScblK2C
50xTOBmD033lm8XNbxSqBDjYGiP6UnBH1w3nu/Up7SpbJdZLnFdsLKTOeAsI4ueV
LqxeNmh2I2Jg2Uj61GEC5xPu/yCBD0UfvXBcEO6LhOqs3BhCT1E0LAwwZ2q0ow==
-----END CERTIFICATE-----