Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7fa3d3bc-a4b3-4380-b552-ac5b6ec7404b.roa
File:                     7fa3d3bc-a4b3-4380-b552-ac5b6ec7404b.roa (raw, json)
Hash identifier:          qFLwIVOzPWtx91cf9pcbYIFVOgm7ueqVWk8IjJv2QbQ=
Subject key identifier:   1E:45:15:33:EE:61:46:E9:77:A4:7F:57:11:BD:EE:1E:8D:D5:16:E9
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       317CB99AC001E29F9CF78CF443B55F86F20A91F7
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7fa3d3bc-a4b3-4380-b552-ac5b6ec7404b.roa
Signing time:             Wed 28 May 2025 13:52:01 +0000
ROA not before:           Wed 28 May 2025 13:52:01 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000::/28 maxlen: 28
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 18:37:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:7c:b9:9a:c0:01:e2:9f:9c:f7:8c:f4:43:b5:5f:86:f2:0a:91:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: May 28 13:52:01 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=c3aba4288cbbd27aa432bd1cbe54d759b8a104fd4fa1be84ecfc5c76def18701, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:06:cc:13:27:07:50:94:35:2d:30:c6:b5:ed:
                    a6:b9:b3:0f:59:d4:95:c7:c7:70:44:83:64:6c:03:
                    58:68:da:b7:b0:91:6c:78:cb:68:1d:98:a5:ee:2b:
                    d8:a7:95:dd:c5:f8:ac:78:94:72:1f:26:6d:e1:1e:
                    c0:65:c8:ce:e3:df:62:9e:c9:27:67:30:70:b7:38:
                    f9:a5:5a:c2:90:87:e8:4f:6e:dc:95:fd:d8:57:76:
                    fa:17:3b:b8:99:23:eb:25:35:78:17:6c:bc:90:e1:
                    6d:aa:bb:65:1f:5c:77:2b:79:95:da:93:66:5c:7a:
                    f2:9c:9b:50:8b:7f:3c:9e:6b:31:0f:7c:c1:14:c0:
                    5a:74:46:1c:c6:aa:84:7e:64:ff:d1:f0:87:cd:57:
                    90:a3:ef:64:5d:99:c4:fb:7d:ac:79:9d:42:97:15:
                    5e:56:5c:8a:e6:3a:d2:fb:a5:b4:84:8e:c5:5b:61:
                    59:91:46:9c:dc:20:5e:e0:1e:99:3e:94:6e:ed:7b:
                    6e:9a:e3:07:6f:54:fb:27:ed:ab:3b:74:ef:19:c7:
                    b9:50:1d:75:e6:c8:1d:37:75:5c:cd:0c:65:90:32:
                    cc:7e:26:0e:a4:1a:50:70:15:e5:61:04:34:d9:e4:
                    e7:b1:dd:66:cc:0b:a2:b2:bc:fc:77:a2:66:67:84:
                    b1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:45:15:33:EE:61:46:E9:77:A4:7F:57:11:BD:EE:1E:8D:D5:16:E9
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7fa3d3bc-a4b3-4380-b552-ac5b6ec7404b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000::/28

    Signature Algorithm: sha256WithRSAEncryption
         5a:b1:c7:b3:cf:40:93:12:2d:14:a5:9f:42:27:c8:98:60:37:
         a1:72:2b:32:62:23:f7:a4:35:09:8a:05:6e:66:a1:f3:74:aa:
         a1:b7:1d:8e:e2:a9:52:f2:16:94:98:d3:50:71:27:86:5b:e4:
         6e:c5:40:fd:ad:f4:28:97:05:1b:5d:41:66:4f:b1:3d:1f:2f:
         5b:b8:5d:51:4a:31:57:71:fc:cb:b4:83:28:8c:04:6e:34:d2:
         40:51:e5:78:47:5a:94:a6:13:64:01:35:09:e6:ac:2b:ed:05:
         d8:b2:8b:b3:1e:50:eb:38:fb:72:41:be:3c:32:33:1f:22:67:
         61:ad:0f:33:18:1d:85:41:92:b5:48:7a:17:d5:92:6a:23:01:
         a1:13:ed:c1:d8:54:bb:22:91:aa:f6:67:38:a6:38:fb:bc:a0:
         f4:3a:c7:59:16:4a:6d:61:ac:26:2c:6b:d4:9e:33:72:cf:bc:
         0c:10:cf:c4:c5:9f:ee:b3:e3:c4:3c:7e:22:66:fa:15:5d:7a:
         cc:51:e0:f9:90:87:e8:f0:88:79:65:6b:b1:a8:b7:92:d8:9d:
         7c:5e:a0:92:c3:b0:e4:90:f9:7c:d6:46:c9:4e:96:91:68:82:
         7f:53:cc:a1:9b:51:7c:16:21:8c:67:32:67:e1:ee:2c:ec:f4:
         66:73:d3:2d
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUMXy5msAB4p+c94z0Q7VfhvIKkfcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwNTI4MTM1MjAxWhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjM2FiYTQyODhjYmJkMjdhYTQzMmJkMWNiZTU0ZDc1OWI4
YTEwNGZkNGZhMWJlODRlY2ZjNWM3NmRlZjE4NzAxMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDABswTJwdQlDUtMMa17aa5sw9Z1JXHx3BEg2RsA1ho2rew
kWx4y2gdmKXuK9inld3F+Kx4lHIfJm3hHsBlyM7j32KeySdnMHC3OPmlWsKQh+hP
btyV/dhXdvoXO7iZI+slNXgXbLyQ4W2qu2UfXHcreZXak2ZcevKcm1CLfzyeazEP
fMEUwFp0RhzGqoR+ZP/R8IfNV5Cj72RdmcT7fax5nUKXFV5WXIrmOtL7pbSEjsVb
YVmRRpzcIF7gHpk+lG7te26a4wdvVPsn7as7dO8Zx7lQHXXmyB03dVzNDGWQMsx+
Jg6kGlBwFeVhBDTZ5Oex3WbMC6KyvPx3omZnhLFTAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUHkUVM+5hRul3pH9XEb3uHo3VFukwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzdmYTNkM2JjLWE0YjMtNDM4MC1iNTUyLWFjNWI2ZWM3NDA0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQQmAJAAMA0GCSqGSIb3DQEBCwUAA4IBAQBascezz0CTEi0UpZ9CJ8iYYDeh
cisyYiP3pDUJigVuZqHzdKqhtx2O4qlS8haUmNNQcSeGW+RuxUD9rfQolwUbXUFm
T7E9Hy9buF1RSjFXcfzLtIMojARuNNJAUeV4R1qUphNkATUJ5qwr7QXYsouzHlDr
OPtyQb48MjMfImdhrQ8zGB2FQZK1SHoX1ZJqIwGhE+3B2FS7IpGq9mc4pjj7vKD0
OsdZFkptYawmLGvUnjNyz7wMEM/ExZ/us+PEPH4iZvoVXXrMUeD5kIfo8Ih5ZWux
qLeS2J18XqCSw7DkkPl81kbJTpaRaIJ/U8yhm1F8FiGMZzJn4e4s7PRmc9Mt
-----END CERTIFICATE-----