Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/953f63ff-1ea2-4d85-adc9-c234c8665021.roa
File:                     953f63ff-1ea2-4d85-adc9-c234c8665021.roa (raw, json)
Hash identifier:          PUuOSJZVc3TxFL7d32ZXsREkGHu/k+3Mh2CMUuZd198=
Subject key identifier:   EC:1B:0D:97:D6:29:A1:76:76:29:51:5A:89:B3:C4:95:BB:18:BE:4D
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       7FEF40510E3298BB135995FE3E2FB82072A84FBE
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/953f63ff-1ea2-4d85-adc9-c234c8665021.roa
Signing time:             Wed 28 May 2025 13:38:27 +0000
ROA not before:           Wed 28 May 2025 13:38:27 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:5205::/48 maxlen: 48
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 18:37:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:ef:40:51:0e:32:98:bb:13:59:95:fe:3e:2f:b8:20:72:a8:4f:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: May 28 13:38:27 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=cc0fbd07b764d01c4f060ca8904be782f9acdaf0b36f23df9ecef06680d49bd8, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:55:b3:e6:af:e2:3e:ac:38:58:41:3f:52:ce:
                    30:23:e9:90:4a:cf:9d:55:ca:0c:6f:e9:24:85:7b:
                    c6:cb:7c:34:c0:d9:f5:41:1e:53:79:62:e5:2a:52:
                    1e:7e:32:cc:6d:5d:da:0e:6c:74:e4:76:d6:d4:33:
                    0c:c3:16:25:30:b0:88:02:5c:be:47:0d:ee:0e:70:
                    77:05:9c:2d:ac:eb:ef:b1:94:eb:6d:ff:d1:cb:8c:
                    7b:cb:f6:39:94:8f:eb:fa:b0:78:16:e2:85:02:9b:
                    f8:8f:1a:db:1f:05:f2:22:f5:45:d8:c0:bc:02:62:
                    cc:e9:72:27:ec:ae:57:5c:87:05:d1:9e:a2:13:3b:
                    79:96:fb:7a:33:ab:5e:2c:4a:23:78:41:eb:f9:50:
                    93:f9:3e:72:fb:3a:27:50:98:72:6e:dc:63:31:60:
                    4e:9e:fe:2f:dc:f3:c9:22:59:f2:db:6e:3b:da:a8:
                    a8:ed:b8:2b:ac:13:ec:84:f2:b2:a5:64:99:9e:e0:
                    68:9b:6a:02:6e:b0:a8:63:c9:02:f0:03:a0:eb:4b:
                    32:ef:d6:a2:6c:2f:4d:4f:db:ec:ab:23:7d:a3:cf:
                    8b:8c:6f:cc:37:80:88:52:62:9a:37:b4:b6:c1:34:
                    6b:6c:09:52:7d:9b:fc:a5:cd:0a:e4:c9:50:f3:0d:
                    cc:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:1B:0D:97:D6:29:A1:76:76:29:51:5A:89:B3:C4:95:BB:18:BE:4D
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/953f63ff-1ea2-4d85-adc9-c234c8665021.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:5205::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:ae:4a:34:f6:8e:85:ee:6e:c9:e9:76:f6:7a:a3:32:a4:4d:
         1f:e5:c5:ae:44:1c:b9:bc:2d:97:63:22:03:f9:23:c0:91:85:
         11:87:bb:0b:59:89:e2:85:a0:7b:dd:f4:1c:ec:4f:6c:e7:e6:
         36:46:a6:82:5a:d3:4c:03:c2:6d:ef:5f:f7:40:93:27:ff:37:
         78:00:a6:55:9b:47:65:8f:d1:26:99:8b:08:25:32:bc:b7:45:
         2a:fc:ab:4d:b4:9d:a2:7b:de:63:f0:a7:66:07:cd:69:33:a8:
         72:aa:57:4f:65:18:2e:76:8b:b7:dd:c7:50:38:92:95:49:b3:
         9b:d6:0e:d8:ed:42:5a:1f:cf:04:04:bc:b1:55:2d:9f:1f:65:
         ad:8b:dd:91:c5:19:40:2d:89:9d:ef:07:8d:dc:18:4d:b1:58:
         48:12:2f:ec:ca:4c:ff:eb:b6:5f:ad:9f:7f:dc:e8:0b:fe:dd:
         9f:4f:e4:f6:03:6d:19:98:96:f1:a8:ab:43:d9:9a:8a:fe:7c:
         cc:f7:d2:e8:58:7f:80:86:fb:15:9e:40:44:4a:bb:b7:fe:e6:
         66:df:8f:cf:6e:72:7f:40:50:75:1b:58:1e:c6:c1:ee:95:a1:
         33:ce:ae:86:5b:22:51:a5:1c:1f:64:33:42:f0:ae:22:2f:30:
         48:a5:97:b8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUf+9AUQ4ymLsTWZX+Pi+4IHKoT74wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwNTI4MTMzODI3WhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYzBmYmQwN2I3NjRkMDFjNGYwNjBjYTg5MDRiZTc4MmY5
YWNkYWYwYjM2ZjIzZGY5ZWNlZjA2NjgwZDQ5YmQ4MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZVbPmr+I+rDhYQT9SzjAj6ZBKz51Vygxv6SSFe8bLfDTA
2fVBHlN5YuUqUh5+MsxtXdoObHTkdtbUMwzDFiUwsIgCXL5HDe4OcHcFnC2s6++x
lOtt/9HLjHvL9jmUj+v6sHgW4oUCm/iPGtsfBfIi9UXYwLwCYszpcifsrldchwXR
nqITO3mW+3ozq14sSiN4Qev5UJP5PnL7OidQmHJu3GMxYE6e/i/c88kiWfLbbjva
qKjtuCusE+yE8rKlZJme4GibagJusKhjyQLwA6DrSzLv1qJsL01P2+yrI32jz4uM
b8w3gIhSYpo3tLbBNGtsCVJ9m/ylzQrkyVDzDcwdAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU7BsNl9YpoXZ2KVFaibPElbsYvk0wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1Lzk1M2Y2M2ZmLTFlYTItNGQ4NS1hZGM5LWMyMzRjODY2NTAyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAUgUwDQYJKoZIhvcNAQELBQADggEBAI6uSjT2joXubsnpdvZ6ozKk
TR/lxa5EHLm8LZdjIgP5I8CRhRGHuwtZieKFoHvd9BzsT2zn5jZGpoJa00wDwm3v
X/dAkyf/N3gAplWbR2WP0SaZiwglMry3RSr8q020naJ73mPwp2YHzWkzqHKqV09l
GC52i7fdx1A4kpVJs5vWDtjtQlofzwQEvLFVLZ8fZa2L3ZHFGUAtiZ3vB43cGE2x
WEgSL+zKTP/rtl+tn3/c6Av+3Z9P5PYDbRmYlvGoq0PZmor+fMz30uhYf4CG+xWe
QERKu7f+5mbfj89ucn9AUHUbWB7Gwe6VoTPOroZbIlGlHB9kM0LwriIvMEill7g=
-----END CERTIFICATE-----