Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d0f9a0a0-8cb1-4d50-94e1-756f8b965102.roa
File:                     d0f9a0a0-8cb1-4d50-94e1-756f8b965102.roa (raw, json)
Hash identifier:          jJJNnzYUG/8wM22xGI+Si4VYgzlH50Jt6b0trOCi6L0=
Subject key identifier:   31:5D:36:30:64:55:15:24:38:69:13:D5:8E:EB:5A:E3:C1:8F:55:B3
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       7D89018D6684EA8B3677C3C77B20E0E58AE3F401
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d0f9a0a0-8cb1-4d50-94e1-756f8b965102.roa
Signing time:             Wed 28 May 2025 13:38:29 +0000
ROA not before:           Wed 28 May 2025 13:38:29 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:5208::/48 maxlen: 48
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 18:37:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:89:01:8d:66:84:ea:8b:36:77:c3:c7:7b:20:e0:e5:8a:e3:f4:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: May 28 13:38:29 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=e8f472ad56f709863198ea9befc3f34dccc91e887d1e84c3da989a672b76d6ff, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5e:c9:8d:d2:88:04:8c:80:6e:2c:28:91:4d:
                    4b:de:b2:e6:a3:fb:1d:2f:bf:e2:e2:83:d7:b2:36:
                    18:d5:75:5b:93:98:4a:34:32:42:7f:0b:dd:d6:9c:
                    9d:85:b3:e7:4f:e4:88:d1:83:1b:1b:36:05:e4:0f:
                    a0:ed:0b:35:f7:6c:cd:ad:26:ac:45:28:9e:03:35:
                    5c:0c:60:ed:8f:52:1b:87:b0:62:ec:46:76:7e:fe:
                    22:73:ac:ff:c2:d0:1e:7a:b3:c4:a5:56:7d:f6:6a:
                    98:01:ed:53:2e:d7:e2:60:5a:7d:50:dc:88:cd:b1:
                    ab:40:a8:c1:a4:bd:14:73:55:f9:17:5f:e2:20:00:
                    43:b0:65:20:49:49:ec:5f:2c:cb:93:e4:08:e1:12:
                    bb:1b:c1:60:2e:bb:37:fe:06:f6:78:04:85:55:33:
                    29:c2:d9:73:56:65:01:c6:42:53:ab:0a:42:39:67:
                    7e:90:d6:4d:d5:85:de:1e:8b:12:78:60:1b:d9:6e:
                    aa:41:4e:4b:eb:84:f5:5b:ca:68:85:c9:fe:77:d3:
                    8c:2f:1a:6b:87:5b:e5:00:de:49:72:f0:bb:71:d6:
                    c5:15:dd:38:9d:28:2f:89:b9:c3:42:19:61:26:84:
                    6f:f7:08:3c:e5:ec:a1:a9:56:8d:47:e6:fc:86:7f:
                    5d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:5D:36:30:64:55:15:24:38:69:13:D5:8E:EB:5A:E3:C1:8F:55:B3
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d0f9a0a0-8cb1-4d50-94e1-756f8b965102.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:5208::/48

    Signature Algorithm: sha256WithRSAEncryption
         a8:ba:b5:b8:0b:e8:46:c7:33:dc:66:05:f3:ad:b5:0e:9d:57:
         8e:57:e7:bd:44:05:24:b7:9a:c7:69:10:be:4d:a1:16:df:f3:
         b3:44:35:3e:2f:f1:c7:e1:04:a5:b8:e3:98:c0:ef:63:95:8f:
         15:99:86:1f:c0:82:90:8d:8f:a6:62:00:ed:66:a5:c7:07:60:
         e8:7c:83:0b:21:88:ca:e4:03:5f:de:fd:dc:f0:a0:4e:2c:46:
         bb:7c:c6:18:a7:fd:7c:90:6f:f1:e2:3a:24:4a:50:cf:0f:ed:
         e4:03:f8:b7:b7:aa:bb:03:e8:86:2d:54:87:7f:fd:e4:9a:83:
         64:a2:e1:18:1a:79:cf:b9:05:32:8b:19:e3:ef:37:f6:5b:9b:
         16:fc:bc:53:e7:9a:30:c2:5c:44:ba:cf:8f:28:64:c1:bd:ac:
         d4:5a:4c:3a:2e:cc:60:de:2c:b0:56:8f:43:2a:b0:ef:8a:ef:
         c0:2d:f6:9a:b2:6c:8c:d9:53:c5:46:27:d5:ce:85:aa:ae:33:
         79:be:67:a1:6f:9c:d4:5e:15:f8:23:db:9b:a0:f9:ab:90:47:
         39:81:f1:ee:33:60:63:28:08:cb:bf:95:17:c3:44:14:14:8a:
         6d:e4:2e:73:8c:e9:01:ed:b3:b6:df:96:71:34:d8:f5:b9:d9:
         f4:3c:fa:ce
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfYkBjWaE6os2d8PHeyDg5Yrj9AEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwNTI4MTMzODI5WhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlOGY0NzJhZDU2ZjcwOTg2MzE5OGVhOWJlZmMzZjM0ZGNj
YzkxZTg4N2QxZTg0YzNkYTk4OWE2NzJiNzZkNmZmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjXsmN0ogEjIBuLCiRTUvesuaj+x0vv+Lig9eyNhjVdVuT
mEo0MkJ/C93WnJ2Fs+dP5IjRgxsbNgXkD6DtCzX3bM2tJqxFKJ4DNVwMYO2PUhuH
sGLsRnZ+/iJzrP/C0B56s8SlVn32apgB7VMu1+JgWn1Q3IjNsatAqMGkvRRzVfkX
X+IgAEOwZSBJSexfLMuT5AjhErsbwWAuuzf+BvZ4BIVVMynC2XNWZQHGQlOrCkI5
Z36Q1k3Vhd4eixJ4YBvZbqpBTkvrhPVbymiFyf5304wvGmuHW+UA3kly8Ltx1sUV
3TidKC+JucNCGWEmhG/3CDzl7KGpVo1H5vyGf13PAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUMV02MGRVFSQ4aRPVjuta48GPVbMwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2QwZjlhMGEwLThjYjEtNGQ1MC05NGUxLTc1NmY4Yjk2NTEwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAUggwDQYJKoZIhvcNAQELBQADggEBAKi6tbgL6EbHM9xmBfOttQ6d
V45X571EBSS3msdpEL5NoRbf87NENT4v8cfhBKW445jA72OVjxWZhh/AgpCNj6Zi
AO1mpccHYOh8gwshiMrkA1/e/dzwoE4sRrt8xhin/XyQb/HiOiRKUM8P7eQD+Le3
qrsD6IYtVId//eSag2Si4Rgaec+5BTKLGePvN/Zbmxb8vFPnmjDCXES6z48oZMG9
rNRaTDouzGDeLLBWj0MqsO+K78At9pqybIzZU8VGJ9XOhaquM3m+Z6FvnNReFfgj
25ug+auQRzmB8e4zYGMoCMu/lRfDRBQUim3kLnOM6QHts7bflnE02PW52fQ8+s4=
-----END CERTIFICATE-----