Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/89e5f84f-018f-3be3-8c3d-da0d9a9db0b5.roa
File:                     89e5f84f-018f-3be3-8c3d-da0d9a9db0b5.roa (raw, json)
Hash identifier:          jtzOEm2T4P0xY1m6Cx0if7kSVTx3uN7wb/wOJugM1+w=
Subject key identifier:   9B:B0:07:22:3A:A1:37:85:3F:31:F0:0C:30:46:C5:33:C7:C9:29:65
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F43285849F61DAC16520FD00D27ADD360
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/89e5f84f-018f-3be3-8c3d-da0d9a9db0b5.roa
Signing time:             Sat 24 May 2025 16:42:28 +0000
ROA not before:           Sat 24 May 2025 16:42:28 +0000
ROA not after:            Fri 22 Aug 2025 16:42:28 +0000
asID:                     213238
IP address blocks:        172.120.20.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 25 May 2025 11:46:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:f6:1d:ac:16:52:0f:d0:0d:27:ad:d3:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: May 24 16:42:28 2025 GMT
            Not After : Aug 22 16:42:28 2025 GMT
        Subject: CN=63f42a78-ce16-4397-90ac-1dea2ba68e28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:76:d2:47:b2:ec:db:b3:0f:73:8e:a4:42:54:
                    40:9a:01:56:61:5e:2b:a7:76:10:ed:2c:38:37:1e:
                    7a:40:c9:31:b8:61:33:8b:61:61:5a:d0:73:50:33:
                    f3:ea:af:c8:69:20:4e:b3:5b:7e:db:ca:b3:17:85:
                    24:09:8f:d9:3c:3f:fd:a6:06:82:28:ff:ed:40:b3:
                    8b:8d:fc:f0:d8:a0:d0:97:20:a8:28:81:0d:10:91:
                    86:1a:fc:a7:7a:fc:37:93:9d:76:a5:01:d1:80:9c:
                    53:fb:41:52:aa:9a:fb:d9:a6:4b:2e:94:49:e3:01:
                    e7:41:a1:50:f1:d2:9a:21:00:b0:ae:41:d2:2c:40:
                    e7:79:e5:93:f6:fb:d1:ad:24:73:38:4c:2d:92:76:
                    1e:33:48:72:46:66:e1:0f:4e:db:9f:6e:7e:2c:ae:
                    d3:dc:5e:2d:55:21:bb:9b:13:e7:6a:33:83:21:31:
                    a8:79:66:57:d2:1e:fb:45:99:f1:ae:63:25:a4:b6:
                    82:9d:e8:19:dc:ec:93:a1:35:90:12:f4:fd:02:7f:
                    7e:ad:46:af:e3:7e:85:5d:ce:2c:e6:45:15:5a:8e:
                    87:bd:0b:b1:5e:36:d1:33:78:f4:9d:f7:40:35:2e:
                    2b:2d:27:7f:b8:23:d3:e4:30:20:f3:86:32:fd:f2:
                    4f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:B0:07:22:3A:A1:37:85:3F:31:F0:0C:30:46:C5:33:C7:C9:29:65
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/89e5f84f-018f-3be3-8c3d-da0d9a9db0b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  172.120.20.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         61:14:e0:4e:83:3b:d1:70:0c:ce:7e:04:0b:b4:e6:35:7d:de:
         de:32:e5:74:a1:b6:2b:45:ec:3b:ac:ba:93:f6:df:19:de:1d:
         4e:b2:57:b2:f3:46:2a:af:19:81:85:d0:3c:8b:31:02:e4:75:
         d5:54:34:85:7d:69:33:33:0f:35:b4:4c:83:53:63:89:7a:56:
         47:e2:31:71:06:84:1c:31:a4:16:12:05:6b:7b:eb:cd:c2:f5:
         ff:11:95:a0:a5:28:f0:04:c5:0d:3e:86:25:b6:32:47:72:8a:
         0c:42:52:bb:72:21:e9:77:b8:f9:f3:af:de:5e:11:83:d0:d6:
         a5:02:50:37:dc:ca:17:e2:a2:a5:1a:4d:70:95:55:89:26:f1:
         f9:d1:ec:f7:a5:97:d0:7c:8a:83:bb:b2:95:91:55:b5:8e:ef:
         1d:23:19:9a:56:32:ef:d8:ac:ac:55:15:9f:ef:17:74:dc:d9:
         01:7a:7d:5f:37:f6:00:4b:6b:d2:62:2e:63:9e:25:ca:1f:58:
         d2:37:0f:3b:1e:3e:18:46:ff:ae:b9:00:aa:f5:87:70:99:0e:
         18:d3:bc:ad:dc:73:a0:32:5b:73:15:7e:5a:67:e7:61:b6:7f:
         81:2b:03:bd:73:4c:96:d6:e8:d1:2b:78:21:bc:ef:55:a0:bc:
         bb:d6:8d:85
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEn2HawWUg/QDSet02AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI1MDUyNDE2NDIyOFoXDTI1MDgyMjE2NDIyOFowLzEtMCsGA1UEAxMk
NjNmNDJhNzgtY2UxNi00Mzk3LTkwYWMtMWRlYTJiYTY4ZTI4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnbSR7Ls27MPc46kQlRAmgFWYV4rp3YQ7Sw4
Nx56QMkxuGEzi2FhWtBzUDPz6q/IaSBOs1t+28qzF4UkCY/ZPD/9pgaCKP/tQLOL
jfzw2KDQlyCoKIENEJGGGvynevw3k512pQHRgJxT+0FSqpr72aZLLpRJ4wHnQaFQ
8dKaIQCwrkHSLEDneeWT9vvRrSRzOEwtknYeM0hyRmbhD07bn25+LK7T3F4tVSG7
mxPnajODITGoeWZX0h77RZnxrmMlpLaCnegZ3OyToTWQEvT9An9+rUav436FXc4s
5kUVWo6HvQuxXjbRM3j0nfdANS4rLSd/uCPT5DAg84Yy/fJPHQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJuwByI6oTeFPzHwDDBGxTPHySllMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvODllNWY4NGYtMDE4Zi0z
YmUzLThjM2QtZGEwZDlhOWRiMGI1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQArHgUMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGEU4E6DO9FwDM5+BAu05jV93t4y5XShtitF7DusupP23xneHU6yV7Lz
RiqvGYGF0DyLMQLkddVUNIV9aTMzDzW0TINTY4l6VkfiMXEGhBwxpBYSBWt7683C
9f8RlaClKPAExQ0+hiW2MkdyigxCUrtyIel3uPnzr95eEYPQ1qUCUDfcyhfioqUa
TXCVVYkm8fnR7Pell9B8ioO7spWRVbWO7x0jGZpWMu/YrKxVFZ/vF3Tc2QF6fV83
9gBLa9JiLmOeJcofWNI3DzsePhhG/665AKr1h3CZDhjTvK3cc6AyW3MVflpn52G2
f4ErA71zTJbW6NEreCG871WgvLvWjYU=
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:17:18 2025 by rpki-client