Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0873878b-58c9-4a7d-8f50-fa23f30cedf9.roa
File:                     0873878b-58c9-4a7d-8f50-fa23f30cedf9.roa (raw, json)
Hash identifier:          BBewcRLQVZqyBpK7VVwEhzfccB2B01C4y1qZj2uM8/s=
Subject key identifier:   57:21:F1:E8:8A:4E:3C:5E:AE:3E:5B:BD:8B:9C:9F:E4:BE:5F:60:D2
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       507C85B7C1ADB5183BF34B9DFF8DA84842BEC8C6
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0873878b-58c9-4a7d-8f50-fa23f30cedf9.roa
Signing time:             Sat 26 Apr 2025 00:43:17 +0000
ROA not before:           Sat 26 Apr 2025 00:43:17 +0000
ROA not after:            Sat 31 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sat 26 Apr 2025 01:03:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:7c:85:b7:c1:ad:b5:18:3b:f3:4b:9d:ff:8d:a8:48:42:be:c8:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 26 00:43:17 2025 GMT
            Not After : May 31 23:59:59 2025 GMT
        Subject: serialNumber=b543f03ee1d0945ca8eead510031d9f77535cf600884422247a5f4ea4546acac, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:5e:f7:4d:a5:0f:4a:e0:3a:81:20:53:ef:c6:
                    dc:c7:e1:af:86:ac:ad:0e:be:cf:3b:cc:55:7d:c5:
                    b4:1f:00:b5:24:19:b0:70:c8:ec:40:48:d6:94:56:
                    bb:19:06:7e:51:3a:af:5a:f8:e4:c4:49:d3:d0:29:
                    54:17:d7:83:ed:1c:c9:75:5c:72:ae:13:74:02:eb:
                    b2:2c:a9:70:17:dc:c9:07:88:aa:b6:f2:69:c9:f5:
                    75:df:6b:62:f9:a8:a9:3c:c7:46:c5:0d:10:46:f7:
                    d3:e7:5e:7f:e7:52:1c:bf:57:c6:5b:68:14:db:6c:
                    8f:7c:cc:80:8a:b0:49:6d:1d:c6:a4:3d:66:65:81:
                    ea:70:cf:ce:19:84:48:e3:70:d5:b7:9a:48:92:50:
                    c5:18:6f:c8:a7:f3:1d:2e:0d:78:af:48:5b:e3:95:
                    25:41:cc:b8:2f:82:9a:6b:62:4b:a9:7d:6b:ab:c7:
                    20:76:9d:51:26:2f:21:81:b9:68:b7:13:44:3e:05:
                    41:f1:5a:5e:40:14:1f:e0:aa:35:27:ab:93:d0:50:
                    a9:b2:da:07:ef:b8:0a:0d:6f:18:b0:9f:31:d7:fe:
                    85:46:af:1b:e7:62:9c:97:ab:bf:2f:f3:7a:ce:ad:
                    cc:a3:c5:a6:ba:29:b7:7c:21:06:cf:79:db:da:be:
                    2a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:21:F1:E8:8A:4E:3C:5E:AE:3E:5B:BD:8B:9C:9F:E4:BE:5F:60:D2
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0873878b-58c9-4a7d-8f50-fa23f30cedf9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:8f:10:b2:a0:2d:74:ee:03:f7:93:40:4a:af:a7:4a:8e:62:
         62:fc:6d:12:01:68:aa:3d:ef:b3:dd:22:31:c1:4d:76:c4:d7:
         68:fa:ad:45:03:03:e9:49:19:c6:aa:1b:52:1a:ba:19:09:60:
         e2:0e:ca:7d:cd:66:9e:dc:64:eb:13:af:3c:90:4a:fe:40:8f:
         7b:92:58:fd:d4:95:4c:73:82:c2:fd:9e:0f:26:5c:b8:70:eb:
         3a:9a:c3:60:08:97:ec:50:38:15:db:1c:a5:20:78:f7:f6:55:
         b6:ba:ff:81:ca:97:9c:e4:24:1c:cf:03:69:c3:50:85:6b:a7:
         97:f5:e0:97:58:25:b5:f7:f9:d8:31:43:ca:b4:9f:06:f7:12:
         76:a0:1e:9e:2f:5a:24:10:0c:41:f8:12:6d:e3:54:cb:62:5c:
         13:a5:50:2d:2f:3e:ff:1f:f8:ba:6e:ed:99:73:2f:a3:50:28:
         0e:23:f8:75:6b:fb:6f:f5:30:5d:7d:e5:58:62:66:8e:7d:98:
         2b:bc:89:dd:23:f5:94:10:64:6e:25:f5:10:69:20:33:f8:41:
         7d:b1:d3:a0:87:79:8f:07:4c:1b:47:9e:0c:29:0b:00:21:62:
         86:1e:7e:d3:41:7c:3d:07:69:f7:40:ae:6b:e7:91:72:b0:93:
         80:be:15:bd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUHyFt8GttRg780ud/42oSEK+yMYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDI2MDA0MzE3WhcNMjUwNTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNTQzZjAzZWUxZDA5NDVjYThlZWFkNTEwMDMxZDlmNzc1
MzVjZjYwMDg4NDQyMjI0N2E1ZjRlYTQ1NDZhY2FjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkXvdNpQ9K4DqBIFPvxtzH4a+GrK0Ovs87zFV9xbQfALUk
GbBwyOxASNaUVrsZBn5ROq9a+OTESdPQKVQX14PtHMl1XHKuE3QC67IsqXAX3MkH
iKq28mnJ9XXfa2L5qKk8x0bFDRBG99PnXn/nUhy/V8ZbaBTbbI98zICKsEltHcak
PWZlgepwz84ZhEjjcNW3mkiSUMUYb8in8x0uDXivSFvjlSVBzLgvgpprYkupfWur
xyB2nVEmLyGBuWi3E0Q+BUHxWl5AFB/gqjUnq5PQUKmy2gfvuAoNbxiwnzHX/oVG
rxvnYpyXq78v83rOrcyjxaa6Kbd8IQbPedvaviq9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVyHx6IpOPF6uPlu9i5yf5L5fYNIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzA4NzM4NzhiLTU4YzktNGE3ZC04ZjUwLWZhMjNmMzBjZWRmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKaPELKgLXTuA/eTQEqvp0qOYmL8
bRIBaKo977PdIjHBTXbE12j6rUUDA+lJGcaqG1IauhkJYOIOyn3NZp7cZOsTrzyQ
Sv5Aj3uSWP3UlUxzgsL9ng8mXLhw6zqaw2AIl+xQOBXbHKUgePf2Vba6/4HKl5zk
JBzPA2nDUIVrp5f14JdYJbX3+dgxQ8q0nwb3EnagHp4vWiQQDEH4Em3jVMtiXBOl
UC0vPv8f+Lpu7ZlzL6NQKA4j+HVr+2/1MF195VhiZo59mCu8id0j9ZQQZG4l9RBp
IDP4QX2x06CHeY8HTBtHngwpCwAhYoYeftNBfD0HafdArmvnkXKwk4C+Fb0=
-----END CERTIFICATE-----