Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1bc36c38-b6b8-460d-8a03-66f79cfbe9be.roa
File:                     1bc36c38-b6b8-460d-8a03-66f79cfbe9be.roa (raw, json)
Hash identifier:          CSiP4zY6kktm4uryEQ6YGVcxmPc/JU6UnQU+1N4zhLw=
Subject key identifier:   86:C8:DD:44:42:3C:F4:FB:3F:1E:B8:C1:4E:19:DA:F9:C0:E2:12:E5
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       383CA291FF6A30964F5924B25B6DD7DCC56B6045
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1bc36c38-b6b8-460d-8a03-66f79cfbe9be.roa
Signing time:             Fri 18 Apr 2025 01:13:20 +0000
ROA not before:           Fri 18 Apr 2025 01:13:20 +0000
ROA not after:            Fri 23 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 18 Apr 2025 01:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:3c:a2:91:ff:6a:30:96:4f:59:24:b2:5b:6d:d7:dc:c5:6b:60:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 18 01:13:20 2025 GMT
            Not After : May 23 23:59:59 2025 GMT
        Subject: serialNumber=5a19bd7b51e7df97c99ae713d4747765d728fc001237f625a157a33ba7ca493f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:07:75:74:f0:53:12:78:36:2c:17:61:68:44:
                    0d:82:aa:1b:0f:03:94:50:d7:b1:43:3b:a0:bf:da:
                    63:6c:03:4e:59:13:23:e3:e7:d7:78:ac:e4:91:c5:
                    6e:ea:3a:5b:db:17:1e:ff:f7:aa:ff:30:f6:11:58:
                    ee:6e:c6:4d:a2:2c:ba:6f:a3:e8:8a:9c:80:3a:7e:
                    0f:60:97:30:85:80:22:36:09:f7:f4:9d:15:10:11:
                    a4:46:ba:57:c8:f9:21:1b:e5:40:27:8b:72:7c:2a:
                    da:e6:0a:9b:c2:3e:62:cd:9a:c5:19:04:3a:00:a0:
                    d8:62:2a:13:07:a2:11:2a:2e:e9:65:a5:b0:28:a5:
                    1a:df:94:c2:74:72:da:6c:80:4b:88:0b:4d:c8:8e:
                    3d:41:5d:af:8c:98:e0:b7:bf:58:77:f1:80:33:67:
                    78:87:6a:21:64:5a:a2:7c:75:4d:1e:72:83:24:6a:
                    55:23:30:7b:65:b8:b8:52:30:a8:72:90:c7:ed:f7:
                    b2:1d:bc:1e:40:56:ba:2a:4a:64:13:8b:e2:29:67:
                    11:6b:a6:f1:5e:37:8c:d0:d4:fc:b5:77:56:0e:aa:
                    d6:ab:29:a1:e0:3c:46:0c:d0:74:6f:6f:b9:23:08:
                    eb:b8:44:2b:11:97:af:16:41:ee:d6:d0:52:b4:1a:
                    c2:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:C8:DD:44:42:3C:F4:FB:3F:1E:B8:C1:4E:19:DA:F9:C0:E2:12:E5
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/1bc36c38-b6b8-460d-8a03-66f79cfbe9be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:d7:3e:b6:32:ec:05:fe:a0:7d:7a:b7:04:c0:f9:a0:08:a5:
         44:82:80:85:cd:19:4d:ef:52:e8:af:f0:73:9c:9c:1e:6e:96:
         16:77:3e:d8:99:bd:5d:2a:43:c2:01:97:f8:88:c3:4d:53:f7:
         b8:78:4d:1a:6f:be:65:ae:05:69:73:dc:c5:6f:37:ad:be:ab:
         c0:a6:87:5c:65:b7:f9:a1:2d:02:38:12:43:b5:ca:97:a5:c7:
         6d:19:0a:ed:23:c5:73:fa:00:da:50:c4:9e:bf:3c:cd:56:25:
         48:6f:d6:82:ce:cb:e0:4f:bb:9a:39:86:75:59:11:0f:7a:54:
         e8:be:44:52:c4:02:b7:4e:0a:57:45:d7:ca:d8:7c:79:9b:c2:
         58:32:3b:d2:00:a9:69:d7:0a:41:6c:5f:2e:6e:ab:e9:0f:03:
         0d:bd:cc:0c:19:c2:5e:0f:f0:c0:e8:23:8b:dc:54:bf:20:e0:
         bb:ee:6c:ed:3f:70:9c:40:83:b7:7f:80:f4:11:19:d5:aa:18:
         82:09:15:0b:0b:5f:b8:e1:e8:14:13:18:6b:e4:7a:24:85:ed:
         bd:43:1f:24:8c:d6:5e:ad:10:41:1d:e3:22:a3:b1:c5:eb:4a:
         d4:7e:f3:92:0d:26:e3:37:b5:6f:0d:29:1d:92:4c:9d:f1:6f:
         73:14:f3:f0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUODyikf9qMJZPWSSyW23X3MVrYEUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDE4MDExMzIwWhcNMjUwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YTE5YmQ3YjUxZTdkZjk3Yzk5YWU3MTNkNDc0Nzc2NWQ3
MjhmYzAwMTIzN2Y2MjVhMTU3YTMzYmE3Y2E0OTNmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfB3V08FMSeDYsF2FoRA2CqhsPA5RQ17FDO6C/2mNsA05Z
EyPj59d4rOSRxW7qOlvbFx7/96r/MPYRWO5uxk2iLLpvo+iKnIA6fg9glzCFgCI2
Cff0nRUQEaRGulfI+SEb5UAni3J8KtrmCpvCPmLNmsUZBDoAoNhiKhMHohEqLull
pbAopRrflMJ0ctpsgEuIC03Ijj1BXa+MmOC3v1h38YAzZ3iHaiFkWqJ8dU0ecoMk
alUjMHtluLhSMKhykMft97IdvB5AVroqSmQTi+IpZxFrpvFeN4zQ1Py1d1YOqtar
KaHgPEYM0HRvb7kjCOu4RCsRl68WQe7W0FK0GsJ7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhsjdREI89Ps/HrjBThna+cDiEuUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzFiYzM2YzM4LWI2YjgtNDYwZC04YTAzLTY2Zjc5Y2ZiZTliZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJ3XPrYy7AX+oH16twTA+aAIpUSC
gIXNGU3vUuiv8HOcnB5ulhZ3PtiZvV0qQ8IBl/iIw01T97h4TRpvvmWuBWlz3MVv
N62+q8Cmh1xlt/mhLQI4EkO1ypelx20ZCu0jxXP6ANpQxJ6/PM1WJUhv1oLOy+BP
u5o5hnVZEQ96VOi+RFLEArdOCldF18rYfHmbwlgyO9IAqWnXCkFsXy5uq+kPAw29
zAwZwl4P8MDoI4vcVL8g4LvubO0/cJxAg7d/gPQRGdWqGIIJFQsLX7jh6BQTGGvk
eiSF7b1DHySM1l6tEEEd4yKjscXrStR+85INJuM3tW8NKR2STJ3xb3MU8/A=
-----END CERTIFICATE-----