Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d807c7e2-bdb5-4b47-8c9d-0d16d85e0776.roa
File:                     d807c7e2-bdb5-4b47-8c9d-0d16d85e0776.roa (raw, json)
Hash identifier:          asxEQ/3xhbHZDeI6a7XVTdspYHAHaOJgtGuzETqNqu4=
Subject key identifier:   81:45:9E:74:80:44:B6:9D:98:99:92:46:A3:50:AD:49:E0:89:D7:2C
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6E92503B56A6AFF5A6E34C6AE84097AE17DC2508
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d807c7e2-bdb5-4b47-8c9d-0d16d85e0776.roa
Signing time:             Sun 13 Apr 2025 03:18:17 +0000
ROA not before:           Sun 13 Apr 2025 03:18:17 +0000
ROA not after:            Sun 18 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 13 Apr 2025 03:34:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:92:50:3b:56:a6:af:f5:a6:e3:4c:6a:e8:40:97:ae:17:dc:25:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 13 03:18:17 2025 GMT
            Not After : May 18 23:59:59 2025 GMT
        Subject: serialNumber=4b1929240deac78025c3dab10215c12eab5731229548da42d1040b36e59cf281, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:8c:9b:f6:39:f1:bf:a1:5f:3d:83:b8:52:3e:
                    1a:52:19:91:90:1b:78:7e:44:72:7c:b9:0f:8e:d3:
                    eb:59:19:40:2d:0e:10:fe:d3:2b:16:15:fb:f1:ad:
                    1c:01:09:3e:54:ba:ba:30:a5:18:75:21:e0:a3:dd:
                    00:f6:f4:a6:dd:fe:8b:2b:6c:71:4f:70:a6:53:19:
                    1d:e1:9f:bf:5b:c6:3a:9d:af:9e:8a:26:5c:7f:12:
                    57:8b:6d:f3:f5:99:eb:31:61:77:1c:66:c1:fc:46:
                    1f:89:c1:a4:6e:33:b5:4e:bc:48:9a:dc:ed:f3:dd:
                    20:f0:a3:91:df:9b:b4:fc:66:81:7e:f0:d8:bd:1e:
                    ae:ec:55:b8:96:e6:cd:29:78:be:bf:a4:6c:87:e8:
                    c8:79:1e:64:c3:1c:16:ff:d3:52:c8:dc:90:22:b5:
                    fb:39:aa:a6:0c:a9:02:0f:68:9f:bb:99:2f:ef:d4:
                    82:86:77:da:c0:15:c7:a9:bd:9f:b7:25:42:62:ad:
                    be:d4:58:cd:86:e8:f7:79:f3:6f:dc:79:e2:64:4b:
                    2e:0f:d3:7e:8a:d5:6a:4d:8f:ef:05:2b:2e:44:b1:
                    00:48:f2:cc:61:47:2b:0c:b3:48:f7:d7:75:00:f0:
                    25:11:7d:68:33:dd:bc:02:93:1c:b9:9b:cf:1f:eb:
                    fa:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:45:9E:74:80:44:B6:9D:98:99:92:46:A3:50:AD:49:E0:89:D7:2C
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/d807c7e2-bdb5-4b47-8c9d-0d16d85e0776.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:e6:ca:97:54:7c:aa:2f:2e:f6:95:0f:88:f9:0f:6e:93:a2:
         2e:74:2d:1b:9e:c3:64:6d:77:51:57:c6:1f:d1:5f:c4:f7:c5:
         2d:03:ad:b4:d5:ca:12:03:57:cf:32:dd:10:c8:96:24:60:fd:
         94:e5:08:3a:04:33:08:02:29:78:d1:d1:18:e4:36:08:2a:17:
         c3:76:db:bd:cf:37:e3:0f:f1:48:fc:9c:6b:7d:4a:4e:ea:2a:
         74:49:b6:69:50:13:8a:9e:a1:87:6d:99:f1:68:77:8f:85:2e:
         dc:76:8b:bc:4f:4e:88:d7:6a:0e:b9:74:49:bc:fa:74:e6:01:
         ef:b7:58:fc:6b:10:37:3b:a7:15:75:ae:d1:5b:df:60:30:4d:
         33:44:b9:b2:0b:5e:50:dc:98:b8:e3:34:fd:3b:5f:bb:5d:17:
         81:22:18:56:7b:a0:71:fd:f1:20:8e:1f:82:ec:62:d3:e1:ac:
         70:fc:1b:8c:b3:8f:d6:85:a4:d8:f5:82:53:a6:89:e3:92:62:
         86:69:e6:50:70:2a:58:5d:24:4f:2b:11:e5:2e:95:79:d7:59:
         d7:6f:33:3d:ea:45:eb:6a:7b:e1:df:3b:aa:5b:33:1d:9f:ef:
         d7:26:82:4d:97:ab:e6:a2:aa:88:90:27:3c:75:ea:41:4a:fa:
         86:f7:f5:0c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbpJQO1amr/Wm40xq6ECXrhfcJQgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDEzMDMxODE3WhcNMjUwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YjE5MjkyNDBkZWFjNzgwMjVjM2RhYjEwMjE1YzEyZWFi
NTczMTIyOTU0OGRhNDJkMTA0MGIzNmU1OWNmMjgxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMjJv2OfG/oV89g7hSPhpSGZGQG3h+RHJ8uQ+O0+tZGUAt
DhD+0ysWFfvxrRwBCT5UurowpRh1IeCj3QD29Kbd/osrbHFPcKZTGR3hn79bxjqd
r56KJlx/EleLbfP1mesxYXccZsH8Rh+JwaRuM7VOvEia3O3z3SDwo5Hfm7T8ZoF+
8Ni9Hq7sVbiW5s0peL6/pGyH6Mh5HmTDHBb/01LI3JAitfs5qqYMqQIPaJ+7mS/v
1IKGd9rAFcepvZ+3JUJirb7UWM2G6Pd582/ceeJkSy4P036K1WpNj+8FKy5EsQBI
8sxhRysMs0j313UA8CURfWgz3bwCkxy5m88f6/rFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgUWedIBEtp2YmZJGo1CtSeCJ1ywwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2Q4MDdjN2UyLWJkYjUtNGI0Ny04YzlkLTBkMTZkODVlMDc3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEjmypdUfKovLvaVD4j5D26Toi50
LRuew2Rtd1FXxh/RX8T3xS0DrbTVyhIDV88y3RDIliRg/ZTlCDoEMwgCKXjR0Rjk
NggqF8N2273PN+MP8Uj8nGt9Sk7qKnRJtmlQE4qeoYdtmfFod4+FLtx2i7xPTojX
ag65dEm8+nTmAe+3WPxrEDc7pxV1rtFb32AwTTNEubILXlDcmLjjNP07X7tdF4Ei
GFZ7oHH98SCOH4LsYtPhrHD8G4yzj9aFpNj1glOmieOSYoZp5lBwKlhdJE8rEeUu
lXnXWddvMz3qRetqe+HfO6pbMx2f79cmgk2Xq+aiqoiQJzx16kFK+ob39Qw=
-----END CERTIFICATE-----