Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dbcd80eb-972a-4084-ace7-233f6706912d.roa
File:                     dbcd80eb-972a-4084-ace7-233f6706912d.roa (raw, json)
Hash identifier:          CUeT215SkgAYnduCC/sBW1B6Q3uAaIYT5di9zJJt3l4=
Subject key identifier:   DE:D0:E4:D2:05:9E:09:F0:BF:B6:62:EC:A4:FC:E8:A0:C4:5A:CC:F0
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6A263F0067099A93BB01D32A0919608291CB5651
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dbcd80eb-972a-4084-ace7-233f6706912d.roa
Signing time:             Sun 13 Apr 2025 18:33:21 +0000
ROA not before:           Sun 13 Apr 2025 18:33:21 +0000
ROA not after:            Sun 18 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 13 Apr 2025 18:53:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:26:3f:00:67:09:9a:93:bb:01:d3:2a:09:19:60:82:91:cb:56:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 13 18:33:21 2025 GMT
            Not After : May 18 23:59:59 2025 GMT
        Subject: serialNumber=ee8c98ed072bdae787667a782b61b7dd8d4dbfc7bc8c95df5752836f5785161a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:aa:47:86:6e:84:43:e5:73:57:6e:bf:6e:44:
                    c5:a8:a0:c1:44:81:63:6d:4e:6c:80:67:e9:d9:83:
                    cb:8a:b7:e1:80:b2:15:6e:68:cf:82:47:b5:b1:3c:
                    5a:e8:1e:df:42:8a:06:e6:0f:90:d7:b7:7e:b6:cd:
                    b8:b7:03:9d:de:49:9d:ff:0d:2b:2b:15:f8:45:e6:
                    b0:59:7d:f7:b8:d2:64:e2:d6:f7:34:33:54:ee:e4:
                    66:28:b3:17:25:af:b3:92:20:50:d6:64:6d:7f:eb:
                    0f:8e:b5:15:6b:fb:11:7c:67:99:1f:c2:7a:94:bc:
                    9e:ba:6d:16:3a:e2:10:41:b8:12:a4:ac:d3:2e:08:
                    7b:8b:db:0f:c4:bb:57:74:c8:14:52:11:46:97:99:
                    f0:8f:2e:56:1c:4a:33:c1:3f:a0:74:3f:c1:34:29:
                    1b:17:21:a3:5f:a4:a7:23:f9:5d:9e:0f:1b:f2:4b:
                    47:2e:0c:5a:29:4b:97:6e:b7:af:33:08:d9:ae:da:
                    ae:3a:e5:39:90:fe:96:1e:38:f7:6e:e4:1e:a5:65:
                    45:7f:64:b9:51:8e:c9:55:2e:eb:56:14:f6:3f:eb:
                    d4:20:25:50:38:f8:5e:51:78:b3:dc:72:82:87:6d:
                    d5:c8:66:ae:b4:e5:c9:97:28:e6:82:be:ec:63:ad:
                    68:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:D0:E4:D2:05:9E:09:F0:BF:B6:62:EC:A4:FC:E8:A0:C4:5A:CC:F0
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dbcd80eb-972a-4084-ace7-233f6706912d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:c7:91:48:5e:30:3b:10:21:ba:d9:15:ba:eb:85:68:a9:0b:
         46:7c:8e:0f:bb:a8:9f:eb:3b:d4:ba:9e:72:fc:20:71:6d:7d:
         d4:6e:95:49:aa:48:67:c4:8e:ab:09:7b:2f:3d:d8:b2:2f:e7:
         52:02:42:5c:18:73:cc:71:38:fc:8c:f2:da:4f:61:a1:fb:90:
         3c:a0:c0:0a:2b:b1:97:ee:25:b5:1f:c1:20:92:ac:e1:5f:76:
         c3:50:c8:91:6a:f0:9d:00:59:d7:4e:84:61:5d:ea:35:c2:3f:
         ea:53:8c:ed:bd:6d:58:8d:ac:56:91:21:71:6f:61:2c:6d:3a:
         56:b5:4e:76:58:78:e6:42:02:8a:bb:c0:f4:9d:e6:7b:df:40:
         36:cf:a6:7a:9e:16:5c:fd:98:7f:20:1c:2e:0b:c7:fc:5a:46:
         d6:e7:2e:4a:10:25:57:38:88:f1:58:30:a0:e3:99:f9:22:77:
         05:ff:29:cd:62:8f:e6:83:cd:7b:ce:6c:e4:8f:2a:d4:f7:74:
         0f:be:11:51:62:31:d2:63:fe:5a:de:2e:80:ca:ec:20:16:64:
         fd:de:9d:bf:bd:2c:a7:cf:67:82:77:b0:c0:74:2e:80:51:cd:
         86:78:b2:84:fa:b9:94:6a:7a:74:77:75:b6:7a:c0:5b:e4:06:
         de:f8:eb:3b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaiY/AGcJmpO7AdMqCRlggpHLVlEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDEzMTgzMzIxWhcNMjUwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZThjOThlZDA3MmJkYWU3ODc2NjdhNzgyYjYxYjdkZDhk
NGRiZmM3YmM4Yzk1ZGY1NzUyODM2ZjU3ODUxNjFhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0qkeGboRD5XNXbr9uRMWooMFEgWNtTmyAZ+nZg8uKt+GA
shVuaM+CR7WxPFroHt9CigbmD5DXt362zbi3A53eSZ3/DSsrFfhF5rBZffe40mTi
1vc0M1Tu5GYosxclr7OSIFDWZG1/6w+OtRVr+xF8Z5kfwnqUvJ66bRY64hBBuBKk
rNMuCHuL2w/Eu1d0yBRSEUaXmfCPLlYcSjPBP6B0P8E0KRsXIaNfpKcj+V2eDxvy
S0cuDFopS5dut68zCNmu2q465TmQ/pYeOPdu5B6lZUV/ZLlRjslVLutWFPY/69Qg
JVA4+F5ReLPccoKHbdXIZq605cmXKOaCvuxjrWgRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3tDk0gWeCfC/tmLspPzooMRazPAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RiY2Q4MGViLTk3MmEtNDA4NC1hY2U3LTIzM2Y2NzA2OTEyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFXHkUheMDsQIbrZFbrrhWipC0Z8
jg+7qJ/rO9S6nnL8IHFtfdRulUmqSGfEjqsJey892LIv51ICQlwYc8xxOPyM8tpP
YaH7kDygwAorsZfuJbUfwSCSrOFfdsNQyJFq8J0AWddOhGFd6jXCP+pTjO29bViN
rFaRIXFvYSxtOla1TnZYeOZCAoq7wPSd5nvfQDbPpnqeFlz9mH8gHC4Lx/xaRtbn
LkoQJVc4iPFYMKDjmfkidwX/Kc1ij+aDzXvObOSPKtT3dA++EVFiMdJj/lreLoDK
7CAWZP3enb+9LKfPZ4J3sMB0LoBRzYZ4soT6uZRqenR3dbZ6wFvkBt746zs=
-----END CERTIFICATE-----