Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e34d0ad6-ab9c-47b9-bea5-96cbb06361fd.roa
File:                     e34d0ad6-ab9c-47b9-bea5-96cbb06361fd.roa (raw, json)
Hash identifier:          D1Y17Bh6p2S3sdm8g4ie2nNlFF0trLEcm0cIW1jlWi8=
Subject key identifier:   56:4B:48:C8:58:2B:4E:5B:F1:AE:39:29:B2:E1:E7:56:F1:C3:C1:D5
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       25F4E6BF92769A9395D018A45CFA80286A53762C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e34d0ad6-ab9c-47b9-bea5-96cbb06361fd.roa
Signing time:             Mon 28 Apr 2025 18:28:18 +0000
ROA not before:           Mon 28 Apr 2025 18:28:18 +0000
ROA not after:            Mon 02 Jun 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 28 Apr 2025 18:43:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:f4:e6:bf:92:76:9a:93:95:d0:18:a4:5c:fa:80:28:6a:53:76:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 28 18:28:18 2025 GMT
            Not After : Jun  2 23:59:59 2025 GMT
        Subject: serialNumber=0521e430a635a129d9ace1c91b7faa4fe95c808c85dd1522449ce0a9ffecfed2, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:e2:e4:0b:4b:cd:3b:51:07:59:7d:56:4b:66:
                    11:29:43:f8:5e:84:f4:da:3f:53:79:36:f1:e4:91:
                    ba:63:2d:bc:b5:10:75:f3:0d:aa:82:5f:1f:3a:bb:
                    ef:a3:b8:22:8c:6b:b0:c4:85:4f:ae:fd:f0:e6:95:
                    d7:d9:0e:20:8b:1e:5f:fe:65:94:cb:1a:f0:42:55:
                    f8:19:e8:87:1d:14:3e:15:1e:61:ed:a0:06:e6:e0:
                    fe:3f:3e:7d:6d:b8:46:64:89:45:75:e9:1b:32:4e:
                    22:ca:04:7b:9b:3e:24:71:86:e5:0b:41:ed:b2:2b:
                    e8:ad:c8:e6:9f:cf:c2:7e:c1:cc:93:53:ad:4d:cb:
                    3f:ab:28:e1:de:55:0a:15:ad:0a:26:6c:35:ab:13:
                    5e:3b:2b:e8:63:23:c2:0d:b2:a2:12:03:5f:9c:46:
                    33:92:6e:95:ef:46:63:0f:fc:d9:c4:70:0e:53:42:
                    88:0d:8b:e8:66:43:4e:3a:48:55:21:a4:51:e5:75:
                    bf:f5:0a:a3:6c:7b:27:40:ee:d7:60:73:18:51:f7:
                    a1:46:2e:28:a4:77:80:6b:bb:0f:52:a2:42:c3:00:
                    74:f3:01:a4:fc:57:47:cd:5b:25:12:79:97:6a:a8:
                    d3:7e:17:30:f3:a4:f6:d2:e3:d2:bb:10:05:bc:8c:
                    cc:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:4B:48:C8:58:2B:4E:5B:F1:AE:39:29:B2:E1:E7:56:F1:C3:C1:D5
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e34d0ad6-ab9c-47b9-bea5-96cbb06361fd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:45:08:56:f2:b9:09:37:91:d4:ea:49:d1:15:0d:04:62:13:
         6e:c5:0d:f5:ae:d4:4c:7c:ef:f8:08:93:63:56:7d:54:67:9e:
         c8:a1:38:66:55:be:54:77:91:27:f7:28:e9:87:e2:a6:ad:d4:
         33:d3:d9:29:b5:1f:38:3e:ff:fb:d7:69:88:bd:fc:bc:b7:d3:
         83:c9:aa:8d:54:a0:58:de:ca:53:b5:1c:ff:33:f6:c0:8e:d7:
         eb:3e:a0:97:c2:fb:18:55:95:09:30:8f:55:20:c3:d3:59:16:
         b6:97:42:56:a4:68:cb:d8:7d:96:6c:6e:11:36:63:47:9f:19:
         13:7b:19:a0:76:4f:74:24:5f:88:25:40:55:a0:a5:9f:da:7e:
         44:9f:51:e6:51:c3:55:a6:99:8d:fa:ec:eb:7e:7a:f2:c1:1e:
         64:14:b7:4c:8b:20:a9:c0:6e:df:16:9f:ed:bb:dd:bf:93:d7:
         43:c2:74:f1:78:19:63:f0:ec:57:08:2f:88:d8:f3:40:ea:90:
         31:cc:32:9f:43:89:8a:68:54:85:17:60:5e:0a:e4:53:4f:3f:
         0b:5d:92:99:92:86:61:47:78:73:f4:8e:fb:24:7c:fa:d4:67:
         75:72:6f:af:0a:86:dc:94:4f:af:34:36:b0:bb:55:8c:46:0e:
         84:3e:bf:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJfTmv5J2mpOV0BikXPqAKGpTdiwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDI4MTgyODE4WhcNMjUwNjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTIxZTQzMGE2MzVhMTI5ZDlhY2UxYzkxYjdmYWE0ZmU5
NWM4MDhjODVkZDE1MjI0NDljZTBhOWZmZWNmZWQyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDx4uQLS807UQdZfVZLZhEpQ/hehPTaP1N5NvHkkbpjLby1
EHXzDaqCXx86u++juCKMa7DEhU+u/fDmldfZDiCLHl/+ZZTLGvBCVfgZ6IcdFD4V
HmHtoAbm4P4/Pn1tuEZkiUV16RsyTiLKBHubPiRxhuULQe2yK+ityOafz8J+wcyT
U61Nyz+rKOHeVQoVrQombDWrE147K+hjI8INsqISA1+cRjOSbpXvRmMP/NnEcA5T
QogNi+hmQ046SFUhpFHldb/1CqNseydA7tdgcxhR96FGLiikd4Bruw9SokLDAHTz
AaT8V0fNWyUSeZdqqNN+FzDzpPbS49K7EAW8jMxdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVktIyFgrTlvxrjkpsuHnVvHDwdUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2UzNGQwYWQ2LWFiOWMtNDdiOS1iZWE1LTk2Y2JiMDYzNjFmZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACJFCFbyuQk3kdTqSdEVDQRiE27F
DfWu1Ex87/gIk2NWfVRnnsihOGZVvlR3kSf3KOmH4qat1DPT2Sm1Hzg+//vXaYi9
/Ly304PJqo1UoFjeylO1HP8z9sCO1+s+oJfC+xhVlQkwj1Ugw9NZFraXQlakaMvY
fZZsbhE2Y0efGRN7GaB2T3QkX4glQFWgpZ/afkSfUeZRw1WmmY367Ot+evLBHmQU
t0yLIKnAbt8Wn+273b+T10PCdPF4GWPw7FcIL4jY80DqkDHMMp9DiYpoVIUXYF4K
5FNPPwtdkpmShmFHeHP0jvskfPrUZ3Vyb68KhtyUT680NrC7VYxGDoQ+v4o=
-----END CERTIFICATE-----