Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0ae81d4d-68a1-4253-925c-95d7c63ce128.roa
File:                     0ae81d4d-68a1-4253-925c-95d7c63ce128.roa (raw, json)
Hash identifier:          YqmkLF0cvhC02K0b740gg5u2tE4NYGgtJFNqP+yt2FI=
Subject key identifier:   A0:1D:E8:71:C3:13:B0:98:E6:C5:6A:7A:EB:72:6B:3B:E9:5E:48:AF
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       7AB2927B6DB4C03258314B17E34ACAC7B1C88397
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0ae81d4d-68a1-4253-925c-95d7c63ce128.roa
Signing time:             Fri 24 Nov 2023 00:00:00 +0000
ROA not before:           Fri 24 Nov 2023 00:00:00 +0000
ROA not after:            Fri 29 Dec 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:b2:92:7b:6d:b4:c0:32:58:31:4b:17:e3:4a:ca:c7:b1:c8:83:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 24 00:00:00 2023 GMT
            Not After : Dec 29 23:59:59 2023 GMT
        Subject: serialNumber=c5086d873b54667ed434e23a9b6d96cc6d0993c5c4fb3e519c4e7b7868506554, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:32:85:c5:3c:01:2c:55:5d:5e:14:7b:48:d1:
                    40:5f:dd:62:22:a7:73:75:9b:f3:c5:40:80:10:b3:
                    3d:04:a9:c7:29:49:91:cf:41:92:3f:e2:17:79:e4:
                    14:29:85:43:f2:f2:b4:4a:52:3b:5b:bc:2d:f1:a0:
                    7e:cb:e2:e0:29:9f:fc:99:b7:51:14:e4:16:79:0b:
                    0a:e0:d0:26:21:a0:46:60:03:cf:32:98:f4:c7:9e:
                    51:8e:00:34:e8:77:3e:78:6d:1d:a2:dd:18:fb:f8:
                    7c:d2:7b:96:9a:e0:2d:72:ee:51:d1:09:52:ba:4d:
                    f3:6f:0b:9a:3c:bd:4d:5d:6e:89:eb:9e:40:8a:45:
                    1d:0f:12:d9:03:6d:6b:d7:8b:2e:3f:11:b8:10:0d:
                    44:ac:91:94:a5:e2:61:f3:e9:b1:87:26:37:c4:be:
                    71:10:38:22:8f:56:18:54:d6:42:c3:d1:dd:64:c1:
                    0f:7f:f8:40:f0:b0:9f:96:b8:b4:72:20:17:bf:64:
                    af:40:cc:ce:5a:24:53:b7:3d:db:62:3b:fa:75:e8:
                    0f:ee:66:56:43:ae:ca:42:34:79:83:d9:c2:45:0b:
                    73:64:95:82:6c:c5:57:bc:55:bd:d1:a9:f9:74:98:
                    41:e3:30:35:6e:de:6e:64:54:8a:37:09:b9:b1:da:
                    be:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:1D:E8:71:C3:13:B0:98:E6:C5:6A:7A:EB:72:6B:3B:E9:5E:48:AF
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0ae81d4d-68a1-4253-925c-95d7c63ce128.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:11:39:3f:bb:19:97:47:67:d9:97:9a:59:b1:e2:40:03:95:
         2f:c1:97:2d:71:c6:82:1c:78:61:a8:f0:4e:4e:c8:60:84:dc:
         25:51:b5:5c:ab:27:d4:55:5f:5d:49:e3:af:48:81:dc:3a:98:
         41:73:e1:3e:48:f7:4f:b6:8d:c0:00:31:9e:5e:bd:24:30:09:
         44:a3:dc:69:68:6d:d5:e0:f4:e4:9b:82:53:3a:a6:72:e5:07:
         87:19:8f:9a:28:12:63:60:65:fa:ac:d3:8d:88:15:06:ff:6a:
         7e:2f:ec:80:05:b6:1c:a5:47:9d:70:d9:d9:c1:dd:73:b7:dc:
         51:9a:49:51:80:6a:e9:43:fc:83:52:f1:78:5a:6e:48:7d:77:
         26:e8:30:45:f9:dd:08:1b:20:7c:76:d1:73:ed:bd:5c:7a:5c:
         09:95:07:fb:3c:51:84:00:73:a3:42:7e:56:05:22:63:61:d1:
         cc:52:2e:3b:ef:22:0f:21:33:79:00:d6:ac:ba:d1:ba:7d:1c:
         f3:d0:ef:f3:ef:8a:52:e8:7e:11:15:8f:2f:0f:c3:8c:42:7e:
         36:f5:c3:95:2e:48:81:03:a9:70:fa:bf:df:c9:dc:44:c8:f3:
         ba:1e:8d:91:71:fb:42:f9:e2:cf:71:80:d6:ee:67:f9:86:14:
         c6:e5:57:ea
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUerKSe220wDJYMUsX40rKx7HIg5cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTI0MDAwMDAwWhcNMjMxMjI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNTA4NmQ4NzNiNTQ2NjdlZDQzNGUyM2E5YjZkOTZjYzZk
MDk5M2M1YzRmYjNlNTE5YzRlN2I3ODY4NTA2NTU0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaMoXFPAEsVV1eFHtI0UBf3WIip3N1m/PFQIAQsz0Eqccp
SZHPQZI/4hd55BQphUPy8rRKUjtbvC3xoH7L4uApn/yZt1EU5BZ5Cwrg0CYhoEZg
A88ymPTHnlGOADTodz54bR2i3Rj7+HzSe5aa4C1y7lHRCVK6TfNvC5o8vU1dbonr
nkCKRR0PEtkDbWvXiy4/EbgQDUSskZSl4mHz6bGHJjfEvnEQOCKPVhhU1kLD0d1k
wQ9/+EDwsJ+WuLRyIBe/ZK9AzM5aJFO3PdtiO/p16A/uZlZDrspCNHmD2cJFC3Nk
lYJsxVe8Vb3Rqfl0mEHjMDVu3m5kVIo3Cbmx2r5hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoB3occMTsJjmxWp663JrO+leSK8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBhZTgxZDRkLTY4YTEtNDI1My05MjVjLTk1ZDdjNjNjZTEyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAF8ROT+7GZdHZ9mXmlmx4kADlS/B
ly1xxoIceGGo8E5OyGCE3CVRtVyrJ9RVX11J469Igdw6mEFz4T5I90+2jcAAMZ5e
vSQwCUSj3GlobdXg9OSbglM6pnLlB4cZj5ooEmNgZfqs042IFQb/an4v7IAFthyl
R51w2dnB3XO33FGaSVGAaulD/INS8Xhabkh9dyboMEX53QgbIHx20XPtvVx6XAmV
B/s8UYQAc6NCflYFImNh0cxSLjvvIg8hM3kA1qy60bp9HPPQ7/PvilLofhEVjy8P
w4xCfjb1w5UuSIEDqXD6v9/J3ETI87oejZFx+0L54s9xgNbuZ/mGFMblV+o=
-----END CERTIFICATE-----