Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0cd4a8c4-37a1-4cbb-8803-e9e33e1a0d28.roa
File:                     0cd4a8c4-37a1-4cbb-8803-e9e33e1a0d28.roa (raw, json)
Hash identifier:          Pzl59kQkXkUhLLFStJWJtXpT10+ukfjxAStCuCs8MFk=
Subject key identifier:   F3:26:AC:EC:9E:A0:52:57:A0:9D:D9:D2:24:70:35:D2:3A:EB:67:49
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       0183D1A3B6508A2196E342E505EEDE3A206D0B12
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0cd4a8c4-37a1-4cbb-8803-e9e33e1a0d28.roa
Signing time:             Sat 23 Dec 2023 00:00:00 +0000
ROA not before:           Sat 23 Dec 2023 00:00:00 +0000
ROA not after:            Sat 27 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:d1:a3:b6:50:8a:21:96:e3:42:e5:05:ee:de:3a:20:6d:0b:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 23 00:00:00 2023 GMT
            Not After : Jan 27 23:59:59 2024 GMT
        Subject: serialNumber=76ff4026624d0ff81ab445040268d995cd01c08f2942b495b62c26a39fde2c57, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:22:96:c1:14:45:69:5a:5c:4f:eb:8f:57:a2:
                    1b:c5:9a:1c:b4:e1:b3:5f:f0:a8:f7:cf:70:11:3c:
                    37:ad:26:2c:c5:50:14:9b:88:c2:f7:27:08:50:ef:
                    84:11:3c:59:45:16:9e:99:18:99:92:dc:96:cf:2c:
                    76:47:d3:e7:a6:22:12:29:d7:e6:4c:ac:66:55:06:
                    44:70:69:29:89:9e:b7:f1:0b:57:a0:36:68:8d:2a:
                    56:52:e2:48:0c:c3:98:c9:e2:da:ff:72:07:02:e3:
                    bb:02:a2:87:7c:76:14:2c:f8:4d:ed:88:5a:3a:57:
                    5f:6a:35:0e:0f:6d:c4:30:fd:6c:ae:92:86:50:92:
                    91:b9:70:16:c0:9b:76:3d:ae:75:a7:fa:be:ed:76:
                    a8:d7:64:76:7a:e2:7d:43:e8:12:db:b9:19:25:ea:
                    00:06:10:87:5a:10:93:a9:37:90:2d:a3:fd:08:d7:
                    24:35:70:3d:30:75:44:be:d5:dc:78:ba:29:4b:c4:
                    3a:5e:3b:de:b2:70:69:00:a1:ac:3f:f9:6a:ee:78:
                    87:54:3a:d5:8d:95:06:63:49:33:5b:d4:60:c3:9c:
                    bf:e2:dd:98:4a:fe:71:e8:c9:d9:57:d1:67:b9:22:
                    7a:60:b1:dd:e5:92:c7:56:ec:1e:d8:07:63:68:0d:
                    62:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:26:AC:EC:9E:A0:52:57:A0:9D:D9:D2:24:70:35:D2:3A:EB:67:49
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0cd4a8c4-37a1-4cbb-8803-e9e33e1a0d28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:dc:a9:c3:95:fa:d2:0e:52:d4:1c:3f:94:92:04:fe:06:27:
         e9:b3:7a:89:39:73:72:bf:55:a4:f5:22:89:4e:29:65:0c:be:
         1e:e4:fa:14:89:e5:e0:be:ce:c3:8a:04:20:b4:24:fb:20:f3:
         79:d2:03:8b:93:b6:31:a6:a2:31:fa:e0:b1:ac:03:57:39:2c:
         4f:d5:49:ac:55:82:49:b2:e7:90:bf:19:14:5a:1e:68:00:5f:
         9c:81:55:ea:5f:24:76:b6:4a:ef:09:62:17:5b:c8:ee:a4:5f:
         26:53:2b:23:77:b8:75:0c:ce:b3:c9:76:a5:4a:85:fc:24:69:
         55:65:64:51:e1:33:1b:8b:85:f0:2c:87:7d:b3:46:d7:94:63:
         dd:2a:ef:a6:dd:14:8c:cf:f1:3f:1f:3c:db:dd:65:c9:5b:45:
         16:aa:5c:41:b3:f7:2d:eb:14:b9:6b:74:2a:c3:c8:d7:d2:2b:
         0f:db:5e:d3:56:54:99:d2:65:f8:d5:e3:0f:03:13:a6:3d:36:
         0c:83:fc:c1:4e:ca:8f:6d:57:97:ed:24:8e:70:c9:7f:14:47:
         4c:2f:31:76:28:62:1d:1c:7c:ae:30:77:23:df:ef:db:d2:68:
         ff:f0:aa:57:65:a6:fb:03:ed:7a:86:86:20:41:2a:9b:c3:f6:
         73:6b:07:74
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAYPRo7ZQiiGW40LlBe7eOiBtCxIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjIzMDAwMDAwWhcNMjQwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NmZmNDAyNjYyNGQwZmY4MWFiNDQ1MDQwMjY4ZDk5NWNk
MDFjMDhmMjk0MmI0OTViNjJjMjZhMzlmZGUyYzU3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSIpbBFEVpWlxP649XohvFmhy04bNf8Kj3z3ARPDetJizF
UBSbiML3JwhQ74QRPFlFFp6ZGJmS3JbPLHZH0+emIhIp1+ZMrGZVBkRwaSmJnrfx
C1egNmiNKlZS4kgMw5jJ4tr/cgcC47sCood8dhQs+E3tiFo6V19qNQ4PbcQw/Wyu
koZQkpG5cBbAm3Y9rnWn+r7tdqjXZHZ64n1D6BLbuRkl6gAGEIdaEJOpN5Ato/0I
1yQ1cD0wdUS+1dx4uilLxDpeO96ycGkAoaw/+WrueIdUOtWNlQZjSTNb1GDDnL/i
3ZhK/nHoydlX0We5Inpgsd3lksdW7B7YB2NoDWJLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8yas7J6gUlegndnSJHA10jrrZ0kwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBjZDRhOGM0LTM3YTEtNGNiYi04ODAzLWU5ZTMzZTFhMGQyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJrcqcOV+tIOUtQcP5SSBP4GJ+mz
eok5c3K/VaT1IolOKWUMvh7k+hSJ5eC+zsOKBCC0JPsg83nSA4uTtjGmojH64LGs
A1c5LE/VSaxVgkmy55C/GRRaHmgAX5yBVepfJHa2Su8JYhdbyO6kXyZTKyN3uHUM
zrPJdqVKhfwkaVVlZFHhMxuLhfAsh32zRteUY90q76bdFIzP8T8fPNvdZclbRRaq
XEGz9y3rFLlrdCrDyNfSKw/bXtNWVJnSZfjV4w8DE6Y9NgyD/MFOyo9tV5ftJI5w
yX8UR0wvMXYoYh0cfK4wdyPf79vSaP/wqldlpvsD7XqGhiBBKpvD9nNrB3Q=
-----END CERTIFICATE-----