Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0fada552-c7a6-46d0-b114-10bcd74b5aa7.roa
File:                     0fada552-c7a6-46d0-b114-10bcd74b5aa7.roa (raw, json)
Hash identifier:          OZDmsgHBSy6aRWjVIljeTsDrYsiwiG52HZx1kY4xXEY=
Subject key identifier:   1F:79:23:08:8E:BF:68:A2:B4:F3:C8:66:FA:50:BE:09:52:CC:93:E6
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       46714BEE8B93C12D7FA913A638D5174A1FF14212
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0fada552-c7a6-46d0-b114-10bcd74b5aa7.roa
Signing time:             Fri 22 Dec 2023 00:00:00 +0000
ROA not before:           Fri 22 Dec 2023 00:00:00 +0000
ROA not after:            Fri 26 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:71:4b:ee:8b:93:c1:2d:7f:a9:13:a6:38:d5:17:4a:1f:f1:42:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 22 00:00:00 2023 GMT
            Not After : Jan 26 23:59:59 2024 GMT
        Subject: serialNumber=1bd798226c3bfee0ba25a950b5623b72adc82d4496c351d4f32dce3696881562, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:be:20:42:01:c0:25:6d:b4:18:f9:4c:87:85:
                    33:3d:74:e8:20:00:20:1a:e8:22:de:36:7c:00:c4:
                    9f:bf:99:4e:c0:9b:74:b4:08:7a:0b:0d:45:cf:da:
                    f4:94:d5:c2:b2:d9:b6:01:93:0d:1e:aa:b4:4b:2a:
                    e0:98:4a:29:4f:d8:1c:f5:8f:c7:bf:ce:62:37:06:
                    eb:ae:b7:57:e2:40:54:61:5a:dc:17:a0:da:45:63:
                    b3:b3:19:ec:a6:68:3b:bf:f9:f0:24:64:b3:ee:ed:
                    ce:16:1f:9e:d8:bb:1e:c8:7b:b1:7c:71:10:35:75:
                    53:76:85:e2:00:f2:2d:2b:39:c1:3f:2a:93:9e:c7:
                    2e:6f:64:04:d8:9f:57:82:ae:0e:4b:b4:32:cd:6c:
                    5f:e0:f5:2c:fe:b7:53:a8:5d:18:26:28:60:5d:a7:
                    d1:ff:20:d5:74:cb:44:ab:db:67:41:d5:40:32:ca:
                    fb:f3:db:68:3d:6f:0f:af:88:69:20:d6:bb:d0:25:
                    c1:77:72:f1:90:9e:c1:c5:8f:50:d2:06:ff:91:88:
                    fe:6d:94:ea:0d:f7:b2:37:a5:aa:8c:4b:29:63:a7:
                    c2:2c:b8:b2:72:11:e3:66:32:36:cb:bd:40:0c:46:
                    66:a7:20:c3:e6:dc:2e:4c:d0:9a:15:dd:ea:76:43:
                    77:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:79:23:08:8E:BF:68:A2:B4:F3:C8:66:FA:50:BE:09:52:CC:93:E6
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/0fada552-c7a6-46d0-b114-10bcd74b5aa7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:65:e2:90:24:7c:28:b2:7e:29:48:a8:cb:67:c0:10:b2:54:
         7f:f0:66:41:78:81:bd:99:92:0b:67:9c:5f:2f:54:87:85:1c:
         9a:37:28:bd:19:6e:62:66:24:91:60:41:b4:18:ec:77:97:a6:
         69:af:c8:0d:2e:45:32:46:d3:61:78:30:81:d7:91:55:a4:64:
         8d:34:b6:3b:29:7a:0e:d9:00:b3:2f:0d:d9:e2:ef:da:95:8d:
         e6:87:0e:7b:60:ca:73:c6:a3:4a:b2:62:e4:f2:fa:f7:a9:74:
         71:95:e9:2d:62:fe:e8:2b:ec:8c:ec:87:60:27:77:0c:47:95:
         81:5c:9f:0d:4d:fa:c4:ff:df:41:6a:e9:93:06:76:9a:f1:aa:
         34:83:42:54:68:b7:c4:59:62:55:5f:44:f7:99:fc:53:4e:b6:
         5c:ff:ee:b8:4f:d7:88:18:35:fc:f8:f9:ef:2c:d1:f0:d6:43:
         85:23:62:ad:d2:ae:10:6d:85:8b:2b:22:d8:bb:7c:ec:ce:d8:
         36:65:3a:71:e1:2a:2f:8f:c5:81:e2:c2:0f:e1:01:af:fd:c9:
         f0:e5:c4:fc:11:dd:6b:f8:44:34:d0:d8:dd:a8:03:b1:01:97:
         09:f4:43:77:ac:07:07:55:56:15:a0:e5:8d:e9:9f:cd:1b:a7:
         d5:3f:d5:a9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURnFL7ouTwS1/qROmONUXSh/xQhIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjIyMDAwMDAwWhcNMjQwMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYmQ3OTgyMjZjM2JmZWUwYmEyNWE5NTBiNTYyM2I3MmFk
YzgyZDQ0OTZjMzUxZDRmMzJkY2UzNjk2ODgxNTYyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKviBCAcAlbbQY+UyHhTM9dOggACAa6CLeNnwAxJ+/mU7A
m3S0CHoLDUXP2vSU1cKy2bYBkw0eqrRLKuCYSilP2Bz1j8e/zmI3Buuut1fiQFRh
WtwXoNpFY7OzGeymaDu/+fAkZLPu7c4WH57Yux7Ie7F8cRA1dVN2heIA8i0rOcE/
KpOexy5vZATYn1eCrg5LtDLNbF/g9Sz+t1OoXRgmKGBdp9H/INV0y0Sr22dB1UAy
yvvz22g9bw+viGkg1rvQJcF3cvGQnsHFj1DSBv+RiP5tlOoN97I3paqMSyljp8Is
uLJyEeNmMjbLvUAMRmanIMPm3C5M0JoV3ep2Q3fbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUH3kjCI6/aKK088hm+lC+CVLMk+YwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzBmYWRhNTUyLWM3YTYtNDZkMC1iMTE0LTEwYmNkNzRiNWFhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABVl4pAkfCiyfilIqMtnwBCyVH/w
ZkF4gb2ZkgtnnF8vVIeFHJo3KL0ZbmJmJJFgQbQY7HeXpmmvyA0uRTJG02F4MIHX
kVWkZI00tjspeg7ZALMvDdni79qVjeaHDntgynPGo0qyYuTy+vepdHGV6S1i/ugr
7Izsh2AndwxHlYFcnw1N+sT/30Fq6ZMGdprxqjSDQlRot8RZYlVfRPeZ/FNOtlz/
7rhP14gYNfz4+e8s0fDWQ4UjYq3SrhBthYsrIti7fOzO2DZlOnHhKi+PxYHiwg/h
Aa/9yfDlxPwR3Wv4RDTQ2N2oA7EBlwn0Q3esBwdVVhWg5Y3pn80bp9U/1ak=
-----END CERTIFICATE-----