Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/123c98c9-312e-4337-a96e-7d0f58c40d0b.roa
File:                     123c98c9-312e-4337-a96e-7d0f58c40d0b.roa (raw, json)
Hash identifier:          Fg8nmNVmG4ZaudtIRTTkYGbHlhGLU9X1yKLgapnfcKA=
Subject key identifier:   F1:80:7F:01:9E:C3:19:89:27:62:4F:F6:BA:47:87:CD:9A:E3:E5:2D
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       1F82C866D7677F1D78B71BFEDD3F7E9595F68436
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/123c98c9-312e-4337-a96e-7d0f58c40d0b.roa
Signing time:             Thu 30 Nov 2023 00:00:00 +0000
ROA not before:           Thu 30 Nov 2023 00:00:00 +0000
ROA not after:            Thu 04 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:82:c8:66:d7:67:7f:1d:78:b7:1b:fe:dd:3f:7e:95:95:f6:84:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 30 00:00:00 2023 GMT
            Not After : Jan  4 23:59:59 2024 GMT
        Subject: serialNumber=2d2c2601b4ddf1ed98bef2fabe561dadc63f652d7d1b8b1e948e74558677945b, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:15:0e:d2:5d:1c:83:34:aa:ba:0f:5a:74:7b:
                    a7:5a:f4:f0:b1:58:8c:2c:6a:b8:d3:f2:60:dc:51:
                    2b:f6:f3:07:ac:b3:3c:d4:fe:44:7c:9a:47:a9:c2:
                    1d:63:70:26:14:ab:2a:88:65:7c:15:3b:72:eb:40:
                    40:ed:c3:3e:cb:20:55:6e:5a:64:11:51:88:50:30:
                    ec:3d:bd:ac:63:39:fd:d1:82:87:0a:e7:f3:8e:d3:
                    bf:12:c6:53:c3:8f:90:d4:70:7e:9e:12:dd:af:c1:
                    6d:ba:b6:45:5a:57:59:b3:86:9e:ed:80:d5:b3:93:
                    10:4e:e8:64:8d:5d:2c:8a:f0:bd:20:bc:5a:76:84:
                    18:69:58:13:e4:91:d3:17:74:43:2b:ff:4e:69:c8:
                    ec:f6:9a:fc:cf:84:27:79:9e:3f:e6:f3:42:5b:d7:
                    a0:d6:40:e8:56:e0:49:e9:90:e3:83:fb:d9:ec:b1:
                    b7:bd:ec:f1:04:3f:6e:2d:2c:e1:b8:69:26:2b:91:
                    cd:e6:f3:df:62:cc:5a:55:3b:02:ae:9b:e2:bd:97:
                    15:4f:54:fa:e5:e3:de:80:68:8a:c3:c7:1c:1d:b9:
                    ba:1c:a9:d2:b5:b6:44:10:8d:19:33:18:78:44:80:
                    7e:5f:48:b2:ec:6c:09:32:76:4b:a0:c6:b2:cd:ea:
                    59:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:80:7F:01:9E:C3:19:89:27:62:4F:F6:BA:47:87:CD:9A:E3:E5:2D
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/123c98c9-312e-4337-a96e-7d0f58c40d0b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:eb:8b:d1:05:55:ad:58:c3:3c:57:bd:45:55:9a:a0:dd:4c:
         0c:ba:2d:42:fa:1e:49:4f:ba:c7:e6:b6:50:1b:23:73:ea:78:
         a1:53:b1:0b:ca:8c:40:42:25:50:12:64:14:33:6d:cb:50:ad:
         0e:b9:04:9a:4d:2f:d1:e0:3a:86:b2:71:96:40:12:ec:1a:1d:
         ee:6d:0c:c0:6f:d6:29:5b:b0:c9:f3:8c:4f:11:f2:1e:d7:0a:
         09:5c:b2:4d:ad:54:40:06:54:ff:1b:73:33:5f:6f:57:4d:98:
         94:67:75:2a:8c:a2:8b:ee:42:7d:f2:02:5d:26:9d:34:8b:f1:
         31:a5:d7:a1:0e:27:2e:78:22:1d:c2:72:58:c2:31:f3:77:4f:
         b2:c8:fa:35:b1:96:e2:0f:4c:51:fe:ae:b6:54:43:92:d2:7d:
         09:94:6f:d8:9d:47:c7:06:be:a2:df:34:93:3b:7e:8a:b7:8c:
         19:0a:16:e3:43:69:5d:c3:73:89:33:98:31:a3:ed:18:e1:1a:
         31:53:b0:c9:3b:cf:50:f6:85:b3:13:35:02:de:f5:54:15:a0:
         98:6b:25:66:c3:39:17:21:13:7b:e3:03:0c:bb:12:2c:ab:b5:
         e3:c8:5e:5d:1f:12:33:7a:38:a4:e9:72:84:cd:a7:d7:bf:fc:
         65:a0:08:da
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUH4LIZtdnfx14txv+3T9+lZX2hDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTMwMDAwMDAwWhcNMjQwMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZDJjMjYwMWI0ZGRmMWVkOThiZWYyZmFiZTU2MWRhZGM2
M2Y2NTJkN2QxYjhiMWU5NDhlNzQ1NTg2Nzc5NDViMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRFQ7SXRyDNKq6D1p0e6da9PCxWIwsarjT8mDcUSv28wes
szzU/kR8mkepwh1jcCYUqyqIZXwVO3LrQEDtwz7LIFVuWmQRUYhQMOw9vaxjOf3R
gocK5/OO078SxlPDj5DUcH6eEt2vwW26tkVaV1mzhp7tgNWzkxBO6GSNXSyK8L0g
vFp2hBhpWBPkkdMXdEMr/05pyOz2mvzPhCd5nj/m80Jb16DWQOhW4EnpkOOD+9ns
sbe97PEEP24tLOG4aSYrkc3m899izFpVOwKum+K9lxVPVPrl496AaIrDxxwduboc
qdK1tkQQjRkzGHhEgH5fSLLsbAkydkugxrLN6llpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8YB/AZ7DGYknYk/2ukeHzZrj5S0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzEyM2M5OGM5LTMxMmUtNDMzNy1hOTZlLTdkMGY1OGM0MGQwYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAH7ri9EFVa1YwzxXvUVVmqDdTAy6
LUL6HklPusfmtlAbI3PqeKFTsQvKjEBCJVASZBQzbctQrQ65BJpNL9HgOoaycZZA
EuwaHe5tDMBv1ilbsMnzjE8R8h7XCglcsk2tVEAGVP8bczNfb1dNmJRndSqMoovu
Qn3yAl0mnTSL8TGl16EOJy54Ih3CcljCMfN3T7LI+jWxluIPTFH+rrZUQ5LSfQmU
b9idR8cGvqLfNJM7foq3jBkKFuNDaV3Dc4kzmDGj7RjhGjFTsMk7z1D2hbMTNQLe
9VQVoJhrJWbDORchE3vjAwy7EiyrtePIXl0fEjN6OKTpcoTNp9e//GWgCNo=
-----END CERTIFICATE-----