Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25028760-6c3a-4261-95a5-fe53b54ad7eb.roa
File:                     25028760-6c3a-4261-95a5-fe53b54ad7eb.roa (raw, json)
Hash identifier:          pRoZVEXy6Kws9j5S85cSwWv98ojRC7FevBZjbwjnfLU=
Subject key identifier:   21:98:41:4C:4C:DE:A8:B3:E9:59:9E:CD:E9:89:E2:3A:1C:9E:F9:C9
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       67C0C0352EB80BD3F2EB34FDED6C7F9F7DB26A85
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25028760-6c3a-4261-95a5-fe53b54ad7eb.roa
Signing time:             Tue 28 Nov 2023 00:00:00 +0000
ROA not before:           Tue 28 Nov 2023 00:00:00 +0000
ROA not after:            Tue 02 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:c0:c0:35:2e:b8:0b:d3:f2:eb:34:fd:ed:6c:7f:9f:7d:b2:6a:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 28 00:00:00 2023 GMT
            Not After : Jan  2 23:59:59 2024 GMT
        Subject: serialNumber=78f8613e8b80eedd26012f51c55193b135d77b72175742ef1be442cb50262ab0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:fb:ca:49:df:fa:e8:5d:61:d0:fd:57:aa:c9:
                    b0:bf:f5:3e:a7:0c:3f:66:ac:3a:fe:3a:18:70:e4:
                    af:ea:37:33:7d:f6:71:d4:2b:ce:8e:17:4a:8d:58:
                    30:4e:c3:57:7a:d6:98:aa:0a:01:f9:ba:47:a4:08:
                    5f:48:73:e4:e0:75:75:9e:07:c5:a8:8d:56:67:ff:
                    2b:d5:39:be:56:33:98:8f:41:ae:67:0b:2e:2d:bd:
                    41:3e:46:e3:29:72:80:a5:7e:80:5f:04:e1:33:8c:
                    01:ef:b7:a5:35:47:42:25:69:25:f5:8c:10:bc:90:
                    26:90:9e:5b:bc:ed:18:51:58:b1:86:e9:5a:23:0c:
                    2b:95:79:2a:51:35:d5:15:a8:92:74:e4:d6:cb:da:
                    6f:f1:b1:47:d1:51:a5:e1:ce:d4:de:4d:b0:8b:24:
                    bb:6c:be:cd:e3:f0:af:63:f4:2c:0e:cd:a4:31:e2:
                    af:e6:0b:31:d0:da:ba:a2:f0:de:9e:0d:25:d9:bd:
                    ef:30:f3:f6:ca:68:39:3f:07:fb:0c:a1:bd:e3:0b:
                    2d:be:25:fa:ee:61:ac:f7:88:65:77:c4:b3:2f:ff:
                    94:0f:d9:fb:bc:e0:97:17:91:af:b6:b8:39:19:16:
                    38:95:17:51:11:5e:44:13:a8:be:6b:cd:a5:94:b8:
                    f0:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:98:41:4C:4C:DE:A8:B3:E9:59:9E:CD:E9:89:E2:3A:1C:9E:F9:C9
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/25028760-6c3a-4261-95a5-fe53b54ad7eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:73:10:58:fc:81:00:e3:cd:e0:6d:fd:a6:67:99:0e:90:20:
         53:45:4b:d2:0a:16:8c:b2:ae:ed:d8:2b:cf:51:dd:ee:26:b4:
         3f:b7:23:d5:f1:2e:0b:1e:ac:ac:1d:85:d2:06:35:dd:e1:3d:
         0d:fb:5c:b6:fd:84:37:61:d0:72:41:d9:ad:ae:bd:af:a3:b2:
         ec:ad:42:0e:d6:95:5d:5e:58:24:1c:64:61:f0:83:9b:c8:8c:
         bd:e8:58:97:9c:d1:de:0c:77:37:e8:ce:64:e3:f1:72:cf:91:
         31:0c:ff:e7:62:d2:48:8d:e5:4a:6c:26:6d:79:27:8a:38:a7:
         99:d7:8b:ad:6e:aa:50:c2:03:b5:70:ba:f8:9e:8e:77:1a:a2:
         19:85:00:9b:53:e2:5d:c4:33:32:d6:25:6b:6a:64:66:05:44:
         4a:35:59:22:a6:44:83:25:02:d2:31:8f:1e:b4:65:e7:ba:0f:
         56:de:ca:c1:76:d4:8a:86:2a:b4:cb:54:dd:a9:d2:a7:bd:76:
         bd:ee:47:d1:b1:de:43:10:8f:8c:6f:a5:83:e8:40:bb:a7:ea:
         5c:be:ab:86:ab:37:ab:f8:ac:fe:e7:3a:e3:15:0a:dc:c5:f8:
         81:ba:40:28:8d:ef:03:f6:6e:77:e7:30:9e:3c:f4:82:2a:2a:
         af:51:b2:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZ8DANS64C9Py6zT97Wx/n32yaoUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTI4MDAwMDAwWhcNMjQwMTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3OGY4NjEzZThiODBlZWRkMjYwMTJmNTFjNTUxOTNiMTM1
ZDc3YjcyMTc1NzQyZWYxYmU0NDJjYjUwMjYyYWIwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDh+8pJ3/roXWHQ/VeqybC/9T6nDD9mrDr+Ohhw5K/qNzN9
9nHUK86OF0qNWDBOw1d61piqCgH5ukekCF9Ic+TgdXWeB8WojVZn/yvVOb5WM5iP
Qa5nCy4tvUE+RuMpcoClfoBfBOEzjAHvt6U1R0IlaSX1jBC8kCaQnlu87RhRWLGG
6VojDCuVeSpRNdUVqJJ05NbL2m/xsUfRUaXhztTeTbCLJLtsvs3j8K9j9CwOzaQx
4q/mCzHQ2rqi8N6eDSXZve8w8/bKaDk/B/sMob3jCy2+JfruYaz3iGV3xLMv/5QP
2fu84JcXka+2uDkZFjiVF1ERXkQTqL5rzaWUuPCLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIZhBTEzeqLPpWZ7N6YniOhye+ckwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzI1MDI4NzYwLTZjM2EtNDI2MS05NWE1LWZlNTNiNTRhZDdlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABRzEFj8gQDjzeBt/aZnmQ6QIFNF
S9IKFoyyru3YK89R3e4mtD+3I9XxLgserKwdhdIGNd3hPQ37XLb9hDdh0HJB2a2u
va+jsuytQg7WlV1eWCQcZGHwg5vIjL3oWJec0d4MdzfozmTj8XLPkTEM/+di0kiN
5UpsJm15J4o4p5nXi61uqlDCA7VwuviejncaohmFAJtT4l3EMzLWJWtqZGYFREo1
WSKmRIMlAtIxjx60Zee6D1beysF21IqGKrTLVN2p0qe9dr3uR9Gx3kMQj4xvpYPo
QLun6ly+q4arN6v4rP7nOuMVCtzF+IG6QCiN7wP2bnfnMJ489IIqKq9Rsho=
-----END CERTIFICATE-----