Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/322e659f-853c-45af-b032-0bcdbe9ad233.roa
File:                     322e659f-853c-45af-b032-0bcdbe9ad233.roa (raw, json)
Hash identifier:          Ea5PBTDDmxHKw0tYPL9D6ggRk2NTeIh5QNngvdyvyU4=
Subject key identifier:   DA:8E:37:47:C3:B8:62:50:2C:DD:C9:6E:0D:A9:B2:CC:18:30:73:37
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       0A41ECD6EDCAB47DC5C7691D35F33CF4DA6FC60C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/322e659f-853c-45af-b032-0bcdbe9ad233.roa
Signing time:             Sun 07 Jan 2024 00:00:00 +0000
ROA not before:           Sun 07 Jan 2024 00:00:00 +0000
ROA not after:            Sun 11 Feb 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Jan 2024 04:10:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:41:ec:d6:ed:ca:b4:7d:c5:c7:69:1d:35:f3:3c:f4:da:6f:c6:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jan  7 00:00:00 2024 GMT
            Not After : Feb 11 23:59:59 2024 GMT
        Subject: serialNumber=be24fe41f16cff58f35c394dc8c02df06c225db424a1711a27ad3f08428215c2, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ef:68:5e:9f:9c:7a:e9:01:a3:c3:06:37:74:
                    7c:ab:8f:58:35:6b:39:67:e2:c4:6b:ff:b1:4f:cc:
                    0b:13:48:49:ff:49:a3:de:d3:5e:92:31:70:0b:b0:
                    c1:c6:d2:4c:eb:7c:8d:59:9e:50:30:cc:da:ba:37:
                    17:d7:94:1c:8f:c3:20:61:0e:ab:ad:83:40:ab:77:
                    68:a1:bb:fa:34:f2:a2:74:e1:55:da:01:65:24:2a:
                    06:1c:d3:c8:5b:a9:c3:10:54:ed:2c:a5:11:af:88:
                    64:10:d6:52:d3:21:d9:ae:20:a5:a0:3d:98:20:49:
                    d3:1d:74:03:f7:8c:89:f1:0e:bd:fc:13:29:ee:6d:
                    97:8e:58:97:08:e1:99:f6:ae:e6:6f:a1:0b:41:be:
                    aa:9c:41:82:70:b5:d3:a5:55:18:a1:a6:0e:67:8a:
                    f4:e0:fc:76:e3:46:4f:1a:d9:47:fb:b7:7a:25:7a:
                    3b:e4:89:b3:d5:1e:3e:23:f8:62:04:e0:e4:42:3d:
                    69:97:0a:9c:12:1b:be:29:5a:b7:f0:62:a0:80:bb:
                    cd:4c:ca:22:5c:4d:5b:df:10:27:c5:6c:7a:e9:62:
                    50:78:13:af:b4:e5:32:df:64:80:cc:dc:54:25:d1:
                    46:96:0a:8a:e6:f6:03:b8:74:aa:44:74:d1:48:b8:
                    7a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:8E:37:47:C3:B8:62:50:2C:DD:C9:6E:0D:A9:B2:CC:18:30:73:37
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/322e659f-853c-45af-b032-0bcdbe9ad233.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:41:9f:fc:69:77:02:35:98:10:9b:22:ed:56:ad:f4:8a:0a:
         10:b0:41:a4:08:58:0d:65:f4:10:bb:dd:2a:cf:a2:16:55:27:
         42:27:82:08:e7:da:09:fc:02:58:51:eb:29:ca:6d:d3:a3:3c:
         34:7b:63:6c:ce:a7:8b:39:b8:c1:33:00:da:7f:4b:8c:18:2d:
         21:e6:21:16:3c:c5:01:45:59:c9:e3:fb:0e:29:7e:a0:bf:f7:
         ce:1e:85:14:08:a9:10:dd:03:1c:34:83:e3:20:0a:93:a2:a7:
         78:52:6a:b8:f6:de:8a:35:9c:4c:9f:eb:d3:e8:48:cc:6e:95:
         03:fd:bc:5e:a2:2e:a3:47:41:cd:f5:62:93:83:29:af:48:3d:
         4a:72:62:47:e7:12:3c:2f:6e:f4:67:3e:7d:ea:e2:04:37:f9:
         ea:8f:d8:e4:cb:d4:85:e9:ab:94:8e:f3:1f:0b:ef:0c:6b:28:
         f3:60:24:d1:72:41:b9:22:37:d9:84:23:54:e2:c9:f8:36:73:
         02:d2:7f:da:09:6b:3d:65:7c:02:03:f3:b5:5d:7a:c4:f9:a2:
         84:94:98:68:d2:08:50:0c:a8:0e:3b:ac:c3:d9:90:6b:98:a7:
         02:45:30:19:77:fb:87:f9:67:fc:78:ea:74:01:f5:03:27:b9:
         56:95:aa:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCkHs1u3KtH3Fx2kdNfM89NpvxgwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMTA3MDAwMDAwWhcNMjQwMjExMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTI0ZmU0MWYxNmNmZjU4ZjM1YzM5NGRjOGMwMmRmMDZj
MjI1ZGI0MjRhMTcxMWEyN2FkM2YwODQyODIxNWMyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC572hen5x66QGjwwY3dHyrj1g1azln4sRr/7FPzAsTSEn/
SaPe016SMXALsMHG0kzrfI1ZnlAwzNq6NxfXlByPwyBhDqutg0Crd2ihu/o08qJ0
4VXaAWUkKgYc08hbqcMQVO0spRGviGQQ1lLTIdmuIKWgPZggSdMddAP3jInxDr38
EynubZeOWJcI4Zn2ruZvoQtBvqqcQYJwtdOlVRihpg5nivTg/HbjRk8a2Uf7t3ol
ejvkibPVHj4j+GIE4ORCPWmXCpwSG74pWrfwYqCAu81MyiJcTVvfECfFbHrpYlB4
E6+05TLfZIDM3FQl0UaWCorm9gO4dKpEdNFIuHp5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2o43R8O4YlAs3cluDamyzBgwczcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzMyMmU2NTlmLTg1M2MtNDVhZi1iMDMyLTBiY2RiZTlhZDIzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFZBn/xpdwI1mBCbIu1WrfSKChCw
QaQIWA1l9BC73SrPohZVJ0Inggjn2gn8AlhR6ynKbdOjPDR7Y2zOp4s5uMEzANp/
S4wYLSHmIRY8xQFFWcnj+w4pfqC/984ehRQIqRDdAxw0g+MgCpOip3hSarj23oo1
nEyf69PoSMxulQP9vF6iLqNHQc31YpODKa9IPUpyYkfnEjwvbvRnPn3q4gQ3+eqP
2OTL1IXpq5SO8x8L7wxrKPNgJNFyQbkiN9mEI1Tiyfg2cwLSf9oJaz1lfAID87Vd
esT5ooSUmGjSCFAMqA47rMPZkGuYpwJFMBl3+4f5Z/x46nQB9QMnuVaVqlk=
-----END CERTIFICATE-----