Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/42b3a056-c457-42e4-a925-3e49e2e352e9.roa
File:                     42b3a056-c457-42e4-a925-3e49e2e352e9.roa (raw, json)
Hash identifier:          zKnEK85mrw0BpQXhQbfpsSN0aBItuEfVXY9h32ojWX8=
Subject key identifier:   9B:FD:C6:DE:B1:4D:66:A5:0A:39:C7:24:75:79:1C:7A:06:29:5E:69
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5D2701D0CF81C5A2D9ADC9709BFE93FF320E78D0
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/42b3a056-c457-42e4-a925-3e49e2e352e9.roa
Signing time:             Wed 27 Dec 2023 00:00:00 +0000
ROA not before:           Wed 27 Dec 2023 00:00:00 +0000
ROA not after:            Wed 31 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:27:01:d0:cf:81:c5:a2:d9:ad:c9:70:9b:fe:93:ff:32:0e:78:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 27 00:00:00 2023 GMT
            Not After : Jan 31 23:59:59 2024 GMT
        Subject: serialNumber=153d21823c904c6ae93b3158487386828e2484565c3b6c5b000001ad319e68f7, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d8:64:b2:5b:12:f3:11:1c:39:04:2f:bd:cd:
                    9c:c4:cc:7f:8a:dc:09:26:85:51:f0:c7:1a:38:c9:
                    bf:7d:6d:24:aa:3c:f9:ed:93:ba:7a:4a:21:d7:0c:
                    47:fd:e4:dc:06:e2:c2:c2:85:88:29:b5:c4:3b:18:
                    c7:43:b5:27:3d:ef:79:55:77:24:1f:cb:3b:5a:8d:
                    95:08:f5:96:f5:73:10:bb:23:8c:91:09:8b:de:18:
                    0a:8a:67:cb:ce:ac:c8:15:09:89:41:3e:13:03:29:
                    40:58:65:5d:51:7f:f0:1d:38:97:81:04:4f:0d:9c:
                    44:88:44:19:89:35:f9:bd:1f:97:73:8c:c9:cc:e2:
                    4a:9c:3e:6e:c0:9e:bf:be:e8:14:f7:c9:04:da:87:
                    b4:49:07:e8:19:76:b0:01:6c:0a:84:dd:3f:86:31:
                    8b:52:75:37:35:55:f3:ba:b9:01:f7:61:d0:a9:79:
                    0a:8f:83:b7:58:b7:82:fb:2f:4d:5f:57:9f:b4:45:
                    7f:3f:0f:62:54:b4:2d:d4:ae:71:4e:e4:ea:20:16:
                    4e:23:5b:d1:7f:b5:54:91:53:c2:09:45:a5:2b:d4:
                    aa:0a:af:84:0f:8d:eb:ad:1f:79:26:cd:ba:2f:65:
                    80:14:dc:2b:dc:46:bd:0d:bb:fa:15:7e:c4:93:6c:
                    8c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:FD:C6:DE:B1:4D:66:A5:0A:39:C7:24:75:79:1C:7A:06:29:5E:69
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/42b3a056-c457-42e4-a925-3e49e2e352e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:17:5e:94:83:13:d9:89:45:57:1b:ea:19:4e:c5:11:04:34:
         e4:a1:4f:63:ed:da:f4:c9:13:6e:b0:70:f7:83:b9:68:40:69:
         35:eb:3b:da:ad:95:00:f5:8e:d9:7c:d6:f6:c8:78:5a:4c:fd:
         82:f2:60:39:84:4b:9d:30:9c:98:f7:9e:87:1c:e3:f1:dd:e8:
         79:5f:22:47:e4:65:08:1c:7d:c8:82:5f:cf:0a:81:59:b4:66:
         9f:7e:94:50:45:b3:5b:11:ad:8c:bb:83:77:2e:d8:5f:d3:76:
         dc:0e:40:c1:7a:0c:5c:c6:07:b8:d2:79:8e:74:f0:21:2d:0e:
         d2:df:c7:65:e2:5b:75:b0:5b:a3:17:b7:0a:06:13:70:4c:c3:
         6c:90:12:a1:2a:0d:98:14:27:cf:e8:b4:3d:81:db:75:1a:80:
         0e:70:c8:6a:1c:14:65:96:1d:9e:00:16:cc:d4:9e:86:52:cd:
         91:60:a6:31:17:52:ea:e2:bc:6f:1b:53:49:45:f5:d4:24:7f:
         67:44:31:3d:91:a7:73:f0:31:7a:bb:3f:b9:e8:59:61:ca:05:
         df:41:ec:be:f4:16:4c:cb:e4:bc:07:e5:ce:bf:67:11:ea:47:
         fb:0d:f1:ef:40:96:10:70:59:42:f8:de:ee:a3:59:c4:49:f8:
         66:77:df:d7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXScB0M+BxaLZrclwm/6T/zIOeNAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjI3MDAwMDAwWhcNMjQwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNTNkMjE4MjNjOTA0YzZhZTkzYjMxNTg0ODczODY4Mjhl
MjQ4NDU2NWMzYjZjNWIwMDAwMDFhZDMxOWU2OGY3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg2GSyWxLzERw5BC+9zZzEzH+K3AkmhVHwxxo4yb99bSSq
PPntk7p6SiHXDEf95NwG4sLChYgptcQ7GMdDtSc973lVdyQfyztajZUI9Zb1cxC7
I4yRCYveGAqKZ8vOrMgVCYlBPhMDKUBYZV1Rf/AdOJeBBE8NnESIRBmJNfm9H5dz
jMnM4kqcPm7Anr++6BT3yQTah7RJB+gZdrABbAqE3T+GMYtSdTc1VfO6uQH3YdCp
eQqPg7dYt4L7L01fV5+0RX8/D2JUtC3UrnFO5OogFk4jW9F/tVSRU8IJRaUr1KoK
r4QPjeutH3kmzbovZYAU3CvcRr0Nu/oVfsSTbIy3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUm/3G3rFNZqUKOcckdXkcegYpXmkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQyYjNhMDU2LWM0NTctNDJlNC1hOTI1LTNlNDllMmUzNTJlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJcXXpSDE9mJRVcb6hlOxREENOSh
T2Pt2vTJE26wcPeDuWhAaTXrO9qtlQD1jtl81vbIeFpM/YLyYDmES50wnJj3nocc
4/Hd6HlfIkfkZQgcfciCX88KgVm0Zp9+lFBFs1sRrYy7g3cu2F/TdtwOQMF6DFzG
B7jSeY508CEtDtLfx2XiW3WwW6MXtwoGE3BMw2yQEqEqDZgUJ8/otD2B23UagA5w
yGocFGWWHZ4AFszUnoZSzZFgpjEXUurivG8bU0lF9dQkf2dEMT2Rp3PwMXq7P7no
WWHKBd9B7L70FkzL5LwH5c6/ZxHqR/sN8e9AlhBwWUL43u6jWcRJ+GZ339c=