Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4cf24f08-06d4-42b6-af19-c1daf631816d.roa
File:                     4cf24f08-06d4-42b6-af19-c1daf631816d.roa (raw, json)
Hash identifier:          VJnfadHjsHWyqG2YLdZzzxoODsSV41rDj9oOq3WWd7U=
Subject key identifier:   78:8C:7A:5A:19:7B:80:51:18:B0:AE:1E:85:9B:B0:7A:81:1C:D3:4D
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       423DB241BD09B89DBD3C85539376F9FBA93206A7
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4cf24f08-06d4-42b6-af19-c1daf631816d.roa
Signing time:             Wed 20 Dec 2023 00:00:00 +0000
ROA not before:           Wed 20 Dec 2023 00:00:00 +0000
ROA not after:            Wed 24 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:3d:b2:41:bd:09:b8:9d:bd:3c:85:53:93:76:f9:fb:a9:32:06:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 20 00:00:00 2023 GMT
            Not After : Jan 24 23:59:59 2024 GMT
        Subject: serialNumber=d8d747afc65d1e69a387e9c762b944e00a32d1ddd007b4916ff3d0928bfe1601, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a1:75:9f:0c:2d:72:04:b9:13:06:1c:1a:ae:
                    8e:09:a0:cc:8f:95:d5:9b:46:be:60:af:19:73:d2:
                    7c:50:8f:1e:f6:58:ef:1c:e1:6f:11:ef:c5:40:c5:
                    04:b7:96:ed:58:c1:7d:98:54:bc:c6:86:e0:66:ce:
                    cd:bb:33:bf:fe:1f:5b:86:87:2e:80:58:20:1e:0c:
                    0d:71:33:df:65:fa:44:96:8d:5b:be:80:74:91:eb:
                    a1:1d:d4:79:5c:28:9a:9d:6d:b4:63:b9:13:39:83:
                    65:d9:d7:df:ae:4d:3d:96:7b:9b:db:91:1c:80:d3:
                    60:41:56:3e:ce:ed:6b:a1:d4:41:df:48:e9:f2:ee:
                    50:0b:29:47:78:80:e2:01:67:5a:d2:2b:ab:86:eb:
                    59:23:83:a3:e2:32:fa:d1:a1:3d:38:17:86:81:d0:
                    9f:ff:ae:b2:e7:8a:81:b3:5b:56:a1:8b:66:78:23:
                    d7:dc:aa:9b:05:61:d5:fc:d1:c2:45:3c:3c:a1:cd:
                    f8:22:3d:02:80:06:6d:56:01:3a:73:83:32:c9:a2:
                    28:98:93:6b:3f:7f:59:ea:d6:e0:0e:d1:6f:28:ad:
                    81:65:0e:83:1f:a8:11:dd:f8:29:fe:79:38:f3:04:
                    8e:b4:c6:91:5f:00:ff:66:a0:e5:65:89:dd:d2:14:
                    d1:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:8C:7A:5A:19:7B:80:51:18:B0:AE:1E:85:9B:B0:7A:81:1C:D3:4D
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4cf24f08-06d4-42b6-af19-c1daf631816d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:74:fa:09:4f:8e:d6:bd:7c:af:4c:6e:88:5f:d0:2c:9d:81:
         95:66:42:e4:62:2a:31:c6:3d:20:87:88:06:6b:39:9d:73:00:
         74:f8:d2:05:ac:7d:b1:1d:c5:85:0d:c1:12:0b:15:b0:e1:06:
         a8:90:77:a4:4d:d2:4e:6d:54:a8:36:d8:e9:b5:e3:79:0f:02:
         2f:9c:76:8e:25:eb:ac:5d:f8:18:c4:1b:d7:f1:b8:54:dd:cf:
         7f:6f:cd:22:fb:3d:a3:87:a6:bd:f8:96:15:00:10:47:8f:0d:
         7b:5c:1e:0b:e0:f2:c1:a9:55:f5:d4:df:1f:5b:a2:f3:9a:7d:
         4d:83:35:c7:09:45:8a:3f:12:dc:26:71:58:b7:00:11:a6:da:
         33:a5:6e:c0:19:ba:a9:46:60:c4:d5:74:9a:60:50:92:df:fc:
         d5:de:1f:21:0f:3b:f7:9f:5c:44:04:df:93:08:91:77:21:43:
         b6:34:51:9a:ac:bd:30:e0:b9:f5:c7:1b:55:f7:a3:5c:87:b7:
         44:02:31:02:81:64:a6:18:4b:75:9d:17:9d:fb:2a:e1:8f:81:
         02:19:4c:a7:d8:79:36:0d:db:a7:19:85:b2:77:59:29:3b:7d:
         98:3f:1f:8d:cc:72:bf:76:16:bb:61:96:89:d7:ea:91:d7:07:
         1e:36:c0:0c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQj2yQb0JuJ29PIVTk3b5+6kyBqcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjIwMDAwMDAwWhcNMjQwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkOGQ3NDdhZmM2NWQxZTY5YTM4N2U5Yzc2MmI5NDRlMDBh
MzJkMWRkZDAwN2I0OTE2ZmYzZDA5MjhiZmUxNjAxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCHoXWfDC1yBLkTBhwaro4JoMyPldWbRr5grxlz0nxQjx72
WO8c4W8R78VAxQS3lu1YwX2YVLzGhuBmzs27M7/+H1uGhy6AWCAeDA1xM99l+kSW
jVu+gHSR66Ed1HlcKJqdbbRjuRM5g2XZ19+uTT2We5vbkRyA02BBVj7O7Wuh1EHf
SOny7lALKUd4gOIBZ1rSK6uG61kjg6PiMvrRoT04F4aB0J//rrLnioGzW1ahi2Z4
I9fcqpsFYdX80cJFPDyhzfgiPQKABm1WATpzgzLJoiiYk2s/f1nq1uAO0W8orYFl
DoMfqBHd+Cn+eTjzBI60xpFfAP9moOVlid3SFNEXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUeIx6Whl7gFEYsK4ehZuweoEc000wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzRjZjI0ZjA4LTA2ZDQtNDJiNi1hZjE5LWMxZGFmNjMxODE2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADl0+glPjta9fK9Mbohf0CydgZVm
QuRiKjHGPSCHiAZrOZ1zAHT40gWsfbEdxYUNwRILFbDhBqiQd6RN0k5tVKg22Om1
43kPAi+cdo4l66xd+BjEG9fxuFTdz39vzSL7PaOHpr34lhUAEEePDXtcHgvg8sGp
VfXU3x9bovOafU2DNccJRYo/EtwmcVi3ABGm2jOlbsAZuqlGYMTVdJpgUJLf/NXe
HyEPO/efXEQE35MIkXchQ7Y0UZqsvTDgufXHG1X3o1yHt0QCMQKBZKYYS3WdF537
KuGPgQIZTKfYeTYN26cZhbJ3WSk7fZg/H43Mcr92FrthlonX6pHXBx42wAw=
-----END CERTIFICATE-----