Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/51b92dec-ae4b-429f-81b6-7dd234944c3d.roa
File:                     51b92dec-ae4b-429f-81b6-7dd234944c3d.roa (raw, json)
Hash identifier:          06O419Q0dclJYH0k1/QZAG+DyIGHY2PxzXYL1yXAenE=
Subject key identifier:   AF:59:3F:15:13:B5:1E:60:6A:5F:93:72:DD:ED:E9:D1:26:3A:66:C0
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       5624F5B1E543697273E585C3080CBFBD45560058
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/51b92dec-ae4b-429f-81b6-7dd234944c3d.roa
Signing time:             Wed 20 Dec 2023 00:00:00 +0000
ROA not before:           Wed 20 Dec 2023 00:00:00 +0000
ROA not after:            Wed 24 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:24:f5:b1:e5:43:69:72:73:e5:85:c3:08:0c:bf:bd:45:56:00:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 20 00:00:00 2023 GMT
            Not After : Jan 24 23:59:59 2024 GMT
        Subject: serialNumber=71fffc78a906a61cb189b86169f71915ee73fe7569cf207d66205b564d639c0c, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2a:10:5f:90:ac:1e:ec:72:ed:fe:de:b3:c7:
                    50:2f:90:b9:49:37:f2:f6:25:01:cc:ae:2e:19:84:
                    11:e1:e0:b0:74:6f:0b:b9:61:96:e7:a0:67:d0:32:
                    42:11:ea:76:36:b6:63:1b:e5:ef:73:22:88:35:89:
                    2c:a4:d5:79:72:ad:81:c7:a7:d8:f0:63:ec:0a:bb:
                    3c:46:f9:b1:08:5e:c4:74:b1:55:92:17:c4:d9:4c:
                    8f:c8:f4:70:f5:10:8d:3f:dc:3f:96:bf:67:32:d3:
                    9b:71:e1:70:74:3e:29:d3:f9:0b:a5:40:6d:d1:c8:
                    31:56:93:9c:ef:aa:b6:51:a6:41:44:41:da:76:53:
                    e2:ba:a0:66:b2:c9:4d:d5:49:77:2b:44:34:5f:3b:
                    e2:1c:cb:c0:45:70:3b:5d:77:23:a1:4b:1e:86:aa:
                    40:ac:e8:20:3e:3d:4f:12:02:b1:81:8a:11:f1:27:
                    62:e7:d5:b0:7b:df:ea:70:31:fa:be:4b:49:7d:68:
                    66:f8:39:27:88:a7:0c:16:31:5d:9f:50:d2:b3:65:
                    48:23:13:d7:80:e4:ee:f7:1c:11:bf:6c:94:c2:af:
                    c8:c2:b7:e9:07:98:27:27:35:4d:d5:ea:ad:60:f7:
                    ae:70:1a:8e:41:21:68:48:21:f4:43:c3:37:7d:44:
                    80:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:59:3F:15:13:B5:1E:60:6A:5F:93:72:DD:ED:E9:D1:26:3A:66:C0
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/51b92dec-ae4b-429f-81b6-7dd234944c3d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:01:9d:cf:e5:a0:ad:af:9d:b4:7e:be:2c:53:98:36:cb:8c:
         ef:c8:af:b6:e4:c2:57:42:ea:63:6f:ad:f1:2b:38:99:82:46:
         d2:57:1f:96:35:be:8d:82:89:98:25:69:f7:f2:e2:ff:2a:13:
         74:da:d3:18:5f:51:aa:16:58:58:3a:e6:6f:8f:db:1a:e9:bf:
         40:c1:79:27:14:9e:00:6e:24:1a:f0:35:d6:c1:57:33:44:bd:
         78:2d:6b:eb:10:3a:a4:50:e5:84:26:97:17:c9:0d:01:76:25:
         cc:cb:97:ac:d4:67:72:39:2d:d3:11:49:bc:a6:47:29:df:6b:
         c2:19:8d:32:45:9d:d2:5e:7f:d7:83:6f:c2:fb:f7:86:73:bc:
         11:8e:fc:72:60:e9:de:62:58:35:92:8e:8e:20:8f:df:49:09:
         b4:69:1e:d1:d6:14:14:0f:65:31:7b:ba:3e:c2:2e:c4:ec:60:
         13:8e:70:67:af:2f:a6:fe:5d:b5:d0:6a:df:4b:aa:82:67:07:
         77:b1:cf:75:77:10:ae:00:af:ea:9e:8f:1e:32:2d:8d:43:ee:
         c2:48:50:80:09:2a:0f:fa:0d:5c:ac:3b:7d:d5:84:9e:d1:18:
         a4:d7:5e:42:72:52:fe:4b:8d:be:b0:ef:a0:db:c2:f8:82:98:
         e2:69:b4:0d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUViT1seVDaXJz5YXDCAy/vUVWAFgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjIwMDAwMDAwWhcNMjQwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MWZmZmM3OGE5MDZhNjFjYjE4OWI4NjE2OWY3MTkxNWVl
NzNmZTc1NjljZjIwN2Q2NjIwNWI1NjRkNjM5YzBjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmKhBfkKwe7HLt/t6zx1AvkLlJN/L2JQHMri4ZhBHh4LB0
bwu5YZbnoGfQMkIR6nY2tmMb5e9zIog1iSyk1XlyrYHHp9jwY+wKuzxG+bEIXsR0
sVWSF8TZTI/I9HD1EI0/3D+Wv2cy05tx4XB0PinT+QulQG3RyDFWk5zvqrZRpkFE
Qdp2U+K6oGayyU3VSXcrRDRfO+Icy8BFcDtddyOhSx6GqkCs6CA+PU8SArGBihHx
J2Ln1bB73+pwMfq+S0l9aGb4OSeIpwwWMV2fUNKzZUgjE9eA5O73HBG/bJTCr8jC
t+kHmCcnNU3V6q1g965wGo5BIWhIIfRDwzd9RIBZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUr1k/FRO1HmBqX5Ny3e3p0SY6ZsAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzUxYjkyZGVjLWFlNGItNDI5Zi04MWI2LTdkZDIzNDk0NGMzZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBALEBnc/loK2vnbR+vixTmDbLjO/I
r7bkwldC6mNvrfErOJmCRtJXH5Y1vo2CiZglaffy4v8qE3Ta0xhfUaoWWFg65m+P
2xrpv0DBeScUngBuJBrwNdbBVzNEvXgta+sQOqRQ5YQmlxfJDQF2JczLl6zUZ3I5
LdMRSbymRynfa8IZjTJFndJef9eDb8L794ZzvBGO/HJg6d5iWDWSjo4gj99JCbRp
HtHWFBQPZTF7uj7CLsTsYBOOcGevL6b+XbXQat9LqoJnB3exz3V3EK4Ar+qejx4y
LY1D7sJIUIAJKg/6DVysO33VhJ7RGKTXXkJyUv5Ljb6w76DbwviCmOJptA0=
-----END CERTIFICATE-----