Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6a605f53-31ef-4d09-913a-1619f13489f6.roa
File:                     6a605f53-31ef-4d09-913a-1619f13489f6.roa (raw, json)
Hash identifier:          n5d9hHEj0EDkhesGfQEQ+HkEwN5DzPYeziEkGBObJY4=
Subject key identifier:   2E:CF:8B:86:F0:AC:A1:7F:90:E5:E2:1B:2E:83:B4:36:82:E5:DB:6B
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       07E13E184A42281261009037F749447C7C3FB201
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6a605f53-31ef-4d09-913a-1619f13489f6.roa
Signing time:             Fri 15 Dec 2023 00:00:00 +0000
ROA not before:           Fri 15 Dec 2023 00:00:00 +0000
ROA not after:            Fri 19 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:e1:3e:18:4a:42:28:12:61:00:90:37:f7:49:44:7c:7c:3f:b2:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 15 00:00:00 2023 GMT
            Not After : Jan 19 23:59:59 2024 GMT
        Subject: serialNumber=bd42ba1519182b10b4ce907ba809fc947e66a73db5463da3472197caa8737cab, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:dd:56:4d:12:51:b4:4c:be:3d:30:02:49:e8:
                    f9:65:a1:5d:68:39:53:a7:31:bb:94:4b:9f:1e:8d:
                    0b:04:aa:5d:98:36:a1:9e:6a:2a:e7:fb:fa:89:e5:
                    cb:e6:be:34:76:cd:91:ef:de:d0:7f:86:9d:9c:d7:
                    0d:3a:e0:41:0f:e4:67:f1:e6:88:98:09:32:60:51:
                    31:68:bb:04:06:c7:c7:14:be:c6:00:e5:1a:d5:e2:
                    6a:97:7f:0e:26:19:63:78:26:b6:ba:7c:48:92:08:
                    6d:e9:0d:98:1a:da:d3:e2:58:bf:be:59:cf:5f:16:
                    db:b5:74:fd:63:ea:36:4e:cd:af:94:bc:21:55:f4:
                    b6:ce:c9:6d:c6:48:55:11:61:a1:9b:ae:90:b9:c4:
                    4f:5a:12:ee:76:5c:ae:c1:dc:3e:1d:7a:e9:d1:20:
                    7e:63:53:aa:d5:80:b7:29:72:79:80:4d:8d:d0:d3:
                    be:0f:a6:c9:f6:91:1d:7f:80:0a:55:aa:04:4b:da:
                    b1:c1:eb:a2:69:ea:ec:73:e0:4b:90:f5:fa:d8:07:
                    a1:aa:2b:0c:3c:a4:6e:c5:ea:f6:ee:4d:5c:ac:dd:
                    15:e9:e0:88:67:9b:c9:0e:12:08:d3:cc:7e:d2:81:
                    2e:bb:23:32:9e:95:d1:96:b4:45:38:58:3a:1d:24:
                    3b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:CF:8B:86:F0:AC:A1:7F:90:E5:E2:1B:2E:83:B4:36:82:E5:DB:6B
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6a605f53-31ef-4d09-913a-1619f13489f6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:f4:58:d1:89:14:23:9c:d3:8d:86:3d:16:0b:67:5a:c5:fc:
         8e:cb:cf:35:67:c3:74:77:55:a0:e6:5c:f2:78:b3:50:db:80:
         f4:be:ef:ef:27:3d:2a:a5:c6:af:3a:d1:49:cc:d0:cb:33:84:
         12:f5:d4:ef:3f:11:36:1f:70:21:3b:ef:f9:bd:ef:ca:57:e3:
         42:49:bf:f0:d8:8c:3b:c7:d1:a7:ef:17:f0:d8:7e:8c:e5:50:
         34:9b:41:a3:c7:6d:bf:27:7d:e5:89:1f:ec:40:5b:0c:ae:c7:
         e8:83:28:d7:01:bc:1c:40:90:04:3a:7e:4e:1a:5c:b8:b7:f7:
         c8:8f:2b:c0:84:b6:3a:6c:c4:b9:9d:24:13:0c:91:f6:a7:c5:
         f5:84:89:7c:44:f3:50:a2:37:05:81:56:24:ce:fb:79:b9:10:
         62:62:49:cb:b6:b9:0f:39:f5:7a:86:be:b5:9c:d0:5e:63:3c:
         ec:b5:b0:a4:c3:99:43:2e:a7:99:b0:5a:61:6e:e4:4d:b5:91:
         8f:7b:c8:b7:b2:5f:8f:45:b2:f6:10:13:7f:7b:bb:e8:87:51:
         aa:df:bd:c6:0c:ed:20:cd:cb:c4:9d:c2:8a:bf:2a:3d:2e:8a:
         71:ba:46:38:aa:7f:fa:9d:0f:a4:41:a4:59:7b:bc:c1:56:3b:
         d6:5d:ad:7b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUB+E+GEpCKBJhAJA390lEfHw/sgEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjE1MDAwMDAwWhcNMjQwMTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZDQyYmExNTE5MTgyYjEwYjRjZTkwN2JhODA5ZmM5NDdl
NjZhNzNkYjU0NjNkYTM0NzIxOTdjYWE4NzM3Y2FiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC83VZNElG0TL49MAJJ6PlloV1oOVOnMbuUS58ejQsEql2Y
NqGeairn+/qJ5cvmvjR2zZHv3tB/hp2c1w064EEP5Gfx5oiYCTJgUTFouwQGx8cU
vsYA5RrV4mqXfw4mGWN4Jra6fEiSCG3pDZga2tPiWL++Wc9fFtu1dP1j6jZOza+U
vCFV9LbOyW3GSFURYaGbrpC5xE9aEu52XK7B3D4deunRIH5jU6rVgLcpcnmATY3Q
074Ppsn2kR1/gApVqgRL2rHB66Jp6uxz4EuQ9frYB6GqKww8pG7F6vbuTVys3RXp
4Ihnm8kOEgjTzH7SgS67IzKeldGWtEU4WDodJDsNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULs+LhvCsoX+Q5eIbLoO0NoLl22swHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzZhNjA1ZjUzLTMxZWYtNGQwOS05MTNhLTE2MTlmMTM0ODlmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABv0WNGJFCOc042GPRYLZ1rF/I7L
zzVnw3R3VaDmXPJ4s1DbgPS+7+8nPSqlxq860UnM0MszhBL11O8/ETYfcCE77/m9
78pX40JJv/DYjDvH0afvF/DYfozlUDSbQaPHbb8nfeWJH+xAWwyux+iDKNcBvBxA
kAQ6fk4aXLi398iPK8CEtjpsxLmdJBMMkfanxfWEiXxE81CiNwWBViTO+3m5EGJi
Scu2uQ859XqGvrWc0F5jPOy1sKTDmUMup5mwWmFu5E21kY97yLeyX49FsvYQE397
u+iHUarfvcYM7SDNy8Sdwoq/Kj0uinG6Rjiqf/qdD6RBpFl7vMFWO9ZdrXs=
-----END CERTIFICATE-----