Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79446698-1ecc-424f-bb99-fff24183a495.roa
File:                     79446698-1ecc-424f-bb99-fff24183a495.roa (raw, json)
Hash identifier:          AoPPxSmYhBFt3Sjg1KExG39T2/mLd+VDy6eCDL0ixxw=
Subject key identifier:   99:F3:6D:64:9D:0D:41:2A:43:D9:ED:58:0B:4F:C4:4D:53:6A:DD:F0
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       4B87434B842F82A5FAEFC5B3218C8D166C8F15CD
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79446698-1ecc-424f-bb99-fff24183a495.roa
Signing time:             Sat 09 Dec 2023 00:00:00 +0000
ROA not before:           Sat 09 Dec 2023 00:00:00 +0000
ROA not after:            Sat 13 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:87:43:4b:84:2f:82:a5:fa:ef:c5:b3:21:8c:8d:16:6c:8f:15:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec  9 00:00:00 2023 GMT
            Not After : Jan 13 23:59:59 2024 GMT
        Subject: serialNumber=078d343418ac120a1574d9833b1784fe926ae523e1da1a8643a9b1b82f96c8ac, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:21:9c:f6:a9:1e:88:f8:5f:4b:14:4d:8d:46:
                    2c:44:c2:3c:65:3c:69:cd:11:c5:c1:5c:e3:24:96:
                    fb:15:6c:83:15:ac:a2:e6:fa:f4:36:73:4f:3a:38:
                    4b:34:3f:d0:4d:85:3a:48:73:65:37:32:d1:93:46:
                    55:1d:4f:9d:6a:7a:fa:11:aa:7c:2a:3d:bc:c5:70:
                    11:ed:26:82:b9:cd:17:bc:79:6d:d6:ad:f3:cc:f4:
                    d6:2d:f0:09:3c:fe:af:9c:39:87:4b:42:0e:38:8a:
                    b5:0b:44:6b:66:34:a6:38:fe:31:a8:49:61:98:74:
                    ee:f0:be:5d:a1:7f:98:e8:46:01:91:0d:5b:78:f5:
                    63:90:7c:fa:d1:2c:7a:02:69:93:68:ed:7f:98:1e:
                    28:d2:14:ec:05:1d:95:e1:bf:20:f0:f3:08:2d:9b:
                    1d:de:32:b8:9f:b4:5e:71:26:fb:c4:88:eb:c8:ae:
                    84:87:a5:dd:83:fb:bd:8f:49:15:2d:72:11:c4:dd:
                    f2:c9:2e:ac:b5:95:a5:33:8a:d6:29:9c:69:a3:f0:
                    14:f1:6c:24:c7:dd:82:a5:a1:45:4e:0d:81:90:dd:
                    71:11:89:d5:ff:4c:7c:03:5f:5f:b7:74:01:e0:e3:
                    aa:97:5c:21:f8:d4:13:d0:d2:97:a0:31:f5:e2:88:
                    ce:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:F3:6D:64:9D:0D:41:2A:43:D9:ED:58:0B:4F:C4:4D:53:6A:DD:F0
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79446698-1ecc-424f-bb99-fff24183a495.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:ce:b0:d3:11:b5:d3:52:2f:3f:33:cf:60:60:f1:68:71:c3:
         78:c1:9a:dc:fc:23:9d:1c:ed:e5:a7:d3:2e:0f:b7:2d:3d:af:
         77:f0:50:20:44:61:84:af:3c:20:ad:eb:a7:f4:3c:07:ec:6b:
         83:6b:96:65:5e:06:00:bc:8a:bc:4b:30:c7:cd:1d:a7:45:6c:
         2d:ee:3b:45:c0:c3:9f:8a:74:f0:f6:05:2a:8e:09:9c:fc:c5:
         e0:c4:ea:af:bc:93:37:fd:91:5d:e9:b0:6d:63:6e:5b:4d:bb:
         c8:2b:b5:f8:80:b2:22:a1:22:e4:a7:30:8c:2b:ac:79:cb:4d:
         c7:e9:dd:e8:0b:4e:50:d7:15:57:40:87:4d:d9:0f:13:71:4c:
         0f:79:7a:2f:68:6a:1c:b7:fe:b7:ce:cb:e8:cd:2c:99:57:16:
         73:a1:41:39:db:44:34:13:59:35:46:3f:90:78:53:d3:5e:2f:
         29:f7:18:5a:34:26:da:3c:f3:19:da:d9:74:ab:1c:ad:55:d5:
         5f:cb:01:5c:65:2d:2d:9b:e7:05:58:fd:41:01:3d:79:24:d1:
         b7:c1:b0:02:c5:cc:1b:ae:9a:30:75:03:1a:99:3c:ae:4a:27:
         19:59:16:81:b6:14:1a:51:4f:39:1d:b6:b4:f9:4d:fd:85:51:
         3b:d8:c2:89
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS4dDS4QvgqX678WzIYyNFmyPFc0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjA5MDAwMDAwWhcNMjQwMTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzhkMzQzNDE4YWMxMjBhMTU3NGQ5ODMzYjE3ODRmZTky
NmFlNTIzZTFkYTFhODY0M2E5YjFiODJmOTZjOGFjMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDIZz2qR6I+F9LFE2NRixEwjxlPGnNEcXBXOMklvsVbIMV
rKLm+vQ2c086OEs0P9BNhTpIc2U3MtGTRlUdT51qevoRqnwqPbzFcBHtJoK5zRe8
eW3WrfPM9NYt8Ak8/q+cOYdLQg44irULRGtmNKY4/jGoSWGYdO7wvl2hf5joRgGR
DVt49WOQfPrRLHoCaZNo7X+YHijSFOwFHZXhvyDw8wgtmx3eMriftF5xJvvEiOvI
roSHpd2D+72PSRUtchHE3fLJLqy1laUzitYpnGmj8BTxbCTH3YKloUVODYGQ3XER
idX/THwDX1+3dAHg46qXXCH41BPQ0pegMfXiiM5dAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmfNtZJ0NQSpD2e1YC0/ETVNq3fAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzc5NDQ2Njk4LTFlY2MtNDI0Zi1iYjk5LWZmZjI0MTgzYTQ5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIzOsNMRtdNSLz8zz2Bg8Whxw3jB
mtz8I50c7eWn0y4Pty09r3fwUCBEYYSvPCCt66f0PAfsa4NrlmVeBgC8irxLMMfN
HadFbC3uO0XAw5+KdPD2BSqOCZz8xeDE6q+8kzf9kV3psG1jbltNu8grtfiAsiKh
IuSnMIwrrHnLTcfp3egLTlDXFVdAh03ZDxNxTA95ei9oahy3/rfOy+jNLJlXFnOh
QTnbRDQTWTVGP5B4U9NeLyn3GFo0Jto88xna2XSrHK1V1V/LAVxlLS2b5wVY/UEB
PXkk0bfBsALFzBuumjB1AxqZPK5KJxlZFoG2FBpRTzkdtrT5Tf2FUTvYwok=
-----END CERTIFICATE-----