Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7d2f7256-9692-4f89-8545-b9032332645d.roa
File:                     7d2f7256-9692-4f89-8545-b9032332645d.roa (raw, json)
Hash identifier:          5f4/+yjWVAIvDV57rFnwxqv4jdiER7C2gBktVpsiqFQ=
Subject key identifier:   70:0B:9B:C4:53:88:70:78:19:FD:1A:57:D3:3E:97:0C:6C:D3:12:E0
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       27397933442B8F84A50C4167EBF2E4238224DADE
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7d2f7256-9692-4f89-8545-b9032332645d.roa
Signing time:             Fri 01 Dec 2023 00:00:00 +0000
ROA not before:           Fri 01 Dec 2023 00:00:00 +0000
ROA not after:            Fri 05 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:39:79:33:44:2b:8f:84:a5:0c:41:67:eb:f2:e4:23:82:24:da:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec  1 00:00:00 2023 GMT
            Not After : Jan  5 23:59:59 2024 GMT
        Subject: serialNumber=f80e32ddfbfc8dde00f4eb193aca2f453c8423540c2f7a264241b2084daa5cbb, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:15:9d:5c:4d:44:d7:ad:3c:a8:38:af:d0:ec:
                    7e:f7:18:9b:24:35:75:f7:4d:d5:59:b6:b7:10:0b:
                    c7:0f:e7:61:ab:b7:53:18:e1:5d:ce:4f:a3:e6:b9:
                    db:96:f9:7e:10:6d:54:39:d5:5e:35:d3:86:b0:eb:
                    6e:e1:00:73:e3:1e:06:16:b2:95:30:dc:fb:cf:91:
                    34:6d:e5:e9:fb:a2:8d:6b:41:f3:51:1e:fb:bd:4b:
                    63:99:20:4c:fd:0f:6e:5e:a2:85:c8:20:e2:0f:d2:
                    2f:85:5e:70:1f:97:85:68:48:88:ad:9a:b3:e7:da:
                    a6:96:20:97:7c:d2:2a:67:15:b0:7a:3a:e9:9f:97:
                    6d:39:61:17:a0:12:3e:e8:cd:6a:30:bd:6f:5a:82:
                    95:45:cf:09:74:03:1c:74:6d:56:1e:fb:41:94:5b:
                    d8:62:19:65:07:96:b8:2c:f1:18:9c:cf:4b:b8:15:
                    f5:ba:ab:ca:5f:a8:c9:67:f3:1d:e2:63:a5:88:f4:
                    5b:52:87:87:0a:ef:66:44:4a:73:83:28:ab:67:e7:
                    39:fb:1e:37:56:ae:fd:1c:35:44:03:57:3e:17:44:
                    a4:bf:b5:fa:5f:59:05:8a:e0:34:a9:df:0a:5e:d8:
                    4e:26:25:03:d7:5b:37:a9:f8:2d:7b:b7:37:1d:17:
                    7e:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:0B:9B:C4:53:88:70:78:19:FD:1A:57:D3:3E:97:0C:6C:D3:12:E0
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7d2f7256-9692-4f89-8545-b9032332645d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:43:60:18:1f:71:76:2d:42:50:36:e9:2a:ce:23:53:5a:78:
         24:3b:c7:cf:c0:4f:8d:06:7b:bd:8c:2a:0d:6f:33:c5:85:f9:
         45:5a:3d:af:c0:25:da:30:8f:86:43:38:b7:bf:65:dc:46:d1:
         b1:05:9a:1d:7b:aa:31:02:ce:ff:85:1e:27:3a:1d:35:a4:1b:
         78:11:e2:eb:73:ff:0f:b2:c7:c1:22:a3:60:5e:fb:30:87:ce:
         c6:f8:f6:15:18:b0:9d:ed:05:b7:30:af:a8:3c:a8:8b:84:86:
         2a:a7:7b:c4:c7:59:99:f1:3c:0f:40:74:1c:92:6f:a5:39:d7:
         d5:b7:9a:6a:3c:7f:3c:79:b0:dd:7a:94:d4:1c:06:3d:dc:5a:
         ac:73:b9:1f:cc:6f:54:8e:b6:a5:92:cc:7b:43:5e:39:88:fd:
         bd:c2:d0:ab:1d:30:bf:1e:fb:68:ed:c6:39:b8:47:19:70:c8:
         79:34:d0:51:23:fb:af:d0:8e:ac:b2:9b:a2:47:ff:a4:11:4f:
         23:95:a1:bf:83:8a:b6:af:24:67:69:92:26:ad:6b:38:c2:ff:
         9c:2a:63:36:e8:7b:67:01:a5:e1:9b:4a:47:4a:f6:8c:e9:7a:
         08:ac:e3:fc:ea:46:5e:e2:d5:47:4f:88:3b:80:36:6c:04:0d:
         af:a3:ab:ee
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJzl5M0Qrj4SlDEFn6/LkI4Ik2t4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjAxMDAwMDAwWhcNMjQwMTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmODBlMzJkZGZiZmM4ZGRlMDBmNGViMTkzYWNhMmY0NTNj
ODQyMzU0MGMyZjdhMjY0MjQxYjIwODRkYWE1Y2JiMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4FZ1cTUTXrTyoOK/Q7H73GJskNXX3TdVZtrcQC8cP52Gr
t1MY4V3OT6PmuduW+X4QbVQ51V4104aw627hAHPjHgYWspUw3PvPkTRt5en7oo1r
QfNRHvu9S2OZIEz9D25eooXIIOIP0i+FXnAfl4VoSIitmrPn2qaWIJd80ipnFbB6
Oumfl205YRegEj7ozWowvW9agpVFzwl0Axx0bVYe+0GUW9hiGWUHlrgs8Ricz0u4
FfW6q8pfqMln8x3iY6WI9FtSh4cK72ZESnODKKtn5zn7HjdWrv0cNUQDVz4XRKS/
tfpfWQWK4DSp3wpe2E4mJQPXWzep+C17tzcdF37ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcAubxFOIcHgZ/RpX0z6XDGzTEuAwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdkMmY3MjU2LTk2OTItNGY4OS04NTQ1LWI5MDMyMzMyNjQ1ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADFDYBgfcXYtQlA26SrOI1NaeCQ7
x8/AT40Ge72MKg1vM8WF+UVaPa/AJdowj4ZDOLe/ZdxG0bEFmh17qjECzv+FHic6
HTWkG3gR4utz/w+yx8Eio2Be+zCHzsb49hUYsJ3tBbcwr6g8qIuEhiqne8THWZnx
PA9AdBySb6U519W3mmo8fzx5sN16lNQcBj3cWqxzuR/Mb1SOtqWSzHtDXjmI/b3C
0KsdML8e+2jtxjm4RxlwyHk00FEj+6/Qjqyym6JH/6QRTyOVob+DiravJGdpkiat
azjC/5wqYzboe2cBpeGbSkdK9ozpegis4/zqRl7i1UdPiDuANmwEDa+jq+4=
-----END CERTIFICATE-----