Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8bfe2aa9-9fc8-4956-8336-c532f8bb93b5.roa
File:                     8bfe2aa9-9fc8-4956-8336-c532f8bb93b5.roa (raw, json)
Hash identifier:          dMNNNTDqRs19Xp0aW0nR+9ZZxI3rrgw7dCwWiXqccLs=
Subject key identifier:   D0:D1:CC:49:3E:B8:C2:46:79:22:BD:E9:F5:92:20:E3:D1:FB:15:18
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       56D8163209D087F137019E8D15393EDCD5EC4AFA
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8bfe2aa9-9fc8-4956-8336-c532f8bb93b5.roa
Signing time:             Thu 21 Dec 2023 00:00:00 +0000
ROA not before:           Thu 21 Dec 2023 00:00:00 +0000
ROA not after:            Thu 25 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:d8:16:32:09:d0:87:f1:37:01:9e:8d:15:39:3e:dc:d5:ec:4a:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 21 00:00:00 2023 GMT
            Not After : Jan 25 23:59:59 2024 GMT
        Subject: serialNumber=359c2874a31037d6af0eef2aa7282b78f67df67b6cc6902d24f652de1508f562, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:8d:e2:26:9c:de:01:c3:ab:07:59:23:c2:97:
                    dc:5f:74:5e:56:a8:80:6d:68:24:0d:81:cf:17:51:
                    26:8d:85:1a:55:69:f7:12:d6:95:18:b8:58:da:1e:
                    dd:14:e1:b3:5a:bf:3e:1b:6e:bd:56:08:52:f0:aa:
                    ea:29:1c:b4:ee:17:fd:55:ce:3d:d9:75:3e:8b:6f:
                    67:88:50:1b:a7:32:7d:fe:eb:da:40:41:0a:85:ba:
                    6b:77:8e:4c:db:e4:37:23:0e:20:38:c4:76:7a:32:
                    28:2c:e4:57:4d:6f:66:4c:3b:62:12:54:01:b6:38:
                    6f:cc:77:ee:4d:c3:f3:b7:38:23:3e:fd:81:21:81:
                    4b:17:9a:65:25:a8:62:1a:a3:7b:2f:ca:f6:ed:78:
                    19:53:f1:02:2e:50:5a:a8:b7:30:fc:7c:33:ea:aa:
                    2b:30:b5:15:b5:14:48:9c:90:e7:e2:87:2c:7d:94:
                    2e:9b:e7:a1:35:01:ae:9f:21:08:0f:04:c9:45:12:
                    c2:9f:2b:56:d9:f9:3b:c8:42:b9:f1:83:7f:37:40:
                    8b:48:35:38:e5:be:45:c8:52:85:84:f4:85:e5:1e:
                    b5:bc:30:86:bc:32:70:20:0f:b1:e1:aa:41:95:2b:
                    67:4f:61:9a:1c:28:29:e2:16:0c:c7:f4:ca:5b:8f:
                    93:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:D1:CC:49:3E:B8:C2:46:79:22:BD:E9:F5:92:20:E3:D1:FB:15:18
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8bfe2aa9-9fc8-4956-8336-c532f8bb93b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:9e:95:f8:20:43:8a:9b:19:4f:22:ca:4a:f1:f5:a5:10:e2:
         08:54:0c:e2:1f:c0:e3:08:92:af:ee:a0:d4:b6:7e:d4:5d:38:
         3a:04:b0:d1:50:df:63:c0:dd:17:3d:c7:6d:4a:af:2b:49:4c:
         85:aa:79:2c:da:01:81:1c:64:da:3e:a1:68:ac:87:4b:3c:f8:
         f6:2c:47:60:1a:9c:67:fb:c7:7f:b5:e2:75:d5:58:78:d7:bf:
         a5:ca:77:96:2c:b3:f5:37:5e:4c:26:71:c2:9c:65:c6:46:fa:
         44:2f:5d:0a:5d:93:22:fc:97:fb:08:8e:c7:c4:88:b9:e7:e8:
         a2:11:43:81:ee:05:7a:51:fc:c0:c9:3e:a4:70:59:86:34:f9:
         74:99:9b:85:3f:97:20:7e:78:b2:c5:e6:f8:98:38:64:bb:b7:
         80:64:5b:e8:73:43:0f:4a:57:0e:9e:25:c3:6c:36:74:98:6b:
         7e:fe:3e:1b:ce:af:5a:6d:0e:2f:59:4c:93:9e:76:12:be:e5:
         87:45:63:c3:a6:08:b7:06:5c:f3:83:77:6d:da:98:68:7a:45:
         97:c3:af:bc:ad:b9:ef:10:bc:dc:62:f3:dc:1c:c2:53:70:44:
         b5:9f:b5:51:e9:d4:28:e7:c9:bb:75:d4:f3:2b:ab:ed:a5:d8:
         18:61:57:5c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVtgWMgnQh/E3AZ6NFTk+3NXsSvowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjIxMDAwMDAwWhcNMjQwMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTljMjg3NGEzMTAzN2Q2YWYwZWVmMmFhNzI4MmI3OGY2
N2RmNjdiNmNjNjkwMmQyNGY2NTJkZTE1MDhmNTYyMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFjeImnN4Bw6sHWSPCl9xfdF5WqIBtaCQNgc8XUSaNhRpV
afcS1pUYuFjaHt0U4bNavz4bbr1WCFLwquopHLTuF/1Vzj3ZdT6Lb2eIUBunMn3+
69pAQQqFumt3jkzb5DcjDiA4xHZ6Migs5FdNb2ZMO2ISVAG2OG/Md+5Nw/O3OCM+
/YEhgUsXmmUlqGIao3svyvbteBlT8QIuUFqotzD8fDPqqiswtRW1FEickOfihyx9
lC6b56E1Aa6fIQgPBMlFEsKfK1bZ+TvIQrnxg383QItINTjlvkXIUoWE9IXlHrW8
MIa8MnAgD7HhqkGVK2dPYZocKCniFgzH9Mpbj5MjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0NHMST64wkZ5Ir3p9ZIg49H7FRgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhiZmUyYWE5LTlmYzgtNDk1Ni04MzM2LWM1MzJmOGJiOTNiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKqelfggQ4qbGU8iykrx9aUQ4ghU
DOIfwOMIkq/uoNS2ftRdODoEsNFQ32PA3Rc9x21KrytJTIWqeSzaAYEcZNo+oWis
h0s8+PYsR2AanGf7x3+14nXVWHjXv6XKd5Yss/U3XkwmccKcZcZG+kQvXQpdkyL8
l/sIjsfEiLnn6KIRQ4HuBXpR/MDJPqRwWYY0+XSZm4U/lyB+eLLF5viYOGS7t4Bk
W+hzQw9KVw6eJcNsNnSYa37+PhvOr1ptDi9ZTJOedhK+5YdFY8OmCLcGXPODd23a
mGh6RZfDr7ytue8QvNxi89wcwlNwRLWftVHp1Cjnybt11PMrq+2l2BhhV1w=
-----END CERTIFICATE-----