Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f5f7166-44a9-4c30-a9cb-d14701e6b97d.roa
File:                     8f5f7166-44a9-4c30-a9cb-d14701e6b97d.roa (raw, json)
Hash identifier:          Dr+UEbJEQz6UcGlOtgVt24x9mnn4uj3JNIc8qYWq59U=
Subject key identifier:   00:92:78:44:3A:B9:E7:EC:AC:9A:EC:F5:2A:32:97:65:BA:E3:D3:B9
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       48531AF5E20E61FC9BB020CFE1385B889BB8AF3E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f5f7166-44a9-4c30-a9cb-d14701e6b97d.roa
Signing time:             Sun 21 Apr 2024 00:00:00 +0000
ROA not before:           Sun 21 Apr 2024 00:00:00 +0000
ROA not after:            Sun 26 May 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 21 Apr 2024 14:49:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:53:1a:f5:e2:0e:61:fc:9b:b0:20:cf:e1:38:5b:88:9b:b8:af:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 21 00:00:00 2024 GMT
            Not After : May 26 23:59:59 2024 GMT
        Subject: serialNumber=71ca07ce21d7dc8fa83df3c436c872ce384a3671152f288bf07f5eb97fe369ef, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:96:7a:03:9c:fb:8d:ab:8e:17:a5:cc:5e:a6:
                    b2:af:6b:46:80:90:d6:c7:ba:86:73:be:81:e1:1c:
                    bf:13:a4:65:5c:11:d7:f9:e7:c5:90:43:10:c7:e9:
                    b7:f6:5c:da:bc:36:da:b6:c3:df:b7:61:c2:bd:83:
                    c9:c8:43:ee:06:9c:f6:32:20:f9:2c:d4:7e:34:ab:
                    9e:52:fe:b8:ae:25:70:2c:15:c4:c6:a7:a3:28:91:
                    16:29:03:ab:35:f6:02:65:b8:47:4f:3c:9c:3b:33:
                    a5:b2:fb:15:16:e2:d7:7b:20:97:40:70:01:3c:07:
                    b0:7c:c4:47:33:14:81:08:72:52:cd:b6:77:80:f2:
                    52:6e:cd:3c:ea:29:14:73:d7:9c:c9:ca:f4:09:34:
                    46:fb:73:86:c3:05:03:32:de:74:67:9c:58:b1:0f:
                    85:bc:4a:9d:bc:60:56:98:84:8c:c8:ba:0a:d6:f5:
                    b3:00:18:18:ed:f5:4d:ca:71:c9:18:f5:ff:5f:f6:
                    c6:29:72:ad:ea:f1:0a:cc:2b:4c:40:a1:98:da:94:
                    ed:75:3d:be:6b:6c:73:cb:78:90:1c:f0:82:85:9f:
                    e5:ab:68:d8:4d:e5:da:68:57:81:9d:98:4d:72:aa:
                    c8:9c:4e:99:d8:00:96:05:34:88:56:ec:60:e5:b2:
                    da:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:92:78:44:3A:B9:E7:EC:AC:9A:EC:F5:2A:32:97:65:BA:E3:D3:B9
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f5f7166-44a9-4c30-a9cb-d14701e6b97d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:b7:e7:26:b9:33:5b:9d:c1:f1:a7:1a:1a:c5:2f:db:bb:ba:
         31:cb:be:4d:2e:e3:93:6f:40:0e:96:3f:7e:6e:93:7d:dc:c9:
         eb:78:48:bd:92:06:c4:09:8d:29:3e:ec:79:3c:91:19:7c:ac:
         90:2f:b2:50:2a:d5:70:25:98:96:fd:f0:0a:7a:fe:4c:44:29:
         6c:f5:c0:fc:c9:84:cc:ce:91:d4:05:37:40:ce:4b:c6:f2:da:
         44:73:a2:a2:4a:f3:86:78:2d:92:67:7f:9c:ba:66:14:75:82:
         be:ed:d0:06:4a:8d:47:3e:80:f7:71:c3:f0:36:4d:77:08:eb:
         5c:61:e5:09:e0:33:79:da:57:51:85:29:01:79:48:35:3e:46:
         54:d6:73:a3:63:d1:ce:d4:bf:8c:35:54:0f:4c:dd:be:db:cb:
         90:2c:39:6b:2e:c5:43:0a:16:89:69:85:d4:f3:75:ef:62:c5:
         7f:6e:98:55:6f:e5:7d:69:73:95:6d:3c:de:fa:1f:a6:c9:64:
         05:13:c7:55:e2:1c:a6:58:58:ce:7f:b3:e5:be:c6:64:86:b5:
         9a:4e:e5:8c:44:a8:57:93:ad:95:78:1d:76:08:26:d8:a6:1b:
         1f:8b:0a:95:2c:4d:4a:30:3d:f5:a1:25:08:79:22:f8:d1:81:
         73:bc:91:23
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSFMa9eIOYfybsCDP4ThbiJu4rz4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwNDIxMDAwMDAwWhcNMjQwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MWNhMDdjZTIxZDdkYzhmYTgzZGYzYzQzNmM4NzJjZTM4
NGEzNjcxMTUyZjI4OGJmMDdmNWViOTdmZTM2OWVmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCllnoDnPuNq44XpcxeprKva0aAkNbHuoZzvoHhHL8TpGVc
Edf558WQQxDH6bf2XNq8Ntq2w9+3YcK9g8nIQ+4GnPYyIPks1H40q55S/riuJXAs
FcTGp6MokRYpA6s19gJluEdPPJw7M6Wy+xUW4td7IJdAcAE8B7B8xEczFIEIclLN
tneA8lJuzTzqKRRz15zJyvQJNEb7c4bDBQMy3nRnnFixD4W8Sp28YFaYhIzIugrW
9bMAGBjt9U3KcckY9f9f9sYpcq3q8QrMK0xAoZjalO11Pb5rbHPLeJAc8IKFn+Wr
aNhN5dpoV4GdmE1yqsicTpnYAJYFNIhW7GDlstoTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUAJJ4RDq55+ysmuz1KjKXZbrj07kwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhmNWY3MTY2LTQ0YTktNGMzMC1hOWNiLWQxNDcwMWU2Yjk3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGm35ya5M1udwfGnGhrFL9u7ujHL
vk0u45NvQA6WP35uk33cyet4SL2SBsQJjSk+7Hk8kRl8rJAvslAq1XAlmJb98Ap6
/kxEKWz1wPzJhMzOkdQFN0DOS8by2kRzoqJK84Z4LZJnf5y6ZhR1gr7t0AZKjUc+
gPdxw/A2TXcI61xh5QngM3naV1GFKQF5SDU+RlTWc6Nj0c7Uv4w1VA9M3b7by5As
OWsuxUMKFolphdTzde9ixX9umFVv5X1pc5VtPN76H6bJZAUTx1XiHKZYWM5/s+W+
xmSGtZpO5YxEqFeTrZV4HXYIJtimGx+LCpUsTUowPfWhJQh5IvjRgXO8kSM=
-----END CERTIFICATE-----