Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f823856-7c85-4133-af23-00516a733c7e.roa
File:                     8f823856-7c85-4133-af23-00516a733c7e.roa (raw, json)
Hash identifier:          tRyCGxDpzs2PG3RPxCw4+ScDVx+Roe0wmtMva47fzz0=
Subject key identifier:   BC:A7:11:AC:59:78:F4:D6:66:A8:E6:2F:55:1F:6E:57:EA:E0:04:04
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       359FDD0A0F29FE5F97DD7AE4844400A23E9B5439
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f823856-7c85-4133-af23-00516a733c7e.roa
Signing time:             Sun 26 Nov 2023 00:00:00 +0000
ROA not before:           Sun 26 Nov 2023 00:00:00 +0000
ROA not after:            Sun 31 Dec 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:9f:dd:0a:0f:29:fe:5f:97:dd:7a:e4:84:44:00:a2:3e:9b:54:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 26 00:00:00 2023 GMT
            Not After : Dec 31 23:59:59 2023 GMT
        Subject: serialNumber=f9d85e788c2abd02f73f27af00ca4f1e1cccaa5e1d14606c2be4545ab0c2fbe4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4f:4a:d2:59:12:fc:a6:8e:ef:ab:c6:cb:85:
                    c6:db:8c:ae:fd:86:54:b5:7d:5e:8d:f1:a4:b8:66:
                    ca:36:b0:01:77:e7:8a:a9:a7:a7:84:5b:4a:4d:bd:
                    c9:f4:8a:c7:de:4d:52:01:40:22:36:62:67:c7:b8:
                    d9:c5:02:bd:d8:51:a2:2d:de:c2:2c:7f:fd:05:0a:
                    6a:f2:0b:31:37:89:b7:de:90:95:d9:3e:05:be:a8:
                    75:1b:90:84:da:c5:39:2f:5d:71:33:81:14:73:b4:
                    cf:e2:c0:bc:45:11:d3:a1:93:2d:e3:00:7e:d3:48:
                    a0:e3:fe:ee:5e:0a:51:85:e8:da:1c:f8:ea:40:51:
                    48:0d:4e:b3:3d:54:e5:b6:f4:fe:75:bd:54:8b:b8:
                    d3:c8:c8:6e:0f:19:42:b5:9b:4a:cd:ae:ca:81:8b:
                    4d:85:56:ae:cf:a8:25:dd:51:1f:20:d7:0b:de:a6:
                    bf:23:ee:fd:48:9b:81:c4:53:e1:a2:6f:3b:88:6d:
                    a9:07:49:90:24:69:3c:c0:81:2a:e9:07:e5:0c:ed:
                    48:3b:92:b1:c3:25:6f:96:2a:76:93:a3:8e:d7:b8:
                    4a:0f:0a:bf:2c:b8:c2:90:72:09:06:db:19:78:ef:
                    6c:b5:3d:41:61:42:b4:f3:bd:f0:a1:30:e0:6f:78:
                    c3:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:A7:11:AC:59:78:F4:D6:66:A8:E6:2F:55:1F:6E:57:EA:E0:04:04
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/8f823856-7c85-4133-af23-00516a733c7e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:17:86:fe:45:f2:a4:d9:7f:6c:01:88:44:44:0b:bf:88:c2:
         12:d7:19:2f:02:bd:53:3a:97:8d:a2:0e:25:ab:89:bf:96:c0:
         13:6c:30:fe:c4:a8:56:db:34:e4:42:be:20:3f:14:d8:cf:1c:
         cd:4d:9a:89:5c:77:0d:b2:c4:6a:7c:ae:2a:fa:0a:92:bc:77:
         e4:64:8a:84:0d:5e:4f:c1:7b:69:92:16:fb:fa:93:62:ce:5c:
         fb:80:ed:67:02:e5:0b:05:2f:01:05:fb:29:2e:20:bb:6c:d0:
         af:a6:16:e2:af:04:dc:4a:42:8f:50:80:ba:fe:04:74:38:a6:
         48:02:c6:73:73:0f:ef:39:b1:a1:ed:a5:3b:f1:74:13:c1:ae:
         d0:82:f5:27:44:36:16:6e:ef:35:4f:93:01:5f:fb:2f:fa:29:
         5a:0f:07:31:57:f0:56:fc:ac:bb:72:52:c5:f4:05:d4:3d:2c:
         de:33:ed:dd:b8:6d:eb:5e:dc:5c:7c:72:36:b4:9a:ee:ed:29:
         3e:83:5b:ec:a6:f0:68:7c:fd:a3:a5:5c:2d:98:fb:37:8b:43:
         f3:0f:f1:1d:99:08:81:02:0b:68:08:84:5b:44:13:78:e2:82:
         9f:23:c9:0c:b9:f4:4f:3a:09:08:74:6e:1a:65:36:6a:f7:ec:
         99:83:8d:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNZ/dCg8p/l+X3XrkhEQAoj6bVDkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTI2MDAwMDAwWhcNMjMxMjMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOWQ4NWU3ODhjMmFiZDAyZjczZjI3YWYwMGNhNGYxZTFj
Y2NhYTVlMWQxNDYwNmMyYmU0NTQ1YWIwYzJmYmU0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChT0rSWRL8po7vq8bLhcbbjK79hlS1fV6N8aS4Zso2sAF3
54qpp6eEW0pNvcn0isfeTVIBQCI2YmfHuNnFAr3YUaIt3sIsf/0FCmryCzE3ibfe
kJXZPgW+qHUbkITaxTkvXXEzgRRztM/iwLxFEdOhky3jAH7TSKDj/u5eClGF6Noc
+OpAUUgNTrM9VOW29P51vVSLuNPIyG4PGUK1m0rNrsqBi02FVq7PqCXdUR8g1wve
pr8j7v1Im4HEU+GibzuIbakHSZAkaTzAgSrpB+UM7Ug7krHDJW+WKnaTo47XuEoP
Cr8suMKQcgkG2xl472y1PUFhQrTzvfChMOBveMNfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvKcRrFl49NZmqOYvVR9uV+rgBAQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzhmODIzODU2LTdjODUtNDEzMy1hZjIzLTAwNTE2YTczM2M3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFQXhv5F8qTZf2wBiEREC7+IwhLX
GS8CvVM6l42iDiWrib+WwBNsMP7EqFbbNORCviA/FNjPHM1Nmolcdw2yxGp8rir6
CpK8d+RkioQNXk/Be2mSFvv6k2LOXPuA7WcC5QsFLwEF+ykuILts0K+mFuKvBNxK
Qo9QgLr+BHQ4pkgCxnNzD+85saHtpTvxdBPBrtCC9SdENhZu7zVPkwFf+y/6KVoP
BzFX8Fb8rLtyUsX0BdQ9LN4z7d24bete3Fx8cja0mu7tKT6DW+ym8Gh8/aOlXC2Y
+zeLQ/MP8R2ZCIECC2gIhFtEE3jigp8jyQy59E86CQh0bhplNmr37JmDjXY=
-----END CERTIFICATE-----