Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a7bb446e-ea34-440f-8383-fe419237dea7.roa
File:                     a7bb446e-ea34-440f-8383-fe419237dea7.roa (raw, json)
Hash identifier:          UpK3KRn8xayStKnSWs3DMawijX7u2/U/bWdBtlr6wIg=
Subject key identifier:   43:4B:D8:BD:53:F1:7D:07:BA:59:10:BA:6A:33:DE:1D:0E:C2:83:46
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       7742F1AB1AB74F36A33988E9402F3C019CA0881F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a7bb446e-ea34-440f-8383-fe419237dea7.roa
Signing time:             Wed 13 Dec 2023 00:00:00 +0000
ROA not before:           Wed 13 Dec 2023 00:00:00 +0000
ROA not after:            Wed 17 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:42:f1:ab:1a:b7:4f:36:a3:39:88:e9:40:2f:3c:01:9c:a0:88:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 13 00:00:00 2023 GMT
            Not After : Jan 17 23:59:59 2024 GMT
        Subject: serialNumber=a83ca6d3dbb016a0bf0cd0dc7ca241ae3d3ed80f158efab88f4956ac7a856fde, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:6e:b3:69:63:cb:a7:4f:d7:ca:59:b4:e6:4c:
                    8c:dd:e3:3d:c2:28:75:3d:b2:ac:48:08:85:39:10:
                    82:f6:a8:c6:92:05:79:1b:20:05:10:6e:dc:65:08:
                    92:43:22:44:76:9f:ea:bc:a0:20:8d:1c:d5:33:3c:
                    86:d7:e6:a2:04:91:c0:43:94:28:de:36:0b:4e:2b:
                    7e:02:3f:75:79:fc:7e:4c:2d:f4:24:85:56:4e:92:
                    49:d9:7b:25:8d:b1:b9:7f:d8:fe:4c:4c:c6:59:d1:
                    07:03:8a:1a:c3:e2:e0:de:15:03:75:c8:b1:28:70:
                    3c:83:a3:03:b2:63:3b:56:67:3c:88:12:7d:76:f6:
                    20:8f:9e:07:78:ea:2f:da:9a:0c:f2:e4:07:6a:e4:
                    eb:0a:4b:61:72:6d:21:44:08:c1:94:47:72:59:23:
                    74:a6:38:e5:3c:ca:3f:8c:e6:b7:89:60:9c:2b:bb:
                    6f:f7:7a:b3:0f:5d:a1:cf:6f:af:f9:f4:be:a1:3b:
                    e1:20:72:67:6b:b9:47:7a:4d:dc:f7:6e:bf:59:df:
                    69:ff:bb:07:4c:ca:85:50:86:6f:49:55:ac:c2:d4:
                    e2:09:7e:d7:99:c7:54:6d:eb:30:ac:66:9e:02:7e:
                    e2:fd:c8:d9:4d:46:e6:fe:70:6d:ef:36:43:14:f1:
                    b5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:4B:D8:BD:53:F1:7D:07:BA:59:10:BA:6A:33:DE:1D:0E:C2:83:46
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a7bb446e-ea34-440f-8383-fe419237dea7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:66:61:6f:dc:8c:6c:11:df:af:96:7a:2a:f0:e6:06:d9:44:
         bb:45:a8:eb:64:2e:68:10:68:59:7b:5b:35:d0:f8:3d:22:72:
         90:3a:4b:8f:d3:1f:22:f2:b0:04:e5:be:40:29:cd:d1:af:f4:
         25:ec:31:f2:d2:3a:ba:55:6d:1d:61:60:61:6e:b5:0a:c9:ad:
         47:00:90:c6:35:5d:19:0b:c5:04:58:e7:c4:6d:49:c0:d5:eb:
         b8:23:84:a4:0d:6a:b2:28:c9:a9:2f:5b:7b:79:28:23:73:94:
         3e:b4:25:06:61:8b:07:c0:91:c8:67:32:40:3c:6d:7f:97:38:
         93:99:79:3a:1b:cd:b4:d7:fd:99:90:af:0c:fa:3d:da:15:15:
         98:9d:cc:73:65:9b:d8:ae:06:17:6e:80:27:37:1e:ba:52:d3:
         66:6b:33:5f:6e:dd:f5:01:5b:61:7e:90:78:e6:01:bf:a9:60:
         cf:b6:d6:ae:64:ad:52:2d:1b:7b:53:9f:ac:ba:73:cf:6d:38:
         ef:fc:3a:d5:27:d4:30:10:63:b4:47:57:96:54:d6:3c:2a:e0:
         e5:3f:26:24:c9:be:b2:72:dd:52:89:92:19:f3:bf:e8:98:23:
         ff:7a:2f:fa:c6:bf:c4:b4:d9:ce:aa:c3:43:ec:15:bf:e8:e9:
         13:7b:8e:58
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd0Lxqxq3TzajOYjpQC88AZygiB8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjEzMDAwMDAwWhcNMjQwMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhODNjYTZkM2RiYjAxNmEwYmYwY2QwZGM3Y2EyNDFhZTNk
M2VkODBmMTU4ZWZhYjg4ZjQ5NTZhYzdhODU2ZmRlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDObrNpY8unT9fKWbTmTIzd4z3CKHU9sqxICIU5EIL2qMaS
BXkbIAUQbtxlCJJDIkR2n+q8oCCNHNUzPIbX5qIEkcBDlCjeNgtOK34CP3V5/H5M
LfQkhVZOkknZeyWNsbl/2P5MTMZZ0QcDihrD4uDeFQN1yLEocDyDowOyYztWZzyI
En129iCPngd46i/amgzy5Adq5OsKS2FybSFECMGUR3JZI3SmOOU8yj+M5reJYJwr
u2/3erMPXaHPb6/59L6hO+EgcmdruUd6Tdz3br9Z32n/uwdMyoVQhm9JVazC1OIJ
fteZx1Rt6zCsZp4CfuL9yNlNRub+cG3vNkMU8bUDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQ0vYvVPxfQe6WRC6ajPeHQ7Cg0YwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2E3YmI0NDZlLWVhMzQtNDQwZi04MzgzLWZlNDE5MjM3ZGVhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIdmYW/cjGwR36+Weirw5gbZRLtF
qOtkLmgQaFl7WzXQ+D0icpA6S4/THyLysATlvkApzdGv9CXsMfLSOrpVbR1hYGFu
tQrJrUcAkMY1XRkLxQRY58RtScDV67gjhKQNarIoyakvW3t5KCNzlD60JQZhiwfA
kchnMkA8bX+XOJOZeTobzbTX/ZmQrwz6PdoVFZidzHNlm9iuBhdugCc3HrpS02Zr
M19u3fUBW2F+kHjmAb+pYM+21q5krVItG3tTn6y6c89tOO/8OtUn1DAQY7RHV5ZU
1jwq4OU/JiTJvrJy3VKJkhnzv+iYI/96L/rGv8S02c6qw0PsFb/o6RN7jlg=
-----END CERTIFICATE-----