Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c20fa81f-ab99-4f7a-a057-995c105bf778.roa
File:                     c20fa81f-ab99-4f7a-a057-995c105bf778.roa (raw, json)
Hash identifier:          5IRDONgJkvTMC4+lPoXNnYjj58OAg2j8u91nJYkloN0=
Subject key identifier:   05:48:CC:77:D6:A3:A2:A5:5C:C3:E1:6D:85:E5:F2:66:FA:61:0E:4D
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       4447ABA0E1155C2206C97A6DE3191BDFE0BC22E5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c20fa81f-ab99-4f7a-a057-995c105bf778.roa
Signing time:             Wed 27 Dec 2023 00:00:00 +0000
ROA not before:           Wed 27 Dec 2023 00:00:00 +0000
ROA not after:            Wed 31 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:47:ab:a0:e1:15:5c:22:06:c9:7a:6d:e3:19:1b:df:e0:bc:22:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 27 00:00:00 2023 GMT
            Not After : Jan 31 23:59:59 2024 GMT
        Subject: serialNumber=bb873ccfbdb47991c23bb5ca5e8c01f86c2a11ccb0bbe155452a17db5d695c80, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:43:69:60:eb:b4:0e:78:f5:45:47:ff:71:ee:
                    a9:e2:23:02:9e:1e:5e:af:9d:04:1f:33:02:bd:92:
                    c3:bd:07:04:74:cb:ea:4e:41:a8:7b:1b:fd:53:5f:
                    4d:ee:17:a6:d0:80:bb:48:26:2b:22:53:26:6b:a3:
                    c0:9f:80:2c:c9:24:e9:72:64:46:ed:99:07:32:64:
                    da:bd:fb:a0:f4:b2:a8:0f:18:fc:8a:db:55:cf:3c:
                    ba:0f:3b:eb:6e:79:83:f0:92:e2:c3:06:40:ad:17:
                    ea:c1:34:79:fc:a9:f6:8b:0a:7c:01:44:16:da:c1:
                    fd:34:b4:1b:db:5e:b1:ab:ad:e0:3c:45:37:bd:0f:
                    27:8e:4a:7f:64:7e:1c:7d:d7:4f:ba:b1:b8:96:ab:
                    71:16:68:37:28:3d:c6:3a:49:eb:a0:1a:5d:63:fc:
                    a3:1e:ee:d5:f9:67:a1:5d:28:c9:bf:56:05:45:43:
                    10:2b:55:a0:d9:16:b0:6f:d4:15:8f:4c:f2:3f:67:
                    83:09:2b:81:31:50:f6:85:e2:88:16:0d:cc:10:ec:
                    45:a7:34:78:c8:ed:3d:78:38:e7:e2:38:6d:7c:cb:
                    89:4a:de:1a:75:fa:4e:3a:82:ac:07:b5:0b:7f:93:
                    bb:f3:56:5c:09:4e:df:af:93:c6:25:1e:7f:a0:91:
                    d2:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:48:CC:77:D6:A3:A2:A5:5C:C3:E1:6D:85:E5:F2:66:FA:61:0E:4D
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c20fa81f-ab99-4f7a-a057-995c105bf778.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:80:ba:db:66:27:a8:7d:7a:0e:a4:98:4e:c7:a2:82:4a:16:
         49:b8:70:16:1d:de:8f:1a:44:eb:e8:3c:2e:a5:70:69:f7:d4:
         21:29:c6:86:e3:5a:7b:85:82:81:75:43:4d:0c:3e:36:a8:42:
         45:e4:6e:f5:88:24:8b:3a:67:c6:90:d0:73:b9:35:1d:9d:09:
         36:65:7c:ff:b1:03:d6:4f:1b:17:42:d9:08:93:0b:a8:9e:d2:
         c6:a9:b4:1f:3f:b1:8e:c1:ee:f8:c5:d5:fe:63:69:4f:3d:09:
         18:b1:14:c0:4d:61:51:24:53:17:54:58:4f:b8:2e:01:c7:6d:
         7f:be:b8:65:83:a7:4e:a2:cd:00:70:3b:b0:37:2f:45:90:74:
         38:a0:8e:b0:c0:fa:be:34:07:1a:4e:f9:90:c8:24:e6:e0:58:
         33:15:bc:db:a5:39:7f:2d:89:5d:e6:8b:24:ec:70:ea:4a:ad:
         99:23:2a:8c:ca:a3:d9:e2:2a:3e:b2:e8:9d:1a:00:61:7d:88:
         44:35:65:f6:d4:f7:53:1e:ce:46:67:de:b6:8f:0a:ca:d8:d3:
         07:eb:d8:18:3c:fe:30:26:3f:59:e1:1d:82:a3:df:aa:f8:fc:
         37:1f:2e:c2:aa:44:9f:c6:94:e0:b1:b9:12:e6:fa:95:35:b4:
         d3:4f:53:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUREeroOEVXCIGyXpt4xkb3+C8IuUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjI3MDAwMDAwWhcNMjQwMTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjg3M2NjZmJkYjQ3OTkxYzIzYmI1Y2E1ZThjMDFmODZj
MmExMWNjYjBiYmUxNTU0NTJhMTdkYjVkNjk1YzgwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpQ2lg67QOePVFR/9x7qniIwKeHl6vnQQfMwK9ksO9BwR0
y+pOQah7G/1TX03uF6bQgLtIJisiUyZro8CfgCzJJOlyZEbtmQcyZNq9+6D0sqgP
GPyK21XPPLoPO+tueYPwkuLDBkCtF+rBNHn8qfaLCnwBRBbawf00tBvbXrGrreA8
RTe9DyeOSn9kfhx910+6sbiWq3EWaDcoPcY6SeugGl1j/KMe7tX5Z6FdKMm/VgVF
QxArVaDZFrBv1BWPTPI/Z4MJK4ExUPaF4ogWDcwQ7EWnNHjI7T14OOfiOG18y4lK
3hp1+k46gqwHtQt/k7vzVlwJTt+vk8YlHn+gkdJ1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBUjMd9ajoqVcw+FtheXyZvphDk0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2MyMGZhODFmLWFiOTktNGY3YS1hMDU3LTk5NWMxMDViZjc3OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADSAuttmJ6h9eg6kmE7HooJKFkm4
cBYd3o8aROvoPC6lcGn31CEpxobjWnuFgoF1Q00MPjaoQkXkbvWIJIs6Z8aQ0HO5
NR2dCTZlfP+xA9ZPGxdC2QiTC6ie0saptB8/sY7B7vjF1f5jaU89CRixFMBNYVEk
UxdUWE+4LgHHbX++uGWDp06izQBwO7A3L0WQdDigjrDA+r40BxpO+ZDIJObgWDMV
vNulOX8tiV3miyTscOpKrZkjKozKo9niKj6y6J0aAGF9iEQ1ZfbU91MezkZn3raP
CsrY0wfr2Bg8/jAmP1nhHYKj36r4/DcfLsKqRJ/GlOCxuRLm+pU1tNNPU38=