Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dd63d21d-e623-4783-a891-ac2fda468adb.roa
File: dd63d21d-e623-4783-a891-ac2fda468adb.roa (raw, json)
Hash identifier: HrdEpYiBLMPexoQvQwpcG6qWo9DUQnb6jw+lGgN5Flw=
Subject key identifier: 69:22:FF:34:D7:B1:C7:4F:A0:45:46:52:22:3B:97:D6:88:1A:50:F3
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 24A4E165623474EF1D3C200922A50CB5166A432C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dd63d21d-e623-4783-a891-ac2fda468adb.roa
Signing time: Wed 20 Dec 2023 00:00:00 +0000
ROA not before: Wed 20 Dec 2023 00:00:00 +0000
ROA not after: Wed 24 Jan 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:a4:e1:65:62:34:74:ef:1d:3c:20:09:22:a5:0c:b5:16:6a:43:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Dec 20 00:00:00 2023 GMT
Not After : Jan 24 23:59:59 2024 GMT
Subject: serialNumber=ea9aaec930ad31228bc1a51681d6b8b3d45ffa9faf64dc06be8ce74ddad43f9d, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:41:23:5d:98:ba:81:5f:59:e6:8b:87:10:5e:
b5:3f:40:4a:14:7c:70:06:4b:40:85:86:47:65:43:
e8:41:c6:d2:b1:8d:24:c1:4a:3c:55:21:e7:0d:3f:
c2:e3:05:a7:b0:79:34:07:66:49:ae:e6:cf:e9:b7:
81:29:11:ed:4b:a6:91:35:96:80:28:ac:16:96:9f:
5b:82:3a:60:2d:18:49:e0:3d:07:a3:14:43:4e:d7:
85:57:f0:f3:3f:d1:04:10:ed:1a:8e:30:82:3e:61:
51:71:ac:17:47:1b:ba:9d:8b:f9:01:eb:98:2e:c8:
0e:0b:11:ea:79:52:38:e4:85:70:23:36:83:f9:b0:
43:2d:ec:4f:c4:bb:ef:47:23:42:82:12:df:9b:79:
82:46:5b:cb:59:9e:6c:bb:7a:44:58:a0:0f:5d:dd:
e5:96:0b:1a:f4:61:9f:c9:35:c7:2c:dd:ef:dc:1a:
73:f2:75:cf:96:e4:ca:f3:c1:c1:cd:e4:5e:c6:bb:
f3:99:34:eb:33:4d:af:6b:4f:7e:93:bd:de:9e:a2:
ce:0e:38:3d:df:14:85:fc:5b:24:58:32:5d:ae:50:
d9:f5:39:93:16:5b:d4:c2:17:4a:90:8b:3c:6f:a9:
c1:fa:72:38:0e:7b:71:ea:ab:f0:77:a3:c5:94:fd:
f8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:22:FF:34:D7:B1:C7:4F:A0:45:46:52:22:3B:97:D6:88:1A:50:F3
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dd63d21d-e623-4783-a891-ac2fda468adb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
70:af:8b:76:8f:52:56:c1:b8:dc:5a:79:67:66:73:20:b8:86:
c7:84:28:19:01:17:c1:15:0c:34:ac:4e:2b:d8:cf:e2:8c:48:
c9:10:84:30:41:41:cc:09:b8:e0:c7:82:8c:06:f4:2b:ff:ef:
b4:a8:36:99:43:4f:4d:34:03:5e:31:6a:8c:b8:00:43:73:8e:
16:87:69:ef:e5:5f:ed:a5:02:df:95:97:a3:2b:7a:7a:24:22:
a8:c9:f5:b7:1d:e4:5f:b4:0b:91:6a:81:c8:02:84:99:04:d6:
85:38:c3:48:df:18:00:aa:95:18:9d:11:34:45:e2:61:98:c7:
db:12:79:0a:ee:95:6f:53:4f:35:be:82:e8:db:16:c7:54:3d:
c7:46:d5:d0:de:81:00:1b:c9:62:44:b4:a0:dd:5c:af:d8:f7:
02:27:8e:c7:d1:84:a2:b2:91:2c:bc:de:90:ac:ff:12:0a:64:
7f:86:85:de:aa:cd:4c:96:4a:fb:ab:50:1b:e6:e6:04:e8:a1:
0c:c0:26:b2:b5:e9:c1:a3:1e:f1:d6:22:8a:de:6b:04:ba:27:
27:2d:81:f8:fd:dc:52:d2:f2:88:40:d7:58:94:38:8f:be:40:
69:55:be:6b:8f:6f:99:47:4d:91:ed:32:58:33:f7:30:64:98:
53:2d:c2:1b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJKThZWI0dO8dPCAJIqUMtRZqQywwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjIwMDAwMDAwWhcNMjQwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTlhYWVjOTMwYWQzMTIyOGJjMWE1MTY4MWQ2YjhiM2Q0
NWZmYTlmYWY2NGRjMDZiZThjZTc0ZGRhZDQzZjlkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBQSNdmLqBX1nmi4cQXrU/QEoUfHAGS0CFhkdlQ+hBxtKx
jSTBSjxVIecNP8LjBaeweTQHZkmu5s/pt4EpEe1LppE1loAorBaWn1uCOmAtGEng
PQejFENO14VX8PM/0QQQ7RqOMII+YVFxrBdHG7qdi/kB65guyA4LEep5UjjkhXAj
NoP5sEMt7E/Eu+9HI0KCEt+beYJGW8tZnmy7ekRYoA9d3eWWCxr0YZ/JNccs3e/c
GnPydc+W5MrzwcHN5F7Gu/OZNOszTa9rT36Tvd6eos4OOD3fFIX8WyRYMl2uUNn1
OZMWW9TCF0qQizxvqcH6cjgOe3Hqq/B3o8WU/fg1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaSL/NNexx0+gRUZSIjuX1ogaUPMwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RkNjNkMjFkLWU2MjMtNDc4My1hODkxLWFjMmZkYTQ2OGFkYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHCvi3aPUlbBuNxaeWdmcyC4hseE
KBkBF8EVDDSsTivYz+KMSMkQhDBBQcwJuODHgowG9Cv/77SoNplDT000A14xaoy4
AENzjhaHae/lX+2lAt+Vl6MrenokIqjJ9bcd5F+0C5FqgcgChJkE1oU4w0jfGACq
lRidETRF4mGYx9sSeQrulW9TTzW+gujbFsdUPcdG1dDegQAbyWJEtKDdXK/Y9wIn
jsfRhKKykSy83pCs/xIKZH+Ghd6qzUyWSvurUBvm5gTooQzAJrK16cGjHvHWIore
awS6Jyctgfj93FLS8ohA11iUOI++QGlVvmuPb5lHTZHtMlgz9zBkmFMtwhs=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:15 2023 by rpki-client on console.sobornost.net