Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e981afe8-1aa6-4ae5-ba0e-ebf649e22835.roa
File:                     e981afe8-1aa6-4ae5-ba0e-ebf649e22835.roa (raw, json)
Hash identifier:          ZL1NvOG2+537cttwounckwPCDtjNf0JXDRD1sLaoc/w=
Subject key identifier:   F0:8E:B8:85:90:42:78:88:C4:C9:22:E4:92:82:97:8B:E9:D6:44:58
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6FE6FB60ABF02CC3E0D70D829ED159D92C067EA4
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e981afe8-1aa6-4ae5-ba0e-ebf649e22835.roa
Signing time:             Thu 30 Nov 2023 00:00:00 +0000
ROA not before:           Thu 30 Nov 2023 00:00:00 +0000
ROA not after:            Thu 04 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:e6:fb:60:ab:f0:2c:c3:e0:d7:0d:82:9e:d1:59:d9:2c:06:7e:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Nov 30 00:00:00 2023 GMT
            Not After : Jan  4 23:59:59 2024 GMT
        Subject: serialNumber=66aa588d823bc923d805bd8cae846b213ec91651aa984e0db07ed433ec536a89, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d9:97:fd:89:7c:00:57:8b:22:7b:98:73:b7:
                    48:e6:1d:0a:35:f4:f8:25:f1:47:fc:9c:61:1d:03:
                    ee:00:77:70:a6:16:52:c8:4a:74:d9:f8:92:e2:c3:
                    55:86:9a:ca:52:a3:51:94:57:a7:79:14:31:1f:02:
                    24:8c:48:b9:ff:e2:dc:e3:b5:e6:6d:f2:a0:4b:81:
                    85:87:12:48:68:6e:1d:6b:c6:ed:4f:63:72:da:5e:
                    75:5f:53:c9:bc:96:93:d8:9f:2d:cc:47:ac:69:2d:
                    c2:22:9b:37:26:b9:a2:1d:87:07:10:cf:e6:39:d3:
                    45:ac:01:58:df:02:7e:9a:0d:31:89:e0:eb:5a:42:
                    52:07:d5:ae:6e:46:78:fa:bc:4f:ce:9b:76:1b:d6:
                    c1:a5:a7:ce:e1:f1:22:29:20:81:94:df:a1:00:6f:
                    c5:19:3d:5b:82:36:e9:74:14:51:0c:25:35:7f:67:
                    98:ef:41:bb:b1:d8:72:10:08:e1:eb:1b:84:7a:33:
                    13:68:8f:63:4e:62:dd:22:11:ba:e8:c9:ba:f9:b0:
                    b4:94:df:8b:25:5e:19:2b:53:63:8a:b1:06:73:4e:
                    3f:2b:b7:ce:14:21:12:a2:9e:96:63:e6:ed:f2:35:
                    e8:98:7d:b2:02:64:ed:9e:29:97:ff:73:30:fb:fa:
                    03:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:8E:B8:85:90:42:78:88:C4:C9:22:E4:92:82:97:8B:E9:D6:44:58
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/e981afe8-1aa6-4ae5-ba0e-ebf649e22835.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:6c:92:50:28:f9:94:d6:dd:b2:5a:9b:24:c2:96:2e:b1:b5:
         ab:44:41:3c:ad:c8:ec:36:9f:bc:c9:88:c9:86:16:64:52:40:
         b5:1d:e8:0b:c0:9f:dd:7a:3a:ca:7e:7b:4e:f0:9f:86:04:e9:
         4d:df:d4:5b:69:8b:b8:d4:96:e0:1e:4a:f1:6b:f8:5f:fd:14:
         ec:ab:d4:38:4f:b7:3d:ac:be:2b:6f:63:8c:83:cf:fe:0a:91:
         e7:26:9e:25:36:f9:90:a9:22:3f:41:40:8a:58:2c:e4:43:d8:
         97:66:6c:75:aa:f2:58:37:a1:d1:37:bb:ff:d1:27:12:16:6f:
         9c:4e:65:bc:07:6b:04:68:a8:2c:f3:d0:cb:1a:46:31:b0:33:
         7f:af:26:72:c0:95:22:d0:c6:93:ab:39:24:53:1a:48:e3:0b:
         f3:8e:62:14:45:58:62:d2:02:a2:91:f7:6f:bd:c4:5c:e8:f3:
         3f:e7:f6:04:88:65:21:dc:69:6a:95:77:32:85:e1:ff:de:a1:
         79:90:2b:62:1b:62:d5:18:92:fb:67:13:73:b2:72:a6:01:3c:
         10:0c:03:0c:69:28:9e:46:6b:70:c6:d9:e3:22:6d:4a:ad:4f:
         42:ce:5a:02:e3:89:81:ff:14:82:c3:02:f7:dc:2d:8e:91:df:
         70:83:27:03
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUb+b7YKvwLMPg1w2CntFZ2SwGfqQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMTMwMDAwMDAwWhcNMjQwMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NmFhNTg4ZDgyM2JjOTIzZDgwNWJkOGNhZTg0NmIyMTNl
YzkxNjUxYWE5ODRlMGRiMDdlZDQzM2VjNTM2YTg5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCa2Zf9iXwAV4sie5hzt0jmHQo19Pgl8Uf8nGEdA+4Ad3Cm
FlLISnTZ+JLiw1WGmspSo1GUV6d5FDEfAiSMSLn/4tzjteZt8qBLgYWHEkhobh1r
xu1PY3LaXnVfU8m8lpPYny3MR6xpLcIimzcmuaIdhwcQz+Y500WsAVjfAn6aDTGJ
4OtaQlIH1a5uRnj6vE/Om3Yb1sGlp87h8SIpIIGU36EAb8UZPVuCNul0FFEMJTV/
Z5jvQbux2HIQCOHrG4R6MxNoj2NOYt0iEbroybr5sLSU34slXhkrU2OKsQZzTj8r
t84UIRKinpZj5u3yNeiYfbICZO2eKZf/czD7+gO/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8I64hZBCeIjEySLkkoKXi+nWRFgwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2U5ODFhZmU4LTFhYTYtNGFlNS1iYTBlLWViZjY0OWUyMjgzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKFsklAo+ZTW3bJamyTCli6xtatE
QTytyOw2n7zJiMmGFmRSQLUd6AvAn916Osp+e07wn4YE6U3f1Ftpi7jUluAeSvFr
+F/9FOyr1DhPtz2svitvY4yDz/4KkecmniU2+ZCpIj9BQIpYLORD2JdmbHWq8lg3
odE3u//RJxIWb5xOZbwHawRoqCzz0MsaRjGwM3+vJnLAlSLQxpOrOSRTGkjjC/OO
YhRFWGLSAqKR92+9xFzo8z/n9gSIZSHcaWqVdzKF4f/eoXmQK2IbYtUYkvtnE3Oy
cqYBPBAMAwxpKJ5Ga3DG2eMibUqtT0LOWgLjiYH/FILDAvfcLY6R33CDJwM=
-----END CERTIFICATE-----