Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e9ea69d-4b33-4a85-894c-5620e610e709.roa
File:                     6e9ea69d-4b33-4a85-894c-5620e610e709.roa (raw, json)
Hash identifier:          aRqWVLv3uKs4ViCk9L6CyQuWr64aRa3OjJ0Ab6znXxQ=
Subject key identifier:   27:34:E6:5D:83:D3:2A:4C:C9:6C:DF:F4:48:2E:8A:FA:B8:BE:DE:B1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       275A3A67A1F2852BAE7153BD1B494C1F8EE2DBC6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e9ea69d-4b33-4a85-894c-5620e610e709.roa
Signing time:             Wed 18 Jun 2025 00:02:20 +0000
ROA not before:           Wed 18 Jun 2025 00:02:20 +0000
ROA not after:            Wed 23 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:85e8::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:5a:3a:67:a1:f2:85:2b:ae:71:53:bd:1b:49:4c:1f:8e:e2:db:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 18 00:02:20 2025 GMT
            Not After : Jul 23 23:59:59 2025 GMT
        Subject: serialNumber=b27c5001760c792d7d658b80da1229a87c6cad20b163176d7ab0554fd01240f9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d0:df:b8:8a:76:2e:b1:96:d9:dc:8a:23:e5:
                    15:3c:ef:d8:26:23:af:51:50:5c:57:d8:1c:d0:42:
                    1e:af:ab:2b:ca:90:29:c8:c5:07:f5:47:f4:0e:c8:
                    32:47:3d:13:15:6f:9b:6f:60:28:cb:99:f9:cf:6d:
                    4d:df:27:bd:11:f8:cd:2c:e3:63:b7:41:62:f1:e6:
                    4f:24:29:81:40:bc:d5:12:df:0e:97:56:6c:14:b0:
                    2f:8c:06:ee:7c:6a:29:56:e9:ca:50:1c:e0:fb:cd:
                    61:28:ae:f6:6a:ef:49:7f:04:a6:f8:7e:3c:fa:c9:
                    6a:cb:18:2b:ef:28:8f:4d:0a:c2:dd:f3:fc:4a:48:
                    0e:c6:82:16:ec:b7:36:52:5b:7e:c5:2d:52:99:03:
                    75:4b:9a:96:71:8c:38:8d:a4:7f:8c:19:f8:6b:32:
                    53:99:94:6a:80:e9:0f:8a:21:72:fc:f7:5c:bd:f1:
                    43:30:de:3b:45:06:6c:9f:1c:f7:ce:46:9e:f8:7b:
                    90:4d:bd:1f:e0:67:76:85:a4:59:67:04:2c:82:5a:
                    10:86:92:4a:76:84:cc:b9:7a:1f:7d:d6:8b:7c:f7:
                    9b:4b:69:f3:ea:ae:cf:44:c5:0e:25:d3:da:83:46:
                    76:e0:19:d0:96:73:bd:36:2a:02:24:6a:3a:ac:53:
                    22:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:34:E6:5D:83:D3:2A:4C:C9:6C:DF:F4:48:2E:8A:FA:B8:BE:DE:B1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e9ea69d-4b33-4a85-894c-5620e610e709.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:85e8::/48

    Signature Algorithm: sha256WithRSAEncryption
         83:80:48:91:c6:f7:86:e1:00:f5:dc:19:dc:64:70:0e:e3:f0:
         5d:90:c4:1f:17:8b:07:e8:76:66:b3:e0:92:cd:e0:15:8b:43:
         de:06:6d:4c:13:a5:a6:0e:4d:af:c7:66:e0:1a:18:e0:d8:a6:
         8e:29:09:a1:7d:d0:a5:07:02:f6:c9:2b:85:49:69:7f:0b:ce:
         11:e4:d3:43:f4:c0:f3:5d:6c:dc:6a:8e:1d:2b:de:64:7b:e3:
         c5:73:1c:07:15:1e:03:2a:42:1e:cb:8e:e4:87:28:7d:dd:cd:
         c6:fd:56:ff:72:1e:7b:04:d2:86:e0:bc:c1:65:e8:54:99:fc:
         7a:d1:b3:b8:80:64:79:29:c3:cb:ee:fc:2c:e6:55:38:10:ab:
         8f:55:bc:09:cd:af:fb:50:8d:63:85:e1:a9:06:8f:cc:71:42:
         b8:e4:72:b1:f9:13:e0:2f:0a:7a:de:b7:dc:d4:44:ef:f6:a0:
         db:12:36:a6:27:95:37:2d:cb:1a:d5:d4:da:8f:05:e5:8b:21:
         c7:4d:7e:0f:a2:e2:ea:f3:9f:e9:81:f0:2c:e1:13:96:57:c4:
         cc:b0:dd:f7:f0:27:86:02:2e:aa:94:5b:a3:c7:51:66:b2:f1:
         9e:8a:b4:46:c6:c6:65:00:89:53:10:41:6c:80:9a:40:38:81:
         4d:ad:a3:8a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJ1o6Z6HyhSuucVO9G0lMH47i28YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE4MDAwMjIwWhcNMjUwNzIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMjdjNTAwMTc2MGM3OTJkN2Q2NThiODBkYTEyMjlhODdj
NmNhZDIwYjE2MzE3NmQ3YWIwNTU0ZmQwMTI0MGY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCW0N+4inYusZbZ3Ioj5RU879gmI69RUFxX2BzQQh6vqyvK
kCnIxQf1R/QOyDJHPRMVb5tvYCjLmfnPbU3fJ70R+M0s42O3QWLx5k8kKYFAvNUS
3w6XVmwUsC+MBu58ailW6cpQHOD7zWEorvZq70l/BKb4fjz6yWrLGCvvKI9NCsLd
8/xKSA7GghbstzZSW37FLVKZA3VLmpZxjDiNpH+MGfhrMlOZlGqA6Q+KIXL891y9
8UMw3jtFBmyfHPfORp74e5BNvR/gZ3aFpFlnBCyCWhCGkkp2hMy5eh991ot895tL
afPqrs9ExQ4l09qDRnbgGdCWc702KgIkajqsUyLRAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUJzTmXYPTKkzJbN/0SC6K+ri+3rEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZlOWVhNjlkLTRiMzMtNGE4NS04OTRjLTU2MjBlNjEwZTcwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9hegwDQYJKoZIhvcNAQELBQADggEBAIOASJHG94bhAPXcGdxkcA7j
8F2QxB8Xiwfodmaz4JLN4BWLQ94GbUwTpaYOTa/HZuAaGODYpo4pCaF90KUHAvbJ
K4VJaX8LzhHk00P0wPNdbNxqjh0r3mR748VzHAcVHgMqQh7LjuSHKH3dzcb9Vv9y
HnsE0obgvMFl6FSZ/HrRs7iAZHkpw8vu/CzmVTgQq49VvAnNr/tQjWOF4akGj8xx
QrjkcrH5E+AvCnret9zURO/2oNsSNqYnlTctyxrV1NqPBeWLIcdNfg+i4urzn+mB
8CzhE5ZXxMyw3ffwJ4YCLqqUW6PHUWay8Z6KtEbGxmUAiVMQQWyAmkA4gU2to4o=
-----END CERTIFICATE-----