Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/9bfde94a-1d95-4dce-b0b2-727172f5e49d.roa
File:                     9bfde94a-1d95-4dce-b0b2-727172f5e49d.roa (raw, json)
Hash identifier:          mIk/uiTlrEL2grDXZ4pyyz/OjPrNHUUrqW7oJt6lHiw=
Subject key identifier:   90:6C:F7:A3:21:D0:5C:DF:52:6B:22:28:3E:41:AB:CB:79:C1:9E:2A
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       6DECE5E9FE1BBBA681AD651B1D48176D228658CC
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/9bfde94a-1d95-4dce-b0b2-727172f5e49d.roa
Signing time:             Fri 25 Apr 2025 15:10:18 +0000
ROA not before:           Fri 25 Apr 2025 15:10:18 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        96.127.8.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 08 May 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:ec:e5:e9:fe:1b:bb:a6:81:ad:65:1b:1d:48:17:6d:22:86:58:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Apr 25 15:10:18 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=6a3700d5c106376bcc404132e02b3c9d9485fac8d4eb8059de358fdeb3f33d50, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1b:91:da:ad:8f:8a:f2:e1:2d:5b:33:2a:b7:
                    42:75:0e:d9:ea:0b:82:5a:09:f7:50:1a:30:d3:29:
                    f9:1e:7c:ac:ee:4a:12:31:a2:eb:bc:43:ab:e8:31:
                    36:f3:83:0a:fe:a9:80:46:ad:57:09:1b:58:a7:88:
                    d9:e6:20:81:85:68:54:38:9e:40:a4:bb:0e:ee:9f:
                    cc:53:18:95:0f:fe:a8:3a:20:89:66:70:33:2a:77:
                    4c:f0:12:16:43:84:28:2d:ef:ca:3b:e7:c7:a4:39:
                    45:fd:ba:32:9c:05:29:d2:a4:75:1a:d3:90:ef:b9:
                    1c:f7:7b:dd:59:30:56:bf:10:bb:ce:85:6c:86:3a:
                    49:94:78:0e:ef:4a:19:c1:19:dd:51:b5:8a:59:0b:
                    49:7c:c5:ca:ef:61:ae:b9:e0:82:70:19:31:8f:73:
                    c1:80:51:0a:3b:6a:c5:ef:f7:44:01:c3:ce:59:33:
                    97:45:55:d1:b5:6d:1f:3e:80:dd:25:6f:21:c7:5c:
                    ef:fa:d0:e8:92:7e:3b:f4:ab:ee:0d:cb:de:7f:d9:
                    d0:94:74:e1:30:97:c0:5e:af:e7:ce:7c:3c:45:bd:
                    7c:32:63:08:30:52:3d:d0:96:65:94:dd:5b:5c:8e:
                    02:24:42:b6:64:76:6a:62:0c:3f:20:a0:16:53:0a:
                    46:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:6C:F7:A3:21:D0:5C:DF:52:6B:22:28:3E:41:AB:CB:79:C1:9E:2A
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/9bfde94a-1d95-4dce-b0b2-727172f5e49d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         02:44:2d:61:39:6b:14:ab:c8:57:6a:a9:dd:18:bf:be:60:ec:
         20:0c:10:70:79:c5:d1:a1:cd:f6:7d:96:f0:b3:ad:fc:88:3f:
         84:4b:8c:ef:1a:e4:7c:b8:3a:d1:ab:e5:13:cf:d3:da:25:b8:
         30:fb:75:c9:10:5e:b5:79:e0:b3:34:a4:b3:46:91:cf:64:f8:
         c0:f9:7b:25:be:c6:50:c1:9a:63:7a:bf:82:0a:cb:cc:bc:7a:
         81:18:d5:af:0a:0b:aa:7c:6b:c5:6d:ae:b6:b4:a3:f8:f2:f7:
         08:4d:f2:1e:40:00:c1:3c:cf:bc:0e:48:b2:57:9c:bf:5c:3f:
         b7:00:dd:96:12:ae:45:50:42:14:2f:36:9f:17:a9:96:88:12:
         35:ef:00:bc:5b:f0:33:aa:be:e6:85:47:ff:ce:46:35:e7:32:
         8a:1b:3a:c9:5f:15:a4:23:4d:69:4d:db:73:c4:22:9b:a5:1c:
         c1:ab:07:e1:5d:49:92:38:0f:7b:68:29:6d:28:ca:c2:8e:81:
         a5:68:73:81:f8:ed:ef:db:fe:5f:33:d4:28:42:4b:5e:32:c9:
         7f:ca:f7:1b:39:1f:d8:ee:1d:bc:83:98:ab:31:65:14:32:1c:
         e9:d5:e2:ef:e8:62:18:d4:de:b8:af:94:65:04:c6:43:c2:9a:
         69:b1:59:ed
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbezl6f4bu6aBrWUbHUgXbSKGWMwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUwNDI1MTUxMDE4WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YTM3MDBkNWMxMDYzNzZiY2M0MDQxMzJlMDJiM2M5ZDk0
ODVmYWM4ZDRlYjgwNTlkZTM1OGZkZWIzZjMzZDUwMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgG5HarY+K8uEtWzMqt0J1DtnqC4JaCfdQGjDTKfkefKzu
ShIxouu8Q6voMTbzgwr+qYBGrVcJG1iniNnmIIGFaFQ4nkCkuw7un8xTGJUP/qg6
IIlmcDMqd0zwEhZDhCgt78o758ekOUX9ujKcBSnSpHUa05DvuRz3e91ZMFa/ELvO
hWyGOkmUeA7vShnBGd1RtYpZC0l8xcrvYa654IJwGTGPc8GAUQo7asXv90QBw85Z
M5dFVdG1bR8+gN0lbyHHXO/60OiSfjv0q+4Ny95/2dCUdOEwl8Ber+fOfDxFvXwy
YwgwUj3QlmWU3VtcjgIkQrZkdmpiDD8goBZTCkYjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkGz3oyHQXN9SayIoPkGry3nBniowHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1LzliZmRlOTRhLTFkOTUtNGRjZS1iMGIyLTcyNzE3MmY1ZTQ5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANgfwgwDQYJKoZIhvcNAQELBQADggEBAAJELWE5axSryFdqqd0Yv75g7CAM
EHB5xdGhzfZ9lvCzrfyIP4RLjO8a5Hy4OtGr5RPP09oluDD7dckQXrV54LM0pLNG
kc9k+MD5eyW+xlDBmmN6v4IKy8y8eoEY1a8KC6p8a8Vtrra0o/jy9whN8h5AAME8
z7wOSLJXnL9cP7cA3ZYSrkVQQhQvNp8XqZaIEjXvALxb8DOqvuaFR//ORjXnMoob
OslfFaQjTWlN23PEIpulHMGrB+FdSZI4D3toKW0oysKOgaVoc4H47e/b/l8z1ChC
S14yyX/K9xs5H9juHbyDmKsxZRQyHOnV4u/oYhjU3rivlGUExkPCmmmxWe0=
-----END CERTIFICATE-----