Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0e389254-682a-49dc-8f48-9e1c009e2b94.roa
File:                     0e389254-682a-49dc-8f48-9e1c009e2b94.roa (raw, json)
Hash identifier:          mjvsNzmANGYKt5n02VQBDhXboTm6r4ry3OicJGqeIj0=
Subject key identifier:   E0:F9:93:D8:51:11:AC:4F:4D:E2:01:76:39:A1:80:5D:50:34:46:80
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4CAC60AD3CC2B18880FCBD3027B0A137994E9908
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0e389254-682a-49dc-8f48-9e1c009e2b94.roa
Signing time:             Wed 25 Jun 2025 00:20:34 +0000
ROA not before:           Wed 25 Jun 2025 00:20:34 +0000
ROA not after:            Wed 30 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:64c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 30 Jun 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:ac:60:ad:3c:c2:b1:88:80:fc:bd:30:27:b0:a1:37:99:4e:99:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun 25 00:20:34 2025 GMT
            Not After : Jul 30 23:59:59 2025 GMT
        Subject: serialNumber=ef808c79c8916549906a41f957f69d4c5680005a48019932a1f1bfe142596758, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:dc:4d:4a:a6:30:b8:49:89:3d:c6:a6:24:48:
                    f2:e8:c2:fc:aa:9b:03:57:fb:84:e8:ed:76:2b:93:
                    80:09:7f:85:05:ff:d8:49:3a:2c:b9:93:2b:90:e9:
                    40:f4:07:15:70:8a:15:05:aa:87:d7:0b:7c:17:06:
                    d2:e7:e1:6f:1b:f4:f0:d1:6e:bc:4e:9a:79:bd:8f:
                    49:91:f5:4d:8a:31:b4:f8:a7:cb:d8:4f:fd:b6:1f:
                    4c:d6:11:b8:78:f3:48:93:60:2c:9d:e1:6a:ab:93:
                    e4:e9:41:71:9e:fd:29:ec:f7:bd:5b:a1:05:87:cb:
                    f9:30:9c:c1:7d:cc:72:ca:13:9f:e4:93:17:63:2d:
                    11:3c:bc:97:b2:e6:59:89:42:c4:07:a0:86:be:6f:
                    72:78:43:f1:e7:9a:f7:5d:ce:cf:31:64:c2:7c:71:
                    bc:07:c4:bf:cf:df:67:97:bb:17:98:82:9c:7e:34:
                    12:72:9a:1f:3c:80:0e:4e:64:0f:f0:0c:b6:6b:db:
                    de:4e:5b:ae:c4:e8:9c:13:1d:6b:25:cc:79:4d:43:
                    d8:07:d8:73:48:7a:48:21:b8:97:d4:b8:a2:f5:50:
                    dd:64:7a:2e:b3:71:28:e1:70:6d:73:eb:83:32:fc:
                    c9:a9:49:94:50:99:83:36:a2:f0:a9:d5:99:f3:9d:
                    70:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:F9:93:D8:51:11:AC:4F:4D:E2:01:76:39:A1:80:5D:50:34:46:80
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0e389254-682a-49dc-8f48-9e1c009e2b94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:64c::/48

    Signature Algorithm: sha256WithRSAEncryption
         7b:4b:54:fb:9f:73:17:df:fe:1c:0b:1a:54:8c:f3:3e:45:08:
         d3:cd:c2:f6:9d:24:4a:dd:3c:53:64:dd:cd:b9:5f:58:ad:ca:
         e3:03:ce:38:f6:cb:e6:4d:a3:b3:82:b5:fb:94:32:52:aa:e4:
         dc:66:18:de:6f:9f:ae:4e:09:17:39:0b:8f:a7:59:95:70:3d:
         da:a8:eb:8b:fa:40:e5:b5:b5:20:fc:53:59:2b:b1:d1:5f:75:
         ce:31:b9:8b:6e:7a:26:01:5e:f7:c0:ec:e8:8d:0f:c4:3c:f0:
         da:81:62:29:76:f7:29:b1:7a:79:b3:be:d1:c5:ce:ce:0f:06:
         30:9e:2e:f0:31:e6:1a:fd:7d:fd:95:b9:68:53:94:04:f5:6a:
         75:f1:ed:dd:95:e0:85:ee:92:3b:4e:48:f1:c3:a8:c6:9b:19:
         3d:12:95:33:e0:14:01:9b:6a:42:67:a9:6f:e2:91:57:20:14:
         33:64:b2:21:8a:9a:39:36:fe:45:f6:76:e4:b8:39:a9:ca:1f:
         97:e2:94:71:88:df:c7:87:d8:65:86:a2:ce:04:55:6f:00:a3:
         e4:87:1f:74:a4:b6:0e:cd:28:2a:7a:b3:6e:b0:eb:c5:a4:96:
         99:09:d1:b1:64:ca:96:b4:17:1b:45:ad:35:a4:dd:c4:11:3a:
         4f:bd:71:65
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTKxgrTzCsYiA/L0wJ7ChN5lOmQgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNjI1MDAyMDM0WhcNMjUwNzMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjgwOGM3OWM4OTE2NTQ5OTA2YTQxZjk1N2Y2OWQ0YzU2
ODAwMDVhNDgwMTk5MzJhMWYxYmZlMTQyNTk2NzU4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA3E1KpjC4SYk9xqYkSPLowvyqmwNX+4To7XYrk4AJf4UF
/9hJOiy5kyuQ6UD0BxVwihUFqofXC3wXBtLn4W8b9PDRbrxOmnm9j0mR9U2KMbT4
p8vYT/22H0zWEbh480iTYCyd4Wqrk+TpQXGe/Sns971boQWHy/kwnMF9zHLKE5/k
kxdjLRE8vJey5lmJQsQHoIa+b3J4Q/Hnmvddzs8xZMJ8cbwHxL/P32eXuxeYgpx+
NBJymh88gA5OZA/wDLZr295OW67E6JwTHWslzHlNQ9gH2HNIekghuJfUuKL1UN1k
ei6zcSjhcG1z64My/MmpSZRQmYM2ovCp1ZnznXBzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU4PmT2FERrE9N4gF2OaGAXVA0RoAwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzBlMzg5MjU0LTY4MmEtNDlkYy04ZjQ4LTllMWMwMDllMmI5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABkwwDQYJKoZIhvcNAQELBQADggEBAHtLVPufcxff/hwLGlSM8z5F
CNPNwvadJErdPFNk3c25X1ityuMDzjj2y+ZNo7OCtfuUMlKq5NxmGN5vn65OCRc5
C4+nWZVwPdqo64v6QOW1tSD8U1krsdFfdc4xuYtueiYBXvfA7OiND8Q88NqBYil2
9ymxenmzvtHFzs4PBjCeLvAx5hr9ff2VuWhTlAT1anXx7d2V4IXukjtOSPHDqMab
GT0SlTPgFAGbakJnqW/ikVcgFDNksiGKmjk2/kX2duS4OanKH5filHGI38eH2GWG
os4EVW8Ao+SHH3Sktg7NKCp6s26w68WklpkJ0bFkypa0FxtFrTWk3cQROk+9cWU=
-----END CERTIFICATE-----