Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2d483f0f-c559-4f53-a15a-67216b94ba21.roa
File:                     2d483f0f-c559-4f53-a15a-67216b94ba21.roa (raw, json)
Hash identifier:          Qo/IKN+XiPW2j1o4Rg/TlKbV6W4r1T/Yv0/G2+A9ZjE=
Subject key identifier:   38:46:3F:1F:18:BE:1E:61:CA:C5:93:7C:D7:79:AC:8D:E3:C8:97:4B
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       6D1EB1E04D2A446DC73CD22F28D8808286FB5299
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2d483f0f-c559-4f53-a15a-67216b94ba21.roa
Signing time:             Mon 16 Jun 2025 19:00:07 +0000
ROA not before:           Mon 16 Jun 2025 19:00:07 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:387::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 30 Jun 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:1e:b1:e0:4d:2a:44:6d:c7:3c:d2:2f:28:d8:80:82:86:fb:52:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun 16 19:00:07 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=7698b290bb96aa09c8cb268cb36f2662468af6b3d3fd8ecc0a86531b0dffee8f, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f5:a6:74:88:9a:63:41:ff:99:e3:15:f0:b3:
                    e8:fd:66:8b:9f:b7:9f:95:37:57:8f:1c:92:e4:ba:
                    22:db:a6:52:1f:61:42:1e:2a:5a:4b:bb:ea:16:3c:
                    46:d6:a3:58:04:1d:b2:38:f1:28:ee:a1:48:b3:99:
                    b4:43:3c:f4:9a:8c:fb:64:bd:ce:ba:40:1b:96:84:
                    62:b7:7d:2b:00:32:65:ad:26:9f:2d:d1:d4:07:07:
                    f6:60:b0:ce:ec:51:a6:00:74:d7:6c:61:ff:86:fe:
                    6f:81:28:1c:11:32:8a:56:76:4d:89:77:8c:6e:d9:
                    27:c6:81:90:e8:af:75:37:91:13:7b:85:12:a4:0b:
                    08:81:d4:2b:48:1a:8c:67:dc:b9:8c:56:f2:8b:71:
                    d9:0e:a3:9f:77:d3:f7:a1:60:3c:20:90:c3:8f:e2:
                    5f:f9:b1:9f:57:b3:c6:ba:cf:be:87:d0:b8:3f:29:
                    9e:86:36:fc:12:f4:09:91:34:9a:e1:53:04:14:32:
                    4b:56:5c:13:70:54:10:73:68:33:1b:7c:0f:6a:fc:
                    63:19:e0:68:74:c4:86:22:76:34:74:23:8e:76:f0:
                    8e:9b:10:96:ca:36:6d:48:f8:b6:69:90:09:f0:1c:
                    ec:03:dc:e3:fa:21:1a:2f:14:a8:c2:5d:6a:82:7c:
                    e7:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:46:3F:1F:18:BE:1E:61:CA:C5:93:7C:D7:79:AC:8D:E3:C8:97:4B
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2d483f0f-c559-4f53-a15a-67216b94ba21.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:387::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:14:5b:a5:7a:cc:e7:0e:3c:dc:4e:90:38:3d:68:d1:fa:1d:
         8d:68:80:38:27:ce:fe:97:37:6a:82:7d:12:66:93:fe:f0:a0:
         6e:3d:e8:ea:1e:44:62:33:67:b9:8f:60:6b:ef:6e:fd:2e:a0:
         a6:59:16:b7:60:d5:c5:57:ec:51:4b:a5:f9:2f:fc:34:fe:01:
         c8:e4:6a:8e:44:da:20:1a:f6:d3:80:1d:5a:ee:9c:48:d9:80:
         82:d3:36:2d:27:7a:a7:11:f6:ce:2b:65:9e:66:70:d4:13:5c:
         d7:fd:be:99:9a:85:eb:95:f7:33:a3:87:90:3a:81:6d:e2:56:
         50:c5:70:e3:16:a5:fa:5d:7f:c3:00:0f:af:5b:72:65:d5:d7:
         f1:77:c3:c7:96:a0:75:c2:a2:9e:43:ba:b2:ff:8b:64:df:68:
         05:f8:df:15:68:f4:77:7e:a4:f0:9b:eb:13:c2:8f:5e:90:eb:
         4e:99:ea:33:8d:9b:67:29:2a:78:94:eb:19:00:1d:f1:d8:4d:
         be:20:d1:d7:be:84:79:00:af:3d:2d:b4:c2:2a:7f:46:11:77:
         d4:64:cc:f2:a7:9e:79:e6:da:a9:a1:e1:19:50:3c:92:19:28:
         8d:11:9a:b4:0e:d3:3b:b4:ce:93:ad:03:ee:ef:e4:c4:4d:21:
         ac:66:e3:0e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUbR6x4E0qRG3HPNIvKNiAgob7UpkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNjE2MTkwMDA3WhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3Njk4YjI5MGJiOTZhYTA5YzhjYjI2OGNiMzZmMjY2MjQ2
OGFmNmIzZDNmZDhlY2MwYTg2NTMxYjBkZmZlZThmMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDB9aZ0iJpjQf+Z4xXws+j9Zouft5+VN1ePHJLkuiLbplIf
YUIeKlpLu+oWPEbWo1gEHbI48SjuoUizmbRDPPSajPtkvc66QBuWhGK3fSsAMmWt
Jp8t0dQHB/ZgsM7sUaYAdNdsYf+G/m+BKBwRMopWdk2Jd4xu2SfGgZDor3U3kRN7
hRKkCwiB1CtIGoxn3LmMVvKLcdkOo5930/ehYDwgkMOP4l/5sZ9Xs8a6z76H0Lg/
KZ6GNvwS9AmRNJrhUwQUMktWXBNwVBBzaDMbfA9q/GMZ4Gh0xIYidjR0I4528I6b
EJbKNm1I+LZpkAnwHOwD3OP6IRovFKjCXWqCfOefAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOEY/Hxi+HmHKxZN813msjePIl0swHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzJkNDgzZjBmLWM1NTktNGY1My1hMTVhLTY3MjE2Yjk0YmEyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA4cwDQYJKoZIhvcNAQELBQADggEBAHIUW6V6zOcOPNxOkDg9aNH6
HY1ogDgnzv6XN2qCfRJmk/7woG496OoeRGIzZ7mPYGvvbv0uoKZZFrdg1cVX7FFL
pfkv/DT+Acjkao5E2iAa9tOAHVrunEjZgILTNi0neqcR9s4rZZ5mcNQTXNf9vpma
heuV9zOjh5A6gW3iVlDFcOMWpfpdf8MAD69bcmXV1/F3w8eWoHXCop5DurL/i2Tf
aAX43xVo9Hd+pPCb6xPCj16Q606Z6jONm2cpKniU6xkAHfHYTb4g0de+hHkArz0t
tMIqf0YRd9RkzPKnnnnm2qmh4RlQPJIZKI0RmrQO0zu0zpOtA+7v5MRNIaxm4w4=
-----END CERTIFICATE-----