Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/35efcf72-708d-4456-b1d1-8419a2636e00.roa
File:                     35efcf72-708d-4456-b1d1-8419a2636e00.roa (raw, json)
Hash identifier:          xN00b5ZL7h0pYMl6Ns6RJFb+D1iYdLzH5K7j9A6r04I=
Subject key identifier:   D6:1F:18:17:1F:44:54:78:57:35:41:98:24:D3:89:64:E8:AB:33:4A
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       18CC558D121A2560A5F0BC16659C9A13FF6C97F8
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/35efcf72-708d-4456-b1d1-8419a2636e00.roa
Signing time:             Tue 05 Aug 2025 18:20:06 +0000
ROA not before:           Tue 05 Aug 2025 18:20:06 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:f03d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:cc:55:8d:12:1a:25:60:a5:f0:bc:16:65:9c:9a:13:ff:6c:97:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Aug  5 18:20:06 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=a64e37ff72c9e29cf24f33d8b9611800bf1607045422432201bb335344e2454d, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:48:f0:c2:a1:8c:66:60:52:43:d7:2d:0a:f8:
                    0d:e9:78:30:58:f6:2b:a1:f3:c7:97:7c:ef:6d:46:
                    05:83:5e:35:c1:96:57:67:cf:9a:69:02:14:28:aa:
                    ae:ec:c5:79:0c:dc:81:7f:33:e4:e6:24:5b:c9:c2:
                    27:9f:e2:53:82:40:c7:c7:85:73:c0:98:09:3f:59:
                    ef:b9:05:7c:06:16:2f:8d:1b:d0:4c:04:5c:80:e5:
                    96:9d:1d:1f:8a:dc:f8:77:b9:ef:64:9b:c9:03:77:
                    da:95:49:2a:7e:ef:6a:86:e1:83:d5:3c:07:c5:0d:
                    b1:5a:d3:7d:ff:16:f6:a1:61:3f:30:d0:78:d8:1f:
                    19:24:ed:2b:23:96:bc:da:c7:f9:3b:d3:6e:c5:e2:
                    2b:78:46:b8:c3:f2:25:57:94:fb:33:7d:2e:6c:b5:
                    e9:e8:de:ff:ac:6f:be:dd:b4:f1:e3:f7:6a:c4:59:
                    bf:31:88:67:c6:56:b2:56:4c:8d:9c:d4:7c:3e:15:
                    15:97:32:99:6f:dd:63:6e:67:29:05:f0:2d:3b:01:
                    a0:2f:92:68:d6:36:62:d4:d6:ed:d0:1d:b7:e1:d0:
                    75:1d:97:c4:8e:26:9b:d5:da:08:86:4f:af:5b:8e:
                    48:84:80:b4:fb:c0:58:41:c8:09:42:f3:84:af:09:
                    f3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:1F:18:17:1F:44:54:78:57:35:41:98:24:D3:89:64:E8:AB:33:4A
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/35efcf72-708d-4456-b1d1-8419a2636e00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f03d::/48

    Signature Algorithm: sha256WithRSAEncryption
         3d:49:f4:ea:8c:53:b0:f5:46:e9:5e:70:60:53:18:f2:57:a7:
         8a:0e:37:25:0a:ca:3e:36:d2:b4:a7:8b:e6:4f:21:b5:53:78:
         01:bc:b3:34:14:98:1f:74:99:65:2f:a3:93:c1:31:16:3a:27:
         e2:d8:2b:30:2f:9b:5b:60:fe:a0:a0:d4:db:42:65:fc:44:01:
         b3:2d:8a:6f:96:3f:93:b7:73:ad:e2:98:2e:4c:80:a7:ff:0e:
         5e:34:fb:88:10:13:22:f3:fb:0a:83:57:63:5b:f7:62:91:95:
         e7:bc:df:36:a0:9e:9c:81:cd:25:c8:0a:40:d0:ff:25:09:0e:
         3b:34:77:25:50:05:e8:cc:ec:01:e6:db:6a:2b:88:f9:2f:93:
         3b:18:d5:55:01:0f:2c:7b:86:3b:5f:fd:b2:2c:35:2e:36:0f:
         e2:94:2c:0d:ed:43:14:38:21:5a:d5:eb:d9:a4:4b:46:78:c5:
         1c:42:69:95:2e:d2:10:60:9b:77:b8:13:0b:75:87:66:a2:af:
         4a:77:6d:69:4f:f6:3e:39:5b:f4:41:ba:40:eb:05:de:7b:95:
         d9:37:ef:ff:60:1a:bf:b9:1d:fa:0d:41:ab:ac:39:8b:f9:35:
         21:bf:c8:3a:ac:69:4c:2f:85:47:50:66:d6:4e:ea:4f:77:e0:
         81:18:d3:ee
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGMxVjRIaJWCl8LwWZZyaE/9sl/gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwODA1MTgyMDA2WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjRlMzdmZjcyYzllMjljZjI0ZjMzZDhiOTYxMTgwMGJm
MTYwNzA0NTQyMjQzMjIwMWJiMzM1MzQ0ZTI0NTRkMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxSPDCoYxmYFJD1y0K+A3peDBY9iuh88eXfO9tRgWDXjXB
lldnz5ppAhQoqq7sxXkM3IF/M+TmJFvJwief4lOCQMfHhXPAmAk/We+5BXwGFi+N
G9BMBFyA5ZadHR+K3Ph3ue9km8kDd9qVSSp+72qG4YPVPAfFDbFa033/FvahYT8w
0HjYHxkk7Ssjlrzax/k7027F4it4RrjD8iVXlPszfS5steno3v+sb77dtPHj92rE
Wb8xiGfGVrJWTI2c1Hw+FRWXMplv3WNuZykF8C07AaAvkmjWNmLU1u3QHbfh0HUd
l8SOJpvV2giGT69bjkiEgLT7wFhByAlC84SvCfMFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU1h8YFx9EVHhXNUGYJNOJZOirM0owHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzM1ZWZjZjcyLTcwOGQtNDQ1Ni1iMWQxLTg0MTlhMjYzNmUwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8D0wDQYJKoZIhvcNAQELBQADggEBAD1J9OqMU7D1RulecGBTGPJX
p4oONyUKyj420rSni+ZPIbVTeAG8szQUmB90mWUvo5PBMRY6J+LYKzAvm1tg/qCg
1NtCZfxEAbMtim+WP5O3c63imC5MgKf/Dl40+4gQEyLz+wqDV2Nb92KRlee83zag
npyBzSXICkDQ/yUJDjs0dyVQBejM7AHm22oriPkvkzsY1VUBDyx7hjtf/bIsNS42
D+KULA3tQxQ4IVrV69mkS0Z4xRxCaZUu0hBgm3e4Ewt1h2air0p3bWlP9j45W/RB
ukDrBd57ldk37/9gGr+5HfoNQausOYv5NSG/yDqsaUwvhUdQZtZO6k934IEY0+4=
-----END CERTIFICATE-----