Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3983d9b9-cb06-4315-b0e8-52b47d039b39.roa
File:                     3983d9b9-cb06-4315-b0e8-52b47d039b39.roa (raw, json)
Hash identifier:          VXUaWhYs0JdG4RE5wXFxG51feq1wkZo0eN4zPSWhrAE=
Subject key identifier:   63:5C:ED:EE:18:1B:E9:19:59:24:38:36:45:C5:49:97:DC:5A:D6:50
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       33F7E9F5D895B3264531001388D7FCABE609AAB1
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3983d9b9-cb06-4315-b0e8-52b47d039b39.roa
Signing time:             Wed 25 Jun 2025 00:30:53 +0000
ROA not before:           Wed 25 Jun 2025 00:30:53 +0000
ROA not after:            Wed 30 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c0d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 30 Jun 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:f7:e9:f5:d8:95:b3:26:45:31:00:13:88:d7:fc:ab:e6:09:aa:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun 25 00:30:53 2025 GMT
            Not After : Jul 30 23:59:59 2025 GMT
        Subject: serialNumber=1395b465c11312b06563c6a23364142021cedd898115ce23a441b9373584cc7c, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e4:31:b2:d3:31:ee:25:2a:fa:93:5e:8c:37:
                    a5:29:1a:01:7f:1e:a4:b2:ae:75:83:81:ed:57:13:
                    fe:b9:c7:f9:fa:60:cd:08:a2:53:ef:56:6b:a2:04:
                    aa:29:eb:89:3a:e5:ee:11:84:dc:0f:04:29:9a:6c:
                    52:24:84:87:10:4b:1b:a5:1c:fb:6a:e3:69:a1:a4:
                    f2:96:42:36:c3:fb:5c:8f:c7:f2:cb:a9:db:a1:a8:
                    9a:a9:7f:85:cb:e3:fd:f6:cc:49:a3:4e:72:8f:b5:
                    3f:5e:67:c5:bb:e9:e7:a9:5d:a1:b7:1b:39:ff:77:
                    7f:90:fc:41:54:4b:66:21:63:85:08:1f:b7:7b:8b:
                    00:0c:ef:28:fc:5c:97:db:f0:26:db:bb:c9:1a:2c:
                    5e:30:d9:e0:f4:86:6b:b8:16:25:a2:b6:55:69:b0:
                    67:05:12:a3:13:98:66:79:46:9b:b5:13:0d:49:e5:
                    6f:42:9d:ab:c1:e5:16:69:75:72:fe:12:60:62:69:
                    be:59:00:62:68:92:78:da:01:9a:35:52:0a:68:af:
                    9e:75:d5:c9:d1:93:6b:57:40:c3:a6:39:90:04:f1:
                    c4:67:2e:b8:df:3b:a3:cf:68:ed:15:1d:cf:d9:ec:
                    33:53:95:b2:f6:27:b4:8e:55:66:d6:72:19:1e:fb:
                    78:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:5C:ED:EE:18:1B:E9:19:59:24:38:36:45:C5:49:97:DC:5A:D6:50
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3983d9b9-cb06-4315-b0e8-52b47d039b39.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0d::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:a9:70:6e:b0:04:ca:6e:f3:02:18:67:7b:4c:70:c4:4b:46:
         41:ff:d2:f3:73:bd:7c:9a:19:51:c5:be:16:8e:22:eb:80:6e:
         9c:47:a5:c9:7e:9f:73:56:ce:d0:bd:60:c8:c9:ee:3a:4a:dd:
         a8:24:a5:31:7c:39:b1:ea:8f:25:b5:15:fb:82:33:b3:5a:c2:
         16:c8:30:f6:a4:61:ff:6f:a7:b3:cb:23:c7:f3:2e:cc:eb:21:
         9c:f5:f4:14:89:f2:10:83:14:b8:1e:5c:95:d1:20:d3:63:c4:
         d2:a4:3d:46:46:eb:4a:1f:2d:9a:49:bf:f3:5a:71:ff:74:2b:
         2d:67:17:b1:c5:16:f4:e5:5c:54:d2:38:50:e0:b2:cc:21:9a:
         35:53:4d:5f:6a:43:68:27:5a:87:ce:2d:79:62:ac:f4:f0:f3:
         a4:ab:1c:98:7c:95:ac:b1:c5:3e:f8:a5:d2:dd:7d:bf:c7:bb:
         be:b5:62:00:f8:46:27:e9:2f:92:03:de:2b:aa:f9:d0:86:42:
         6e:cd:6c:70:54:46:8e:fa:36:bf:69:db:fe:ad:02:21:1f:c0:
         bc:0e:a5:63:26:88:bb:ad:eb:f3:f4:b9:b0:9d:13:de:ce:62:
         58:98:8b:11:c2:94:be:cc:e3:28:c5:34:ee:82:7f:ea:da:56:
         87:e3:ff:15
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUM/fp9diVsyZFMQATiNf8q+YJqrEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNjI1MDAzMDUzWhcNMjUwNzMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzk1YjQ2NWMxMTMxMmIwNjU2M2M2YTIzMzY0MTQyMDIx
Y2VkZDg5ODExNWNlMjNhNDQxYjkzNzM1ODRjYzdjMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDD5DGy0zHuJSr6k16MN6UpGgF/HqSyrnWDge1XE/65x/n6
YM0IolPvVmuiBKop64k65e4RhNwPBCmabFIkhIcQSxulHPtq42mhpPKWQjbD+1yP
x/LLqduhqJqpf4XL4/32zEmjTnKPtT9eZ8W76eepXaG3Gzn/d3+Q/EFUS2YhY4UI
H7d7iwAM7yj8XJfb8Cbbu8kaLF4w2eD0hmu4FiWitlVpsGcFEqMTmGZ5Rpu1Ew1J
5W9CnavB5RZpdXL+EmBiab5ZAGJoknjaAZo1Ugpor5511cnRk2tXQMOmOZAE8cRn
LrjfO6PPaO0VHc/Z7DNTlbL2J7SOVWbWchke+3h3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUY1zt7hgb6RlZJDg2RcVJl9xa1lAwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzM5ODNkOWI5LWNiMDYtNDMxNS1iMGU4LTUyYjQ3ZDAzOWIzOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADA0wDQYJKoZIhvcNAQELBQADggEBAHmpcG6wBMpu8wIYZ3tMcMRL
RkH/0vNzvXyaGVHFvhaOIuuAbpxHpcl+n3NWztC9YMjJ7jpK3agkpTF8ObHqjyW1
FfuCM7NawhbIMPakYf9vp7PLI8fzLszrIZz19BSJ8hCDFLgeXJXRINNjxNKkPUZG
60ofLZpJv/Nacf90Ky1nF7HFFvTlXFTSOFDgsswhmjVTTV9qQ2gnWofOLXlirPTw
86SrHJh8layxxT74pdLdfb/Hu761YgD4RifpL5ID3iuq+dCGQm7NbHBURo76Nr9p
2/6tAiEfwLwOpWMmiLut6/P0ubCdE97OYliYixHClL7M4yjFNO6Cf+raVofj/xU=
-----END CERTIFICATE-----